Welcome to my third quarterly note. Each edition shares insights from our team, perspectives on the future of retail banking, and updates on key issues shaping the industry. I’d love to hear from you anytime.

---

The Quick Shift in Washington

In Washington, policy often changes slowly. But occasionally, a single event forces policymakers to see a familiar issue differently.

Anthropic’s Mythos program appears to have done that for artificial intelligence.

According to reporting on the program, Anthropic used Claude to identify software vulnerabilities at a scale that quickly raised cyber and national security concerns. Anthropic co-founder Dario Amodei described the pace plainly: about a year ago the company began using Claude to identify vulnerabilities; three months ago, it found around 20 in Firefox; today, it is finding tens of thousands.

The concern wasn’t just that the AI had gotten remarkably good at finding these flaws. It was the obvious next question: if AI can find vulnerabilities at that scale and speed, what’s to stop someone from using it to exploit them?

The implications landed quickly. A federal posture widely viewed as more hands-off suddenly looked more complicated.  The conversation quickly shifted from whether AI needed guardrails at all to whether the most powerful systems should undergo government review before public release. Some even floated an FDA-style model requiring federal sign-off before a frontier AI system ships.

Last week it was reported that the White House reconsidered signing an Executive Order that would have given agencies the ability to review these powerful AI models prior to their release. Whether that idea goes anywhere, the direction of travel is clear. Washington went from hands-off to asking hard questions very quickly.

For banks, Mythos is a signal.

AI is moving even further into the systems that detect fraud, monitor cyber threats, support customers, inform credit decisions, and move money. As banks adopt these tools, the rules and controls around them need to keep pace. While AI is a powerful tool for managing risk, it also introduces new and distinct risks.

Banks are accustomed to managing risk—it is in the DNA of banking. Capital, liquidity, credit, and operational risk (among others) are each governed by established frameworks.

To date, banks have largely managed AI as operational risk, governed by the same two frameworks: Model Risk Management (MRM) and Third-Party Risk Management (TPRM). In plain terms: MRM is how banks test, monitor, and govern complex models driving decisions like credit approvals and fraud detection. TPRM is how banks oversee outside technology partners — cloud providers, software vendors, and AI developers — whose systems are woven into modern banking.

Both frameworks have existed for years, and both discuss risk management in three different stages: testing before you deploy, monitoring while you use, and having a plan in case things go wrong.  

Last month, banking regulators (the Fed and OCC) updated their interagency MRM guidance—and they specifically carved generative and agentic AI out of updated MRM guidance altogether.

While regulators have suggested there may be other risk management and governance tools to specifically support the adoption of generative and agentic AI, we believe many of the core principles of MRM are a good starting point. And yes, things have changed: whether it’s within the MRM framework or in a new guidance framework, technology and complexity may make it harder to test every scenario before deployment. But banks are well-trained in dealing with uncertainty and probabilities. A question worth considering is whether risk managers and, importantly supervisors, can compensate by placing greater weight on continuous monitoring, ongoing audit, and real-time circuit breakers to catch problems as they emerge rather than trying to anticipate each one in advance.

In other words, wherever we land with new guidance, in this new world, we need to learn to compensate for certainty up front with more vigilance throughout.

The Three Core Questions Banks and Policymakers Must Answer

First, what guardrails will allow AI innovation to continue while protecting consumers and the financial system?

This question is becoming more vital as AI moves beyond the analytical systems banks have used for decades. Generative and agentic AI systems can generate new and varied outputs from the same inputs, make decisions, and take autonomous actions through agents.

At the same time, banks increasingly rely on a growing and rapidly evolving ecosystem of third-party relationships, including AI vendors, cloud providers and frontier model developers.

Regulators and banks need to understand what happens when a critical AI provider changes its model, experiences an outage, suffers a cyber incident, or becomes difficult to replace.

Second, are Model Risk Management and Third-Party Risk Management still the right frameworks for governing these new AI capabilities?

Broadly speaking, many of the governing principles of these frameworks are still applicable.  While generative and agentic AI present unique challenges, the underlying governance challenges remain substantially the same. MRM and TPRM ask the right basic questions: how does the model work, how is it tested and monitored, who is accountable, and how do banks oversee outside providers?

These principles-based frameworks have supported safety, soundness, and consumer protection for years, and can be the right starting point for AI.

This leads us to the third question: How  must MRM and TPRM adapt to remain effective in an era of generative and agentic AI?

Both MRM and TPRM can remain effective if adapted to the realities AI now creates: continuous model change, autonomous decision-making, third-party dependency, concentration risk, unclear accountability and failures that can scale quickly.

Regulatory Clarity Unlocks Innovation. Ambiguity Kills It.

Clear rules have often helped propel financial innovation.

As CBA highlights in a recent letter on AI, the Electronic Fund Transfer Act (EFTA) did not prevent electronic payments from growing; it helped them scale. By establishing baseline consumer protections and liability expectations, EFTA gave consumers greater confidence in electronic payments and gave financial institutions a clearer framework for offering them.

AI Needs the Same Kind of Clarity

We are at a similar EFTA moment now. AI systems are beginning to act on consumers’ behalf: searching, shopping, paying, and moving money — without requiring a human to authorize each individual step. As CBA’s agentic AI white paper makes clear, the question of who is responsible when an AI agent makes a mistake, sends money to the wrong place, or gets exploited by a scammer is not yet fully answered.

At the same time, AI tools may accelerate consumer adoption of new payment methods, including stablecoins, tokenized assets, cryptocurrency rails and blockchain-based protocols such as Coinbase x402. These systems may lack the chargeback protections, payment reversals, or dispute mechanisms consumers have come to expect in traditional banking.

Ambiguity can slow responsible adoption, increase litigation risk, and expose consumers. Clear guardrails give responsible institutions room to innovate, promote consumer confidence, and give regulators visibility into risks before they scale across the financial system.

Two Outstanding Considerations

While this piece focuses on the current regulatory frameworks for AI in banking, there are two broad areas of ambiguity policymakers must also address as they balance innovation with safety and consumer protection.

First, while banks adhere to these regulatory frameworks and are examined for them, broadly speaking, non-banks offering similar services, and utilizing some of the very same AI tools are not. There should be consideration of applying the same principles-based frameworks to all market participants.

Second, guardrails support innovation, but only with a single centralized and modernized federal framework that preempts conflicting state laws and provides banks, regulators, and technology providers with a common foundation for managing AI risks. Without one, a state-by-state patchwork will fill the gap. In 2025 alone, states introduced more than 1,200 AI-related bills and enacted 145 into law. Innovation cannot scale on fifty different sets of rules.

Applying MRM and TPRM in the AI Era

Regulatory clarity should not mean a rigid, one-size-fits-all AI regime. MRM and TPRM work best when applied as flexible, principles-based and risk-based tools, not box-checking exercises.

Unlike more deterministic systems, generative AI models evolve continuously, can produce different outputs from the same inputs, and do not lend themselves to static, point-in-time validation. The result is a growing disconnect between what current guidance contemplates and what is operationally viable.

Model Risk Management Remains an Important Tool Banks and Regulators Have for AI Governance—But It Should Be Enhanced for this New AI Era

The modern MRM framework emerged in 2011 through Federal Reserve and OCC guidance known as SR 11-7 (recently updated by the joint agencies last month). That framework established foundational principles of model governance, validation, monitoring, and effective challenge.

Banks and regulators now need to adapt how this or similar frameworks are applied for probabilistic, constantly updated systems capable of autonomous actions.

Following CBA’s Agentic AI Symposium in September, CBA has worked closely with our members, and engaged with policymakers including U.S. Treasury, and the Financial Stability Oversight Council on considerations for modernizing MRM for AI. As CBA has noted in its recent comments to the FSOC, the shift should be toward continuous real-time monitoring and post-deployment auditing rather than relying too heavily on pre-deployment validation.

In practice, that means greater emphasis on ongoing performance evaluation, explainability and transparency where possible, boundary and stress testing, human oversight, escalation protocols, and governance around training data, prompts, and model drift.

Third-Party Risk Management Must Evolve Too

Historically, TPRM was a procurement exercise focused on contracts, due diligence, and periodic review. In an AI-enabled banking environment, third party oversight must be something more: a disciplined focus on whether critical services can keep working safely when technology changes, fails, or behaves unexpectedly.

Further, the modern banking infrastructure is interconnected. Generative and agentic AI systems can interact dynamically with APIs, internal platforms, external vendors, and customer-facing tools. They can make decisions and trigger downstream actions in seconds.

Former Acting Comptroller of the Currency Michael Hsu highlighted this challenge in the context of agentic AI, interconnected vendors and machine-speed decision-making. He cited an example that involved an AI coding agent reportedly erasing a production database in nine seconds. When autonomous systems interact with critical infrastructure, failures can move faster than traditional oversight allows.

That raises practical questions. What happens if a bank’s fraud detection depends on a single AI model? What does failover look like in an AI-integrated banking environment? How should a bank assess substitutability when a handful of providers control foundational capabilities? What level of access, transparency, or supervisory visibility is needed when a third-party AI provider supports a critical banking function? These questions increasingly resemble the concerns regulators evaluate with core processors, cloud providers and payment infrastructure.

That does not mean TPRM guidance all needs to be discarded. It means, however, regulators and industry should consider adjustments where necessary and adapt how they apply it to reflect the realities of AI-enabled banking.

Last Friday, CBA, along with the American Fintech Council , Independent Community Bankers of America, and Coalition for Financial Ecosystem Standards released TPRM recommendations addressing today’s vendor ecosystem: one where banks have hundreds or thousands of third party relationships, rapidly evolving technology stacks, and growing reliance on a smaller number of hyperscale AI and cloud providers that present substitutability challenges.

The report stems from a roundtable convened by CBA this month that brought together experts from banks, leading technology providers, industry associations, and current and former banking officials.

The recommendations urge regulators to preserve a principles-based materiality risk-focused approach to third party risk management while adapting supervisory expectations. Recommendations emphasize developing practical oversight standards for concentrated vendors and downstream relationships, enforcing greater consistency and training of examiners, and establishing public-private standards. Further, the recommendations stress the importance of streamlined due diligence practices and acknowledge AI itself could support TPRM risk management.

Modernize, Don’t Discard: Bringing Banking’s Risk Frameworks Into the AI Era

The Mythos moment shows how quickly AI capabilities can change the policy conversation. For banks, it also shows why governance must keep pace with deployment.

Thankfully, the banking system is not starting from scratch—whether the frameworks used for agentic and generative AI are called TPRM and MRM or something else entirely, the questions these frameworks work to address, and their principles, risk-based approach is a strong starting place.  Yet these frameworks must be modernized in their application so banks and regulators can keep governance moving at the speed of deployment while preserving space for responsible innovation.

For detailed recommendations on MRM and TPRM see these resources:

• See CBA’s recommendations on MRM (page 6) of CBA’s Supplemental Letter to FSOC on AI Innovation HERE.

• See CBA’s (with AFC, ICBA, CFES)  TPRM Observations and Recommendations for Federal Banking Agencies HERE.

• See CBA’s white paper on Agentic AI Payments: Navigating Consumer Protection, Innovation, and Regulatory Frameworks HERE.