Agentic artificial intelligence (AI) is moving from pilot to production. For financial institutions, the window to get governance right is now.
In May 2026, a coalition of international cybersecurity agencies released joint guidance addressing the secure adoption of agentic AI systems. The publication, Careful Adoption of Agentic AI Services, was co-authored by the Australian Cyber Security Centre (ACSC), the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), and cybersecurity authorities in Canada, New Zealand and the United Kingdom. The guidance identifies the cybersecurity and governance risks these systems introduce and offers practical steps organizations can take to address them.
Agentic AI: A Brief Overview
Agentic AI systems are composed of one or more agents that rely on an underlying AI model, such as a Large Language Model (LLM), to interpret and reason about the state of the world, make decisions and take actions. LLM-based agentic AI systems use the LLM itself, external tools, external data sources, memory and planning workflows to understand their environment and, where applicable, take action to achieve their goals. Compared with traditional LLM systems, agentic AI systems distinguish themselves by accomplishing underspecified objectives, acting autonomously, following goal-directed behaviors and creating long-term plans.
Agentic AI systems are intended to operate without continuous human intervention. While a human typically designs and configures the system, some agentic AI systems are also capable of autonomously creating, or ‘spawning,’ sub-agents to accomplish specific sub-tasks.
Agentic AI in Financial Services
For financial services organizations, this new guidance is particularly relevant. Agentic AI systems are increasingly being explored for uses such as operational support, customer servicing workflows, fraud analysis assistance and internal process automation. While these systems may offer efficiency gains, their autonomy and integration into core environments introduce distinct cybersecurity, governance and accountability risks that financial institutions must carefully manage.
Key Agentic AI Security Risks for Financial Institutions
The guidance outlines five key categories of risk that are particularly relevant to financial services environments.
1. Privilege Risks
Privilege risks arise when agents are granted excessive access to systems, data or tools. In financial institutions, overprivileged agents could amplify the impact of a single control failure, increasing the risk of unauthorized transactions, data exposure or operational disruption.
2. Design and Configuration Risks
Design and configuration risks stem from insecure agent architectures or poorly controlled integrations. Given the complexity of financial technology ecosystems, improper configuration may allow agents to bypass established controls or operate outside intended boundaries.
3. Behavior Risks
Behavior risks include goal misalignment, emergent behavior or unintended actions. In regulated environments, unexpected agent behavior may lead to compliance failures, reporting inaccuracies or customer harm.
4. Structural Risks
Structural risks result from increased system interdependencies. Agentic AI systems often rely on multiple upstream and downstream components, expanding the attack surface and complicating incident response.
5. Accountability Risks
Accountability risks are especially significant for financial institutions, where auditability, traceability and clear ownership are essential. The opacity of some agentic systems can make it difficult to understand why actions were taken or to demonstrate control effectiveness to regulators and auditors.
Best Practices for Securing Agentic AI Systems
The new guidance identifies where controls can be implemented at different stages in the design, development, deployment and operations stages of Agentic AI usage as well as providing example controls at each point, whether an organization is developing the agents itself or purchasing from a third-party vendor.
Ultimately, many of the best practices revolve around fundamental IT General Controls such as limiting access rights to only those required to perform a task, monitoring system processing and output for errors or anomalies, logging activities and actions for analysis and auditability and ensuring independent oversight of the AI agent by qualified personnel through regular reviews, risk assessments and audits.
How Schneider Downs Can Help
For most financial institutions, the question is no longer whether to use agentic AI—it is how to govern it effectively. Schneider Downs helps to assess agentic AI use cases, align them with existing governance and control environments and address cybersecurity, accountability and regulatory risks introduced by autonomous systems.
Drawing on Risk Advisory, Internal Audit and IT Risk expertise, our professionals connect business-related usage of AI with the control structures, documentation and oversight regulators expect to see—helping organizations embed secure-by-design principles, manage access and privilege risks, evaluate third-party agentic AI solutions and establish oversight structures that support auditability, transparency and regulatory readiness.
To discuss how we can help your organization proactively address Agentic AI-related cybersecurity and governance risks, please contact our team at [email protected].
About Schneider Downs Financial Services
The Schneider Downs Financial Services industry group supports financial institutions as they navigate evolving risk, regulatory and governance challenges. Our professionals work with institutions to strengthen internal audit, risk advisory and related risk management programs that support sound decision-making, operational effectiveness and regulatory alignment.
Through services spanning internal audit, risk advisory, IT risk advisory, third-party risk management, fraud risk advisory, and enterprise risk and compliance, we help financial institutions design and enhance resilient, risk-based programs aligned with their strategic objectives and operating environment.
To learn more, visit our Financial Services Industry Group page.
