The 36,000-system bank isn’t an outlier. It’s a preview.
Someone at your institution is running a critical risk calculation from a laptop under a desk. You just don’t know which one.
That’s not a hypothetical. At a major bank, compliance teams discovered approximately 36,000 systems operating across the business, many running calculations that fed directly into financial decisions, some physically sitting under desks, invisible to IT and governance. It took years and a significant audit effort to surface them.
Now imagine that problem, except instead of rogue spreadsheets and outdated software, the tools are AI agents with access to internal data, personal Large Language Model (LLM) subscriptions such as ChatGPT or Gemini used to summarise sensitive client files, and model APIs called outside any sanctioned infrastructure.
The scale is bigger. The data exposure is worse. And most financial institutions, banks, fintechs, insurers, and asset managers alike, haven’t started looking yet.
Shadow AI is here, and it didn’t arrive with a memo.
The problem isn’t the tools. It’s invisibility.
Shadow I, employees using unsanctioned software, personal devices, and consumer cloud tools for work purposes has existed for decades. Financial institutions spent enormous resources trying to contain it: blocklists, device management, acceptable-use policies, and mandatory training. And yet it persisted. Because when sanctioned tools are slow, clunky, or simply not fit for purpose, people find workarounds. That is not a compliance failure. It’s a human constant.
AI has accelerated this dynamic dramatically. The tools are better, more accessible, and more capable than anything an institution’s internal technology team could have deployed five years ago. A relationship manager can summarise a 40-page client document in seconds. A risk analyst can run scenario modelling in a free-tier interface. A compliance officer can draft a regulatory response in minutes. The productivity gains are real and visible. The data exposure is real but invisible.
This is what makes shadow AI categorically more dangerous than shadow IT. It’s not just that employees are using the wrong tools. Those tools are actively processing, generating, and in some cases acting on sensitive data, without audit trails, without explainability, and without any means of regulatory defence if a decision is later challenged.
Agentic AI raises the exposure further still. We are moving from AI that assists to AI that acts: tools that can browse, query, write, submit, and execute, autonomously and at speed. If those agents are operating outside governance perimeters, the risk is not merely data leakage. It is an untracked, unauditable action taken in the name of the institution.
Restriction is not a governance strategy. It’s just latency.
“The instinct, when confronted with this picture, is to lock things down. Block the tools. Restrict access. Issue a policy. Mandate approval workflows. This is the shadow IT playbook, and it didn’t work then. It will not work now,” says Bradley Elliott, CEO at RelyComply.
The instinct to restrict is understandable. It is also self-defeating. Hard restrictions create the conditions for more shadow usage, not less. They push behaviour underground, reduce visibility, and embed the very risks they were designed to prevent. When employees cannot access AI tools through official channels, they access them through unofficial ones. Except now there is no oversight, no logging, and no institutional awareness that it is happening. The institution has not eliminated the risk. It has simply stopped being able to see it.
There is a broader cost that rarely appears in the governance conversation: competitiveness. AI is not a peripheral efficiency tool. It is rapidly becoming the primary means by which institutions analyse risk, serve customers, detect fraud, and make decisions at speed. Financial institutions that default to restriction are not protecting themselves.
They are ceding ground to those that have learned to govern AI intelligently. In a world where technology is evolving faster than any policy framework can keep pace with, the ability to move quickly and experiment is itself a strategic asset. Locking it down is not a neutral choice. It is a decision to fall behind.
The lesson from shadow IT was never properly learned. The institutions that managed it most effectively were not the ones with the strictest policies. They were the ones that invested in making sanctioned tools genuinely better than the alternatives, faster, more capable, more integrated into daily workflows, so that going off-piste carried no advantage.
The same logic applies to AI, with higher stakes.
“The question is not how to stop employees from using AI. It is how to make sanctioned AI so good that unsanctioned AI is not worth the risk,” explains Elliott.
That requires a fundamental shift in how governance is conceived: away from policies that sit upstream of technology and toward principles that travel with it. Rather than prescriptive rules that attempt to anticipate every use case in a landscape that changes weekly, a principles-based approach sets clear boundaries around data handling, transparency, and accountability, then creates space for teams to innovate within them. It balances the need for institutional control with the equally urgent need to move.
Friction-free access to approved tools, intelligence-augmented workflows that reduce complexity rather than layering approvals on top of it, and guardrails built into the technology itself, not bolted on afterward.
What the field is showing
Across the industry, the signals are consistent. Shadow AI usage is increasing in direct proportion to AI adoption, not despite it. The more visible and capable AI becomes, the more employees find workarounds when the official path is too slow or too limited. This is not fringe behaviour. It is a structural dynamic being observed at institutions of every size, type, and geography, from global banks to emerging fintechs.
Regulatory expectations are tightening in parallel. Explainability and auditability are moving from aspirational standards to non-negotiable requirements. Decisions made by AI systems, in credit, in risk, in compliance, must increasingly be traceable, defensible, and attributed.
A decision made by an unsanctioned tool that no one knew was in use is not traceable. It cannot be defended. And when it is eventually surfaced, by a regulator, by a dispute, by an audit, the institutional exposure is significant.
There is also a skills gap compounding the problem. Compliance and risk functions are not yet equipped to detect or assess shadow AI usage. The hybrid profile, encompassing data literacy, technical fluency, and regulatory knowledge in a single role, is emerging as a critical requirement across the sector, but supply is thin. Governance frameworks can only be as effective as the people operating them, and most teams are still working with capabilities built for a pre-AI environment.
The competitive dimension adds further pressure. Speed and experimentation are now genuine differentiators. The institutions that move quickly, that empower their people with AI tools that work, and that build governance models that enable rather than obstruct will accumulate advantage.
Those that default to restriction will cede ground to those that have learned to govern intelligently. In a sector where fintechs can move in weeks what incumbents move in years, that gap compounds fast.
What financial institutions need to do and stop doing
· First, find what you cannot see. A usage audit covering what AI tools are being accessed, by which functions, and on what data is not optional. You cannot govern shadow AI that you have not identified. This requires technical capability and a degree of institutional honesty about what employees are actually doing, not what policy says they should be doing.
· Second, build sanctioned alternatives that are genuinely better. If the reason employees are using a consumer LLM is that the internal tool is slower, requires three approvals, and cannot access the files they need, the answer is not a stricter policy. It is a better internal tool. This is an investment decision that should be framed explicitly as risk mitigation.
· Third, shift governance from a barrier to an infrastructure. Controls should be embedded in tools and workflows, not applied retroactively on top of them. Perpetual KYC (pKYC) and real-time risk assessment are already demonstrating that compliance can be woven into the customer and employee journey rather than bolted on at the end. The same principle applies to AI governance.
· Fourth, rebuild compliance and risk functions for the agentic era. Periodic reviews and manual check processes are structurally inadequate for an environment where AI can take autonomous action at machine speed. The move toward real-time, data-led assurance is not a trend to watch. It is a capability gap that is opening now, between institutions that are preparing and those that are not.
The 36,000-system bank is a cautionary tale, but it is also an instruction manual. The exposure was not created by bad intent. It was created by a slow, rigid governance model that could not keep pace with how people actually worked. AI is moving faster than those systems ever did, and the risk is no longer confined to the largest institutions. It belongs to any organisation that handles financial data, serves regulated customers, or makes decisions that a regulator may one day ask them to explain.
Elliott concludes: “The financial institutions that win will not be the ones that locked AI down. They will be the ones that governed it well enough that nobody wanted to go around them.”
About RelyComply
RelyComply empowers banks, insurers, financial services providers, and innovative fintechs with a single, fully integrated KYC and AML platform. Designed for seamless implementation and rapid deployment, our intelligent technology enhances efficiency while detecting financial crime, enabling you to reduce risk and costs, ensure compliance, and drive strategic growth.
SUPPLIED.
