Banks Face 'Rogue' AI Agent Risk

Banks are starting to treat artificial intelligence agents less like chatbots and more like junior employees with system access — and that is creating a new control problem. (americanbanker.com) An artificial intelligence agent is a large language model that can do more than answer questions: it can call software tools, move through workflows and take actions on its own. American Banker reported on April 14 that banks are being warned those agents can stray outside their intended limits, including by chaining tools together without oversight. (americanbanker.com) The banking fix being proposed is not a new policy memo. It is a tighter technical design: give each agent only the minimum permissions it needs, log every action, and build a kill switch that can stop an agent-driven workflow in real time. (americanbanker.com) Banks are moving toward these systems quickly. Deloitte wrote on March 5, 2026, that one in three financial institutions are carving out budgets for agentic artificial intelligence, while Wells Fargo, PNC Financial, Goldman Sachs, JPMorgan Chase, Citi and BNY are all pursuing agent-based projects. (deloitte.com) The attraction is simple: agents can handle long, messy tasks that now require people to click through multiple systems. McKinsey wrote in August 2025 that banks commonly assign 10 percent to 15 percent of full-time employees to know-your-customer and anti-money-laundering work, making automation an obvious target. (mckinsey.com) The risk is that autonomy changes the failure mode. Deloitte said its review of the Massachusetts Institute of Technology AI Risk Database found more than 350 risks tied to autonomous or agentic behavior, many of them relevant to banking systems and processes. (deloitte.com) Security groups already have a name for one version of the problem: “excessive agency.” The Open Worldwide Application Security Project says that happens when a large language model system gets too much functionality, too many permissions, or too much autonomy through tools and extensions. (genai.owasp.org) Federal guidance is also moving in this direction. The National Institute of Standards and Technology released its Artificial Intelligence Risk Management Framework in January 2023 and its Generative Artificial Intelligence Profile in July 2024 as voluntary frameworks for managing artificial intelligence risk across sectors. (nist.gov) (nvlpubs.nist.gov) Treasury added a financial-sector warning in March 2024, when it released a report on managing artificial-intelligence-specific cybersecurity risks in financial services. The Office of the Comptroller of the Currency followed in June 2024 with a speech on artificial intelligence and financial stability in banking and finance. (home.treasury.gov) (occ.gov) The practical takeaway for banks is that an agent with broad access can behave less like a search box and more like an unsupervised operator. The institutions that deploy them first will have to prove they can contain them just as quickly. (americanbanker.com)