• Harshit Agarwal, MD and co-founder at Appknox


• 11.06.2026 11:00 am
#AISecurity #Cybersecurity

Banks are no longer experimenting with AI. They are operationalizing it across fraud detection, underwriting, transaction monitoring, customer support, and personalized financial services. The next phase is even more significant: agentic AI systems capable of making increasingly autonomous decisions with limited human intervention.

Recent discussions around advanced AI systems like Mythos have largely focused on the risks of the models themselves. But the bigger risk to banking infrastructure may sit elsewhere entirely. The next major breach in financial services is more likely to originate from an insecure API, compromised third-party integration, vulnerable software component, or poorly governed AI workflow than from the model itself.

Regulators are already signaling concern. The Bank for International Settlements (BIS) has warned that wider integration of AI into core financial operations could amplify financial vulnerabilities, particularly when institutions rely on opaque systems, interconnected third-party infrastructure, and insufficient oversight.

An attacker doesn’t necessarily need to compromise the AI model itself. Manipulating the API layer that’s feeding transaction data into an autonomous fraud engine may be enough to influence how risk is interpreted at scale. Similarly, compromised third-party services or poisoned data sources could cause downstream systems to make flawed decisions that appear entirely legitimate.

As AI-driven financial systems become more autonomous, decisions affecting everyday banking outcomes may increasingly occur without consumers fully understanding how or why they are being made.

As AI becomes embedded across financial workflows, banks face three emerging categories of risk.

The first is integrity risk. AI systems are only as reliable as the data, APIs, and services feeding them. Manipulated inputs, prompt injection attacks, or compromised integrations can influence how AI interprets transactions, customer behavior, or fraud signals, creating outcomes that appear legitimate but are fundamentally flawed.

The second is dependency risk. Modern financial institutions increasingly rely on interconnected ecosystems of cloud providers, third-party models, APIs, software components, and external data sources. Every new dependency expands the attack surface and introduces vulnerabilities that banks may not fully control or even fully understand.

The third is trust risk. Consumers already have fragile confidence in digital security. According to Appknox’s recent Cyber Anxiety report, 56% of consumers express only moderate or low confidence in mobile app security, while another 56% are concerned about the financial impact of a breach. More importantly, 35% believe app developers and companies themselves are primarily responsible for protecting their data.

Consumers may never know whether AI influenced a declined transaction, fraud alert, loan eligibility assessment, or an account restriction. But they will absolutely know when trust is broken. Security failures in AI-connected systems won’t be viewed as isolated technical incidents but instead as customer confidence events.

Banks and regulators, therefore, need to evolve beyond traditional vulnerability management. The challenge is no longer simply identifying flaws. It’s understanding which AI-connected exposures represent real exploitable risk before they impact customers, compliance, or financial stability.

Addressing that challenge requires security programs that go beyond scanning models in isolation. Institutions need to continuously evaluate the applications, APIs, and third-party systems feeding AI workflows, prioritize exploitability rather than vulnerability volume, validate runtime behavior instead of relying solely on static compliance, and maintain human oversight for decisions with significant customer or regulatory impact.

AI will absolutely help banks move faster and deliver better customer experiences. But institutions cannot afford to race toward AI adoption without giving equal attention to resilience. Customers trust banks with their money, their data, and increasingly, decisions that affect their financial lives. The institutions that secure every layer surrounding AI, not just the intelligence itself, will be the ones that preserve that trust.