AI agents are arriving in financial services faster than the governance infrastructure to support them. In two short videos, Aveni’s Kent Mackenzie breaks down what makes agents different, why the stakes are higher in financial services than in most other sectors, and what firms actually need to do before they deploy.
What AI Agents in Financial Services Actually Do
The first thing to understand about AI agents is what separates them from the tools that came before. Standard chatbots follow scripts. Agents draw from multiple data sources simultaneously, chain decisions together, and act without waiting to be told what to do next. That autonomy is the point. It is also the risk.
In financial services, this matters more than in most industries. Customers are rarely asking simple questions. Someone reshaping a mortgage or choosing between investment vehicles is not looking for a transactional exchange. They want guidance that accounts for their specific circumstances. Agents are capable of that kind of nuanced response. But capable and safe are different things.
If an agent misreads a customer’s situation, it does not just give a poor answer. It may direct someone toward the wrong product, miss signs of financial vulnerability, or deliver guidance that contradicts what the customer was told in a previous conversation. These are not edge cases. They are predictable failure modes when you deploy technology that acts autonomously in high-stakes interactions.
Why Overseeing AI Agents Is Harder Than Firms Expected
The oversight problem is where most firms are stuck. The three-lines-of-defence model was designed around human interactions. A compliance team can sample calls, flag issues, and feed that back into training or process changes. That works when the volume is manageable and the interaction is human-to-human.
It does not work for agents. The volume is different. The interaction type is different. And the risks that need monitoring, things like whether the agent recognised a vulnerable customer, whether it stayed within regulatory expectations, whether it gave consistent guidance across conversations, are not visible through the same lenses firms have used for years.
The result is an industry-wide pause. Firms can see the value. They cannot yet deploy responsibly. What breaks that impasse is not better agents. It is real-time oversight that can analyse what an agent actually said, in the moment, and identify where it fell short before that becomes a complaint, a breach, or a harm.
