Artificial Intelligence4 min read

Private AI: Innovation in Financial Services Combined with Security and Compliance

Photo for IDC's Jerry SilvaIDC's Jerry Silva
people walking stocks background

IDC Guest Post

GenAI Opportunities in Financial Services

The financial services industry has been supported for decades by artificial intelligence and machine learning in various areas, including fraud detection and customer engagement. In 2024 alone, financial services industry investments in AI topped $37 billion globally. In one sense, AI is a mature technology in banking, insurance and capital markets. But the tremendous potential behind advanced AI technologies like generative AI (GenAI) has financial institutions rushing to investigate how GenAI can support improvements from customer personalization to productivity to faster product development. IDC has identified nearly 70 use cases for GenAI that can advance these areas in the financial services industry. These are critical goals cited by financial institutions:

Top 5 business outcomes expected from AI initiatives:

  1. Cost Savings
  2. Improved employee productivity
  3. Improved customer experience
  4. Faster innovation
  5. Increased profits

But as a heavily regulated industry, financial institutions are concerned about the potential challenges. Already, there are many existing and emerging regulations worldwide, like the European Union AI ACT, that focus on protecting the rights of financial services customers, and on the risks to the institution.  These concerns are additive to data security and privacy regulations that already exist in various forms worldwide, like the EU’s General Data Protection Regulation (GDPR), the Financial Modernization Act of 1999 (aka the Gramm-Leach-Bliley Act) in the U.S., the Personal Data Protection Act (PDPA) in Singapore, and many others.  In IDC’s Worldwide Industry CloudPath Survey (April 2023), Security (56% of respondents) and Data Sensitivity (51% of respondents) were cited as the top factors in determining whether an application or workload would move to public cloud.

Private AI 

In financial services, whose primary product is arguably trust, private AI has the potential to address security and privacy concerns and enable the ensuing use of AI and GenAI to support more efficient operations of the institution and open new opportunities for the lines of business, while maintaining or improving the security and privacy aspects dictated by risk and compliance guidelines.  Amongst the top private AI use cases are:

  • Fraud detection and prevention: private AI-powered models can analyze transaction patterns to detect and prevent fraud.
  • Customer experience enhancement: financial institutions can use private AI to provide personalized experiences to their customers
  • Back-office efficiency: customer service agents use private AI with retrieval augmented generation to find information more quickly and close more tickets each given day which provides measurable efficiency gain that can lead to lower costs.
  • Risk management and compliance: private AI powered models help institutions analyze and predict risks, from credit risk to market volatility.
  • Automated document processing: private AI enables the processing of sensitive documents within the bank’s infrastructure, facilitating tasks like loan processing or KYC verification while keeping customer data secure.
  • Software code generation: private AI can generate code in various programming languages while ensuring secure and efficient code creation.

Private AI is an approach that supports control over data and models using data encryption, data anonymization, secure model governance, and the use of the on-premises deployment. It can improve data privacy and security over other deployment models, remain compliant with regional regulations, offer better control over the data and models, and reduce the overall risk of the institution

The key aspects of private AI include:

  • Control over sensitive data. This means that any data subject to privacy regulations or that may cause undue risk or threats from bad actors remains under the control of the institution, even in a distributed AI environment where other aspects are not local or on premises.
  • Protecting competitive differentiation. In an industry like investment banking, data insights are complex and are protected as intellectual property that provides competitive differentiation. In these kinds of circumstances, keeping data and models local and under direct control of the institution is not a “nice-to-have,” but rather critical to the success and longevity of the institution. Private AI leaves that control in the hands of the financial organization.
  • Collaboration with control. Although Private AI can “lock down” access to sensitive data and models from outside the organization, it allows for an environment of collaboration within the institution using model galleries. Along with robust access control, these galleries help maintain a controlled, collaborative environment without stifling innovation.

Considering Private AI

Private AI can support the financial services objective of innovation with AI and GenAI without endangering its role in ensuring trust, security, and compliance.  As IT and line of business executives in financial services consider private AI, they should consider the following areas of strategic transformation:

  • Take a platform approach to AI service delivery, providing the option to explore and use new AI models and services as needs and market conditions evolve. The solution should also offer built-in automation and tools, which can greatly lessen the need to maintain specialized internal skill sets to achieve success.
  • A renewed focus on internal, non-technology skill sets to strengthen areas like governance, regulatory compliance, and risk, including 3rd party risks, as they work with IT partners to deliver the full AI capability across the enterprise.
  • A scaling and resilience strategy that defines data and AI as enterprise capabilities not specific to one area or line of business. Without this holistic view, data silos and point-of-solution AI analytics will continue to contribute to the inefficiencies that already exist in the institution.
  • A partner strategy that includes best-of-breed IT providers with tenure and credibility in the financial services industry and providers with proven track records of helping financial institutions make improvements that are reflected in key KPIs, like cost reduction and profits.

IDC believes that institutions should have a strategy to delineate private and public resources to make the most of AI and GenAI while maintaining or improving risk and compliance. Additionally, IT organizations must evolve to not only focus on technical service delivery, but also on the governance, security, and compliance of the platforms and capabilities it develops.  The IT industry can provide hardware, software, and services that will support the bank’s objectives with appropriate and safe technologies.

About the Author

Photo for IDC's Jerry Silva

About the Author

IDC's Jerry Silva

Program Vice President IDC Financial Insights