A key factor in the adoption of AI

(Translated by DeepL)

Artificial intelligence (AI) is gradually transforming the landscape of businesses and financial institutions. To take full advantage of these technologies while managing the associated risks, it is essential to establish robust AI governance. This ensures that AI systems are aligned with the company’s values, objectives and regulatory standards, while ensuring effective risk management. According to a FINMA survey, the use of AI in Swiss financial institutions rose from 53 % in 2023 to 75 % in 2025, with a projection of 90 % by 2027 (see 24 April 2025 update). This significant jump demonstrates the urgent need for banks to put in place appropriate governance mechanisms to address the technical, ethical and security challenges posed by AI.

What is AI governance ?

AI governance encompasses all the processes, policies and structures implemented to regulate the design, development, deployment and maintenance of AI systems (based on FINMA expectations, see Caballero Cuevas, cdbf.ch/1392). It aims to :

• Clearly define objectives and priorities in line with the overall strategy.
• Identify, assess and mitigate potential risks, such as algorithmic bias or cybersecurity vulnerabilities.
• Put in place controls and security measures to protect data and ensure system integrity.
• Ensure ongoing monitoring to continuously adjust and improve the performance of AI systems.

Key elements of effective AI governance

For AI governance to be effective, it is essential to integrate several components.

First, objectives and priorities must be defined. AI must contribute to the achievement of concrete objectives and clearly identified business value (optimisation of internal processes, service improvement, enhanced security). A clear definition of areas of opportunity guides investment decisions towards the projects with the greatest potential for added value.

Secondly, risk management must be put in place. Mechanisms to detect and reduce the risks inherent in AI systems (algorithmic bias, processing errors, vulnerabilities, data processing) are essential. The implementation of reviews of new initiatives and regular controls helps to limit the impact of these risks.

Thirdly, transparency and traceability are important elements. Transparency in AI system decision-making processes, particularly through the traceability of data entering and leaving models (data lineage) and the transparency of use cases, strengthens stakeholder confidence and facilitates the rapid detection of malfunctions. In addition, the integration of the ‘human in the loop’ principle ensures continuous human supervision, thereby reducing the risk of errors and improving the quality of decisions made with AI support.

Fourthly, responsibilities must be clearly allocated. AI governance must precisely define roles and responsibilities within the organisation. The governance committee must include decision-makers and experts, in particular the Chief Data Officer, compliance, legal and risk managers, as well as IT and business experts. This structure must ensure proactive governance and the active and ongoing involvement of stakeholders in the assessment, validation and supervision of AI use cases. It also guarantees agile and scalable governance that can adapt to new regulatory and technological constraints.

Finally, effective governance of artificial intelligence relies on rigorous data governance, ensuring the quality, security and integrity of data, which are essential for the proper functioning of AI systems. In the banking sector, this involves implementing policies to ensure that data is accurate, complete and up to date. FINMA recommends technical and organisational measures (TOMs) to prevent algorithmic bias and ensure data quality. In addition, control, monitoring and documentation mechanisms are necessary to ensure responsible management aligned with strategic objectives, as well as rigorous assessment of the explainability of models. These practices enhance the reliability, ethics, transparency and traceability of AI use.

What approach should be taken to improve AI governance in a private bank in Switzerland ?

A private bank in Switzerland can adopt a three-step approach to ensure effective and sustainable AI governance :

1. Laying the foundations : This phase consists of defining clear policies governing access to, use and control of AI, in accordance with applicable standards. It also includes training programmes to raise awareness among stakeholders of ethical issues and risks. A dedicated point of contact and an acculturation campaign facilitate the adoption of these measures.
2. Integration and optimisation : Once the foundations have been laid, the goal is to industrialise the use of AI. This involves validating models, implementing robustness tests and ensuring close collaboration between AI, data, security and compliance teams. Sharing use cases optimises resources, while monitoring tools detect and correct biases, ensuring reliable and ethical AI.
3. Continuous improvement and innovation : Governance evolves in line with technological and regulatory advances. Regular policy updates, ethical assessments and exploration of new use cases help maintain consistency and promote responsible innovation.

Conclusion

By integrating the fundamental pillars of AI governance, a bank establishes a structured framework that is consistent with its strategic objectives and institutional values. This framework aims to ensure the responsible and secure use of AI in compliance with regulatory requirements, while strengthening transparency, traceability and risk control. In a context of accelerated deployment of AI technologies, the implementation of dedicated governance is no longer an option but a strategic requirement that creates the conditions for sustainable innovation based on trust and organisational efficiency.