A leading banking regulator has issued a stern warning over the risks that financial institutions face as they move to integrate artificial intelligence (AI) and machine learning (ML) into governance operations.

Speaking this week, Bank of Spain Governor, Pablo Hernandez de Cos, underlined the pressing need for robust risk assessment as these emerging technologies become more commonplace.

The comments come amid continuing debate over the threats and opportunities posed by AI and ML, as industry leaders grapple with how their usage may impact upon global financial stability. Critical questions remain unanswered.

Speaking in Washington, Hernandez de Cos said:

“My main message is that the use of AI in banking raises important prudential and financial stability challenges. Left unchecked, such models could potentially amplify future banking crises.”

Mr. de Cos, who is also chair of the international Basel Committee on Banking Supervision, described how international networks between financial institutions are set to expand and strengthen in the digital era.

The trajectory puts growing responsibility on the shoulders of banks and law makers to establish baseline regulatory frameworks capable of monitoring the presence of AI and ML in the global financial ecosystem.

“When it comes to banking, it is critical that banks anticipate and oversee the risks and challenges posed by AI/ML – both at the micro and the macro level – and incorporate them in their day-to-day risk management and governance arrangements,” Mr. de Cos added.

Know the risks

The Basel Committee is preparing to release a more in-depth review of this period of digitisation, how the financial industry needs to adapt, and how supervisory measures should change as a result. The findings will have far-reaching effects for organisations at every level.

Speaking to GRC World Forums recently, corporate compliance and governance leader, Matt Kelly outlined some of the pitfalls that exist for businesses as they push to harness new tech.

“Lack of personnel who can easily navigate the IT, audit, and legal issues all coalesce into one knotty risk management problem with AI,” Kelly said.

“If you don’t have the right people on your team, or they’re not managing work in smart, efficient ways, then outside help won’t solve your problems,” he added.

Business leaders can stay on top of the global conversation next month at PrivSec & GRC Connect Atlanta, where industry experts will discuss how new technologies need to be embraced in order to optimize performance and mitigate risk.

Not to be missed at PrivSec & GRC Connect Atlanta:

The State Of Global Privacy Laws: Key Updates

  • Date: Wednesday 22 May, 2024
  • Time: 1:15-2:00pm CST

The landscape of privacy laws is in a constant state of flux, shaped by technological advancements, evolving societal norms and legal developments.

As the digital realm transcends geographical boundaries, a panel explores the interconnected nature of privacy regulations, emphasizing the need for a harmonized approach to data protection.

From the European Union’s General Data Protection Regulation (GDPR) to California’s Consumer Privacy Act (CCPA) and emerging frameworks in Asia and beyond, the discussion sheds light on the diverse regulatory frameworks shaping the global privacy landscape.

AI Regulation: What Businesses Need to Know in 2024

  • Date: Wednesday 22 May, 2024
  • Time: 15:00-15:45pm CST

This discussion convenes experts at the intersection of artificial intelligence (AI) and regulatory compliance to provide insights into the evolving landscape of AI governance. Against the backdrop of rapid technological advancements and increasing public scrutiny, the panel will delve into crucial topics such as emerging regulatory frameworks, ethical considerations, data privacy concerns and the impact of AI on various industries.

Attendees will gain a comprehensive understanding of the regulatory landscape surrounding AI in 2024, enabling businesses to navigate compliance challenges effectively while harnessing the transformative potential of AI responsibly and ethically.


  • Awais Bajwa, Founder, CEO & Chief Technology Officer, Ophthalytics Inc

Discover more at PrivSec & GRC Connect Atlanta

PrivSec & GRC Connect Atlanta will be a gathering of the most influential GRC, data protection, privacy and security professionals, to present, debate, learn and exchange ideas.

  • Thought leaders, industry experts, and senior professionals from high-profile companies sharing their knowledge, case studies, and real-world experience
  • Actionable insights and strategies to help you elevate your GRC expertise
  • Valuable networking opportunities to connect with peers and expand your professional network
  • Unlock your full potential in GRC! 

PrivSec & GRC Connect Atlanta takes you to the edge of the debate, uniting the most influential GRC, Data Protection, Privacy and Security professionals, to present, debate, learn and exchange ideas. 

This dynamic and content-rich experience takes place at the Atlanta Convention Centre over May 22 and 23.

Click here to register for free to PrivSec & GRC Connect Atlanta