AI in finance: guardrails before stability turns risky

The Bank of England is right to shine a spotlight on artificial intelligence and financial stability — but it's squinting at models when it should be scanning the plumbing.

Start with the easy part: yes, AI changes how trading desks, credit scoring, and liquidity management behave. Saying that deserves regulatory attention isn't a hot take; it's basic risk hygiene.

Where the conversation goes off-track is what the Bank’s “Financial Stability in Focus: Artificial intelligence in the financial system” framing nudges everyone toward: model risk, explainability, and whether the algorithms can justify themselves to supervisors.

Fine. Model governance matters.

But if regulators fixate on whether a model can explain itself and ignore the infrastructure that surrounds it, they'll miss the thing that actually blows up a market.

Here’s what nobody tells you: financial AI isn’t just math; it’s supply chain. Data supply chains, infrastructure supply chains, decision-making supply chains. The fragile bits aren’t always the models. They're the pipes.

Financial institutions are already concentrated on a handful of cloud providers and data vendors. Those aren’t abstract suppliers; they're systemic nodes. A single bug, outage, or targeted attack upstream can propagate faster than any mis-specified credit model buried deep in a bank’s balance sheet.

Model outputs are only as useful as the data pipelines, APIs, and versioned training sets that feed them. You can audit a neural net until the cows come home; if the data lake has been quietly corrupted, or if one third-party feature feed fails in a correlated way across dozens of firms, those audits won't avert failure.

I ran operations at a large corporation; I saw outages that looked like paper cuts until they turned into haemorrhages. The pattern was always the same: nobody had a live dependency map, change control was treated as paperwork, and “we’ll fail over to the backup” turned out to be a story people told themselves, not a capability they had tested.

Give me a break: this isn’t exotic AI risk. It’s plain old operational fragility wearing a new buzzword.

The fragile spots are concentration risk, vendor lock-in, and opaque supply chains. The Bank of England should be asking for visibility not just into models but into who runs the servers, who trains the models, who owns the data contracts, and how incident response actually works across firms and vendors when several things go wrong at once.

That means some very unglamorous shifts in supervisory focus.

Require firms to maintain dependency inventories — not glossy PowerPoint lists, but machine-readable, continuously updated maps that show which third parties underpin which functions. Mandate tabletop exercises that bring in cloud and data providers as active participants, not as nameless “external service” placeholders. Insist on recovery-time objectives for AI-dependent services that can be compared across firms, instead of letting each bank define its own comfort zone in isolation. Make incident reporting for AI-related outages mandatory and granular so regulators see patterns early, instead of reverse-engineering events from delayed PR statements.

Wake up: this is closer to air traffic control than academic model validation. Supervisors need radar, not just post‑mortems.

Now, model explainability still has a real place. If a bank’s credit decisions suddenly harden because an AI system drifts and starts embedding a new bias, that’s a consumer‑protection problem and a political problem. But policing explainability without policing the upstream data supply chain is like inspecting a car’s dashboard while ignoring the worn‑out suspension and bald tires.

There’s also a historical echo here. When financial regulators first started worrying about high‑frequency trading, the public debate fixated on algorithms and speed. The big blow‑ups tended to come instead from plumbing failures — think of trading venues mis-handling orders or risk controls not wired correctly between firms. We’re replaying the same movie with AI: all eyes on the clever code, not enough on the brittle wiring behind it.

Some will argue that tighter rules will throttle innovation and push AI work offshore. Spare me that reflex. The answer isn’t to weigh down every prototype model with bank‑grade bureaucracy. It’s to tie friction to systemic impact: higher expectations for systemically important institutions and key vendors; clearer, lighter‑weight guardrails and sandboxes for smaller players who aren’t holding the system together.

You can have both: innovation at the edge and discipline at the core. Enforcing redundancy, runbooks, and cross‑party drills is not some anti‑innovation crusade; it’s what lets firms experiment without turning every new tool into a potential vector for systemic contagion.

Another objection will be that regulators don’t have the skills, so this will take years. That’s partly true — and irrelevant. Supervisors will need new technical teams and better collaboration with city authorities, cloud companies, and international peers, but that’s an argument for starting now, while the dependency networks are still tractable, rather than waiting until every mid-tier player has quietly embedded opaque AI tools in their critical processes.

Three clear moves the Bank of England should push to the front of the queue: demand live dependency maps; require joint incident drills with major infrastructure and data providers; and treat resilience metrics as a core supervisory lens, not optional guidance that gets read once and filed.

If the Bank keeps treating AI in the financial system as an intellectual puzzle about models, it will miss where risk aggregates in practice. The first serious AI‑related shock to financial stability is less likely to be a rogue model than a shared, invisible choke point that nobody bothered to map.