Presenting Speakers
About the Session
This panel examines why GenAI’s probabilistic outputs hit a ceiling in regulated finance without a clear regulatory ground truth, and how leading institutions are overcoming that constraint. It will explore how firms meet Data, Cyber, Operational Resilience, Cloud, AI, and emerging technology control obligations with supervisory-grade evidence.
Panellists will discuss how governed regulatory knowledge bases, ontologies, and semantic graphs provide the foundation for agentic AI that can deliver credible impact analysis, regulatory change assessment, and end-to-end lineage.
The discussion will focus on how sovereignty-aware AI models improve traceability, strengthen supervisory confidence, and protect capital as regulators increasingly scrutinise AI and technology governance itself.
Regulatory Challenges
- NIST Quantum Capabilities to NIST Cybersecurity Framework 2.0 here
- CFTC Withdrawal of Proposed OpRes rules here
- NIST Guidelines for API Protection for Cloud-Native Systems here
ECB Guide on outsourcing cloud services to cloud service providers here - FIRE (Format for Incident Reporting Exchange): Final format here
- BoJ use of cloud in FS survey results here UK Containerization guidance here, BIS managing cloud risk here
- EC Digital Operational Resilience 01/24 standards hearing here rules here ESA DORA technical advice here
- UK ICO Generative AI data protection and GenAI here and HMG framework here
- Netherlands AI masterplan here
- Singapore model AI governance framework for generative AI here
- FSI Insights on policy implementation No 53; Managing cloud risk
- US AI 012/24 fact sheet here strategic plan here and Whitehouse blueprint for AI bill of rights here
- EU Cyber resilience act here cybersecurity certification MRA here and background here
- APRA operational risk management – CPS 230 here PRA PS6/21 OpRes here
- HMT Critical third parties here PRA DP3/22 CTP here / PRA SS2/21 Outsourcing and TPRM here
- US Interagency Guidance on Third-Party Relationships: Risk Management here
- EU Artificial Intelligence Act leaked copies here and here original texts here and here
- UK National AI action plan here ICO guidance on AI and data here
- EU deforestation regulation here
- EU Corporate sustainability due diligence (CSDDD) here
New RegTech/SupTech drivers
- Premium – The OpRes Crackdown Starts: AI Is the Only Defence here
- Premium – Cloud Control Begins: The EU Data Act’s First Step here
- Premium – Data access disrupted: the EU Data Act here
- Premium Newsletter – Proving control in the age of DORA here
- Premium Newsletter – Digitalizing the FS backbone here
- GFMA White Paper on Public Cloud Portability here
- Legal assessment of draft EU AI act text here
- Analysis: Decoding DORA standards: what it means here
- Analysis: Accountability for GenAI here
- Forbes: New Financial Services Regs Will Require Comprehensive Action By Boards here
- Research report ‘Managing Digital Infrastructure Risk: a collaborative path to financial services safety’ here