Global regulators of the financial services sector are significantly less advanced in their usage of AI than members of the industry, according to a new report from the Cambridge Centre for Alternative Finance.
The research institute found a stark gap between the self-reported adoption maturity of AI by regulators and those they regulate.
Some 40 per cent of the 130 regulators surveyed are still in the exploration stage, with only two per cent at the most advanced stage and using AI to transform their operations.
In contrast, 40 per cent of financial services providers, both traditional financial institutions and FinTechs, said they are in either the scaling or transforming stage of AI adoption.
The report said this is likely driven by institutional context, with firms operating in competitive markets having strong incentives to quickly find commercial and operational value in AI. Regulatory bodies tend to have lower risk tolerances and different procurement constraints and institutional incentives, leading to more cautious adoption.
The institute added that the gap is compounded by resource constraints, including limited access to internal technical talent and data infrastructure, and restricted investment availability, leading to a structural divide between regulators and financial services providers.
Almost half of regulators cited AI training and capacity building as the main barrier to AI adoption, while only 17 per cent of industry respondents listed it among their top six issues.
Forty-seven per cent of regulators surveyed said a lack of AI and machine learning talent is a key issue, while 41 per cent of financial institutions named it as a stumbling block in their AI adoption journey.
The study also found that most regulators face constraints in monitoring AI in the financial services sector, particularly driven by limited internal expertise or resources and insufficient technical experience with AI.
This, in turn, means that regulators may not be equipped to deal with the unique risks that the rapid evolution and adoption of AI in the industry creates, particularly when it comes to handling the limitations of human-in-the-loop governance mechanisms.
“Regulators generally maintain the principle that financial firms should remain accountable for harms, including cyber-attacks, whether AI is built in-house or supplied by third parties,” the report said. “That position becomes harder to apply in the context of more autonomous systems that are provided and managed by third party vendors.”
In this context, the report continues, traditional approaches to oversight by regulators “may no longer be sufficient.”
The Cambridge Centre for Alternative Finance called for regulators to adopt their own agentic AI capabilities to match those used by financial institutions, suggesting that without systems that can monitor, test, and respond to risks at the speed of a machine, regulatory capacity may lag technological reality.
This, it said, would increase the likelihood of rapid, system wide disruptions, risks and harm to market participants.
.jpg "Papa Johns rolls out AI-powered ordering assistant through Google Cloud")