Microsoft Copilot for Finance is already live in most bank Microsoft 365 tenants. Here is what compliance and technology leaders must configure before the next examiner visit.
SR 26-2, the FS AI RMF, and NYDFS Part 500 have converged to create a new AI governance baseline for U.S. banks and fintechs. Here is a practical four-pillar framework mapped to each regulatory requirement.
SR 26-2 replaced SR 11-7 in April 2026. Here is what financial services technology leaders need to know about building a model risk management framework that meets the new risk-based, materiality-driven standard.
The Treasury's FS AI RMF is built directly on the NIST AI RMF's four-function structure. Here's what bank technology leaders need to understand about both frameworks — and three actions to take now.
SR 11-7 was replaced by SR 26-2 in April 2026. This complete guide covers what changed, what stayed the same, and the AI governance gap that banks must address now.
AI is reshaping data governance at banks — from training data lineage to model data quality to FS AI RMF regulatory requirements. Here is what CDOs and CTOs need to do now.
The OCC signals AI model risk guidance is coming. The SR 11-7 governance gap is documented. Here is what your institution needs to do before the RFI drops.
The OCC's Spring 2026 Semiannual Risk Perspective announced a forthcoming RFI on AI use at banks, including generative and agentic models. Here's what it means and how to prepare.
JPMorgan, Goldman Sachs, and Citizens Bank have published their AI ROI numbers. Here's what's working, where the gains are concentrated, and why most banks are still stuck in pilot.
The FFIEC CAT is retired and NIST CSF 2.0 is the new standard. Here's how bank technology leaders should sequence a zero trust implementation in 2026.
The NYDFS October 2024 industry letter explicitly applied Part 500 cybersecurity requirements to AI systems. Most NY-regulated banks haven't acted. Here's what's at risk.
The regulators just told you the dominant risk framework for model governance doesn't cover the AI systems your institution is now deploying. Here's what to do about it.
