Red Oak's Podcast

FINRA Warns about GenAI Risks in 2026 Regulatory Oversight Report

Red Oak

Share episode

Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.

0:00 | 12:48
Speaker 1

Welcome back to the deep dive. Today we're uh we're really strapping in. We are tackling FINRA 2026 regulatory oversight report. It's nearly 90 pages, and I mean, honestly, it reads like a huge warning siren for generative AI.

Speaker 2

It really is. It's like watching a speeding train head for a broken bridge. Yeah. That's the feeling you get. The industry is moving so fast, you know, adopting Gen AI for efficiency summarizing research, drafting emails. But this report, it just confirms our biggest worry. The governance, the rules to manage this tech are lagging way, way behind how fast it's being .

Speaker 1

And that tension is really the core of it all, isn't it? What Fenera is saying here, it couldn't be clearer. Firms are not getting a grace period.

Speaker 2

No. They're sending a really strong signal that innovation, no matter how cool or efficient it is, doesn't get you a pass on accountability.

Speaker 1

Right.

Speaker 2

Exactly. I mean, if you're using a new large language model for, say, anything that touches a financial record or a client communication, that output is immediately subject to rules that have been around for decades.

Speaker 1

All the existing stuff, record keeping, supervision, transparency.

Speaker 2

All of it. The bedrock of regulation. It all still applies, even if the tech feels brand new. The fact that there isn't some formal AI rule book today is not going to protect you from a failure tomorrow.

Speaker 1

I think that stance is so telling. It just reframes the whole conversation. We're not waiting for new laws. We're applying these, I guess, almost ancient principles to technology that feels like it's from the future. Okay, so let's unpack this. Our mission here is to break down the specific risks FINRA is flagging and then look at what's actually required to build AI that regulators can, you know, trust.

Speaker 2

A nd to set the stage, you have to remember the pressure firms are under. The opportunity with Gen AI is just massive. You know, pulling information, summarizing calls, automating workflows. If you hesitate, you risk falling behind. So there's this huge incentive to just rush it out the door.

Speaker 1

That speed, that's the thing. It reminds me of when email first took off in the early 2000s. Firms had this super fast communication tool that just blew past their old paper-based supervision. This report feels like history repeating itself, but the risk is exponentially higher.

Speaker 2

That's a great analogy.

Speaker 1

Because the technology can act on its own. It's not just FAF.

Speaker 2

That's exactly. FINRA's big warning is that accountability is not negotiable. And they're already seeing these risks emerge in firms that are sort of treating Gen AI like it's just another IT project.

Speaker 1

Instead of a massive governance challenge.

Speaker 2

A critical governance challenge. The oversight has to cover everything, not just the final output, but the AI's internal process. If an AI action creates a financial record, that whole process needs its own auditable record.

Speaker 1

We should probably pause on that for a second. The gravity of this. This isn't just about getting a fine. It's about a complete breakdown of supervision that could, you know, lead to real investor harm or market issues. Which brings us right to the core of the report. This is where it gets really specific. FINRA lists out seven uh distinct categories of risk for Gen AI agents.

Speaker 2

A nd this list of seven risks, this is the roadmap for any firm's compliance strategy. If you ignore this list, you're basically ignoring what regulators are going to be looking for in their next exam.

Speaker 1

Okay, so let's dig in. Let's start with the one that, I mean, it hits the core of supervision itself, autonomy risk.

Speaker 2

This is the big one. It's the inherent danger in letting these AI agents, these programs that do things on their own act, without a human in the loop, to validate and approve the action. The risk here isn't just a mistake, it's an action you can't take back.

Speaker 1

And we're not talking about a helpful little chat bot.

Speaker 2

Not at all. We're talking about an AI agent that might be executing trades or submitting regulatory filings or even making client recommendations without any human sign-off that you can trace. That just fundamentally breaks supervision rules.

Speaker 1

And the consequence there would be devastating. If a firm can't prove a human approved it, it's an immediate failure of supervision. Okay, risk number two: scope or authority risk.

Speaker 2

This is the straying agent. Yeah. The AI starts doing things beyond what you intended. So maybe you set it up to summarize meeting minutes, but because of some vulnerability or weird chain of commands, it starts pulling proprietary client data from a server it was never ever supposed to touch.

Speaker 1

So scope creep that leads to a massive data breach.

Speaker 2

A massive data governance failure, exactly.

Speaker 1

Okay. Number three, and this has to be the nightmare scenario for any chief compliance officer, auditability risk, the classic black box problem, just amplified.

Speaker 2

It is. It's the inability to explain why an AI made a certain decision. As these AI tasks get more and more complex, with multiple steps, tracing the output back to the input can become almost impossible.

Speaker 1

So an examiner walks in and asks why a specific client got a certain email.

Speaker 2

And if your firm can't show the exact data, the prompt, and all the steps the AI took to create that email, you failed the exam. If you can't trace it, you can't audit it. Period.

Speaker 1

That makes perfect sense. Transparency isn't optional. Let's talk about number four, data sensitivity risk.

Speaker 2

This one hits close to home because financial firms handle the most sensitive day there is. The risk is that an AI agent working on that data, say, analyzing a client's portfolio, accidentally stores it or discloses it or misuses it. The danger is really acute when firms use those big third-party general models where the terms of service might let them use your data to train their models in the future.

Speaker 1

And you've just exposed all your proprietary information.

Speaker 2

Potentially, yes.

Speaker 1

Okay. Which leads to the intelligence gap number five. Domain knowledge risk. This feels especially important for finance where everything is so specific.

Speaker 2

It is. General purpose models, they're trained on the whole internet. They're generalists, they're not specialists. They just don't have the deep, nuanced knowledge to handle really complex industry-specific tasks. Think about tax codes or specific regulatory filings. An LLM might get it right 95% of the time.

Speaker 1

But that 5%.

Speaker 2

That 5% where it fails because it doesn't get the nuance can lead to a catastrophic compliance error.

Speaker 1

Okay, risk number six is where things get really uh ethical and structural. Reward misalignment risk. This sounds subtle, but the impact could be huge.

Speaker 2

It is subtle and it's insidious. The problem happens when the reward functions, basically the goals you program the AI to achieve are poorly designed. For example, say you reward an AI only for generating a high volume of marketing leads really fast, but you don't penalize it for compliance breaches in those leads.

Speaker 1

Then it's going to optimize for speed and volume and ignore compliance.

Speaker 2

It will inevitably create high volume aggressive marketing that's completely non-compliant. The AI did what you told it to do, get leads, but it ended up harming investors or the firm in the process.

Speaker 1

That's a perfect illustration of why setting those parameters is a governance job, not just a coding job. You're literally telling the machine what success looks like.

Speaker 2

Exactly. And if compliance isn't part of that definition, you're programming for failure.

Speaker 1

And finally, number seven, the catch-all. General risks.

Speaker 2

Right. This is the bucket for all the known issues we've been talking about for years. Things like bias creeping into the models, hallucinations where the AI just makes stuff up, and basic privacy issues. These aren't new, but Gen AI just puts them on steroids and injects them deep into your workflow.

Speaker 1

Wow. That is a very comprehensive list. And it paints a really clear picture. If you deploy this technology without a governance structure, you're just accepting a huge amount of risk. So what does this all mean? We have the seven pitfalls. Now let's connect the docs to what a solution actually looks like. What do firms need to build?

Speaker 2

The whole framework has to be built on principles that directly counter each of those risks. You have to embed the compliance controls before the model ever touches the data, not try to bolt them on after the fact.

Speaker 1

Okay, so let's start with that big one: autonomy risk. If the AI can't run free, that means you need mandatory human intervention. But doesn't that just defeat the whole purpose? Isn't that just adding back the inefficiency?

Speaker 2

That is the critical question. The goal isn't to make the human do all the work again. The goal is to have the human do the approval. AI should be used to speed up the review, to increase the quality, and to reduce risk. And that only works if a human is there for oversight and for the final sign-off on every critical review. The human guides it and the human approves it. It's about accelerating governance, not removing it.

Speaker 1

Okay. So what about scope and authority risk, the agent that goes rogue? How do you keep the AI in its cage effectively?

Speaker 2

Through very strict confinement, you have to limit the AI agents only to the very specific tasks they're configured for. A compliant solution will only review and return findings based on parameters set by a human administrator.

Speaker 1

So if its job is to review marketing, it physically cannot touch trading records.

Speaker 2

It cannot. By architectural design, it has to be partitioned off.

Speaker 1

Right. Now for auditability risk, explaining the why, this is the cornerstone of any regulatory exam. How do you build in that transparency?

Speaker 2

By mandating a visible chain of custody for every decision. Each AI review has to return not just the finding like this violates rule X, but also the specific reasoning and the source in the content that triggered it. And ideally, the system should also suggest how to fix it. That helps the user and it gives an auditor even more clarity on the why.

Speaker 1

And this ties right into a critical piece of infrastructure we need to spell out for you, the listener: 17a-4 compliance. For anyone not deep in the weeds of archiving roles, why is this the absolute foundation? What happens if a firm gets this wrong?

Speaker 2

Well, the whole structure just collapses. Rule 17a-4 is the SEC and FINRA rule that says firms have to preserve their books and records, which includes electronic communications, in a very specific, tamper-proof, time-stamped format for years.

Speaker 1

Usually seven years or more.

Speaker 2

Right. So if your AI is part of any communication workflow, the framework must ensure that everything, the data, the prompts, the AI's output, the human's review, is all stored in a 17a-4 compliant data store. If you fail to do that, you can't produce records for a regulator, and that means severe penalties.

Speaker 1

So the AI's activity has to be treated with the same weight as an official trade confirmation. Okay, moving to data sensitivity risk. How do firms stop their proprietary data from, you know, training their competitors' models?

Speaker 2

This is all about vendor management and security architecture. Firms must use secure, enterprise grade models where the contract absolutely guarantees that your information is never stored by the third party and critically is never used to train their models.

Speaker 1

You need ironclad guarantees.

Speaker 2

Ironclad. Legal and technical. Your standard generic API just isn't going to work for sensitive financial data.

Speaker 1

And what about that domain knowledge gap, especially since the financial rule book is always changing?

Speaker 2

The solution is configurability. The AI can't just be a general black box. Firms must be able to customize the prompts and the rules based on the fine-grained details in their own internal rulebooks, their written supervisory procedures or WSPs. Different products, different rules. The AI has to be guided by the firm's specific living WSPs so it acts like a specialist, not a generalist.

Speaker 1

And finally, how do you mitigate those general risks like hallucinations and that reward misalignment problem?

Speaker 2

You have to treat the AI not as a product you just deploy, but as an ongoing process of quality control. It requires a constant feedback loop, user feedback, prompt refinement, continuous monitoring. That's the only reliable way to improve accuracy and make sure the AI is optimizing for compliance and safety, not just for speed.

Speaker 1

So if we tie all of this back to the big picture, what FINRA is saying here, it really all boils down to one concept. AI governance isn't some new magical thing. It's just an extension of the standards firms are already supposed to be upholding.

Speaker 2

Exactly. The message is the rule is the rule, no matter how the method changes. The key takeaway for you, the listener, is that you can't look at AI as a shortcut or a way to, you know, cut compliance staff. That whole perspective is just fundamentally flawed.

Speaker 1

Instead, it has to be adopted as a supervised, auditable extension of a compliance program that's already strong. It has to live inside a framework that regulators already understand and can easily examine.

Speaker 2

Which leaves you with a really important question to consider for your own firm's strategy. Given how fast AI is being adopted and the very real risk of that reward misalignment, how much systemic risk are firms carrying right now by just experimenting with general tools that don't have these guardrails? And with FINRA's guidance being so clear, why is adopting a purpose-built solution, one that's built with regulatory guardrails from day one, why is that shifting from just a competitive edge to an absolute necessity for survival? It really feels like the clock is ticking and accountability will catch up to innovation.

Speaker 1

That is essential food for thought. Thank you for joining us on this deep dive. We'll see you next time.