AI risk triage for banks

How risky is the AI you are putting into your bank?

Six questions about what your AI does and what could go wrong. The tool tells you which risk tier it sits in (1 to 4) and what controls you need to have in place for that tier. It takes about a minute.

Nothing leaves your browser. No email required.

Why this matters

AI agents are not like classical models. The rules built for models do not catch them.

Classical AI takes an input, returns an output, and that is the whole story. Banks already know how to govern that: review the model, set limits on what it can do, monitor for drift. Done.

Agentic AI is different. It chains many steps together. It calls tools. It writes to systems. It can decide what to do next based on what it just saw. The risk is not in any single step; it is in the sequence. A draft becomes a release. A query becomes a write. A summary becomes a customer message that never got an approval.

What pre-agent governance was built for

  • Static models reviewed at deployment
  • Inputs and outputs logged; intermediate steps not surfaced
  • Periodic reviews against fixed checklists
  • Approval given at deploy, not at runtime

What agentic AI requires

  • Tier-based controls scaled to autonomy and impact
  • A documented inventory of every AI capability, who owns it, what evidence supports it
  • Trajectory logs so an incident can be reconstructed in hours, not weeks
  • Human oversight that can actually interrupt the system, not just review it after

The EU AI Act is in force, with obligations for high-risk AI phasing in through 2027. DORA has been fully applicable since January 2025 and requires that ICT-related incidents involving AI be reconstructable and reported within hours. Article 14 of the EU AI Act requires that operators be able to effectively intervene in an AI system, not just be notified after.

This tool is the entry point: six questions, the tier your AI sits in, and the four controls that are non-negotiable for that tier.

The six questions

Tell us about your AI.

Pick the option that best describes the most consequential thing the AI does. If you are unsure between two answers, pick the higher-risk one.

How independent is it?

How much can the AI decide on its own?

What can it actually do?

What is the AI allowed to do?

What is the worst case?

If the AI gets it wrong, what is the worst that can happen?

Where do its inputs come from?

How open is the AI to its environment?

Can you undo a mistake?

If something goes wrong, how easy is it to fix?

Does it reach outside?

Does the AI ever send results to people or systems outside the bank?

Answer all six questions to see the result.

What the tiers mean

The four tiers, in plain words.

Tier 1 · Helper

The AI suggests; people decide. Examples: summarisation, internal search, drafting help. Light controls because the AI cannot cause real damage on its own.

Tier 2 · Controlled assistant

The AI runs through fixed playbooks with a short list of approved tools. Examples: internal automation, structured document processing. Reversible actions, approval gates before anything goes external.

Tier 3 · Governed actor

The AI takes actions with real financial, regulatory, or customer impact. Examples: credit decisions, compliance workflows, customer communications. Every step is authorised live. Behaviour is watched continuously.

Tier 4 · Critical autonomous

The AI commits the bank to actions with severe and often irreversible consequences. Examples: autonomous transactions, external commitments, infrastructure control. Default-deny. Dual approval. Fail-closed.