NEW YORK — Banks are rapidly adopting artificial intelligence tools, but many institutions still lack the governance structures and risk controls needed to manage the technology effectively, according to a new report released by Wolters Kluwer.
The company said its new “U.S. Banking AI Risk and Governance Index” analyzed responses from 230 U.S. banking professionals representing institutions ranging from community banks with less than $1 billion in assets under management to banks with more than $50 billion in assets. The report examined how banks are approaching AI implementation, governance and risk management.
According to Wolters Kluwer, the findings suggest AI adoption has shifted from a future initiative to an operational necessity for many financial institutions, even as governance frameworks struggle to keep pace.
‘Quickly Shifting’
“As AI adoption has quickly shifted from a future plan to a must-have, AI governance remains an elusive target as banks face increased pressure to leverage the technology,” Aoife May, product strategy associate director at Wolters Kluwer Financial & Corporate Compliance, said in a statement released with the report.
May said the report identified “a clear gap” between the speed at which institutions are deploying AI and the accountability and transparency consumers expect.
“These organizations need to have clear oversight and guardrails in place, including humans-in-the-loop, to ensure AI can unlock business value instead of opening them up to increased scrutiny,” May said.

Governance, Validation Top Concerns
According to the report, 36% of respondents identified model governance and validation as the biggest risk factor associated with scaling AI adoption.
The report also found that many banks believe they remain unprepared to respond to AI-related incidents.
Among the findings:
- 72% of respondents said their institutions were least prepared for reporting or shutting down an AI-related incident.
- 37.83% said regulatory reporting of an AI failure represented their biggest preparedness gap.
- 34.35% said their institutions lacked model “kill-switch” protocols to shut down problematic AI systems.
Collections, Lending Seen as Highest-Risk Areas
Wolters Kluwer said collections and recovery functions were viewed as the banking areas most likely to create consumer harm or regulatory exposure when AI is used.
According to the report:
- 35.22% of respondents identified collections and recovery as the highest-risk banking function for consumer harm or regulatory scrutiny.
- 25.22% identified credit risk and underwriting as the next-highest risk category.
The report said concerns were particularly elevated because collections often involve financially distressed consumers and operate in areas with less-developed regulatory oversight.
Respondents also expressed concern over the use of “agentic AI” — systems capable of acting autonomously within workflows.
According to Wolters Kluwer:
- 33.04% cited lending and underwriting workflows as the leading area of agentic AI risk
- 30.43% identified collections and recovery functions as a major risk area for agentic AI deployment
The findings suggest banks are particularly concerned about AI use during what the report described as consumers’ “most vulnerable financial moments.”
Human Factors Also Seen as Key Risks
The report found behavioral and cultural issues represented some of the largest human-centric AI risks within financial institutions.
Among respondents:
- 34.21% identified automation bias as the greatest risk to AI safety frameworks.
- 27.19% cited misalignment of incentives as a major concern.
Wolters Kluwer said risk mitigation — rather than regulatory compliance alone — was identified as the primary driver behind safe AI adoption strategies.
According to the report:
- 36.52% said risk mitigation was the biggest factor driving safe AI adoption.
- 30% identified regulatory compliance as the primary driver.
The report is available here.




