AI Governance Grows at Uneven Pace

As a growing majority of financial organizations add artificial intelligence to workflows, there seem to be gaps in risk awareness. While 62% of those surveyed for nonprofit Cloud Security Alliance’s recent report, “State of Cloud and AI for Financial Service 2026,” are already using AI agents, 21% said they were not sure whether their company had experienced AI security incidents, while another 20% said they had experienced AI security incidents.

The AI security concern cited most by 340 respondents in cloud computing, AI, cybersecurity, compliance and risk management was sensitive data leakage (61%).

While 91% of Cloud Security Alliance’s respondents said their senior leadership were supportive of security measures, a broader sample of businesses—coaching company FranklinCovey’s latest AI General Attitudes Survey—found less support from management. Forty percent of respondents had managers who were not aware of how their employees used AI, and 80% described their managers’ approach to AI as “hands off.” Only 14% of FranklinCovey’s respondents had received formal AI training.

Most of Cloud Security Alliance’s respondents were in the process of incorporating AI into their work. About half (49%) stated they were in the process of exploring or launching pilot programs. More than one-third (35%) said they were actively implementing AI in production, and an additional 9% reported they were at an “advanced” stage of adoption. Only 27% reported no AI agent usage.

Respondents who used AI agents most often deployed them for customer service (63%), cybersecurity operations (47%), back office operations (44%) and fraud detection (41%). Almost all (93%) reported granting those agents some form of autonomy.

Given the overall adoption of AI, FranklinCovey’s report identified three leadership behaviors that tend to undermine those processes: encouraging AI use without consistent guidance or guardrails; framing AI as a cost-reduction tool (which respondents said generated anxiety, rather than engagement); and moving so cautiously on AI that informal, unguided experimentation filled the void instead.

Financial professionals can turn to organizations such as the Certified Financial Planner Board of Standards Inc., which released a “Generative AI Ethics Guide” to provide principles and checklists of best practices. The CFP Board’s main principles for AI use are acting with integrity, providing accurate information, keeping clients’ personal information confidential, and complying with compliance with laws and regulations.

“AI adoption isn’t just an IT problem. It’s a human problem,” said FranklinCovey CEO Paul Walker, in a statement. “The organizations winning with AI are pairing human judgment, creativity and accountability with AI’s speed and scale, and they’re investing in the leaders and teams who make that pairing work. When you close the human readiness gap, adoption follows.”