Banks face AI balancing act as regulation tempers uptake

Australia's banks are steadily increasing their use of artificial intelligence, but strict regulatory requirements and concerns around customer data security are preventing the rapid adoption seen in other sectors.

While technologies such as generative AI and AI coding assistants are becoming increasingly common within major financial institutions, banks remain cautious about rolling them out at scale.

The highly regulated nature of banking means institutions must move more deliberately than smaller organisations when adopting emerging technologies.

Unlike small and medium-sized businesses, which can quickly approve and implement new AI tools, banks must navigate a complex web of privacy obligations, compliance requirements and risk assessments before deploying new systems.

Australia's prudential framework, including regulations governing operational resilience and data protection, has created an environment where experimentation often occurs behind the scenes before technologies are made widely available across organisations.

As a result, many banks are currently in the testing and implementation phase rather than pursuing aggressive, organisation-wide AI deployments, according to Elliott Howard, Account Director at Talent International.

"They are certainly in the process of adopting these tools now," Howard said. 

The cautious approach comes despite growing evidence that banks are embracing AI internally to improve productivity and software development processes.

Banks are increasingly deploying tools such as AI-powered coding assistants and large language models to support software engineering teams, automate repetitive tasks and accelerate development cycles.

One recent example involved a major Australian institution conducting a hackathon where participants relied entirely on AI tools rather than traditional coding methods.

The shift reflects a broader transformation occurring across enterprise technology teams. 

Rather than writing code line by line, engineers are increasingly acting as supervisors and orchestrators, validating AI-generated outputs and ensuring they align with organisational standards, architecture requirements and business objectives.

This trend is likely to continue over the next three to five years, as AI tools become more capable and more deeply integrated into banking operations.

The gradual pace of adoption in Australia contrasts with perceptions that the United States is moving more aggressively to embrace emerging technologies.

Regulatory comparisons between countries are complex, and Australia generally maintains stricter oversight of financial institutions, contributing to a more measured approach to innovation.

That caution may ultimately protect banks from some of the risks associated with rapid AI deployment, particularly when handling sensitive customer information. 

Before introducing new technologies broadly, organisations must establish governance frameworks, security controls and guardrails to minimise potential exposure.

Security implications of these tools remain a key consideration for financial institutions.

Yet while banks focus on responsible adoption, another conversation is emerging around AI's impact on employment.

For prospective employees, the promise of increased productivity is contrasted with growing anxiety and uncertainty about the future of entry-level roles across many industries.

The greatest disruption is likely to occur at the junior end of the workforce, where repetitive and process-driven tasks are increasingly being automated.

In cybersecurity, as an example, tasks traditionally performed by graduate analysts - such as reviewing alerts, investigating logs and determining whether security incidents are genuine threats or false positives - can now be completed by AI systems in a fraction of the time.

"CBA have recently introduced agentic AI into their cybersecurity operations centre," Howard said.

"That's normally staffed by junior people coming out of university, learning the groundwork for cybersecurity. The CBA agent can do that work in about five or ten minutes, instead of two to three days."

Without traditional entry points, organisations may struggle to develop the next generation of technical leaders and specialists.

Discussions with banking executives and technology leaders reveal mixed opinions about the scale and timing of AI-driven disruption.

"I speak to people a lot smarter than I am every day, and there's a mixed consensus," Howard said.

The uncertainty is fuelled by the speed at which AI capabilities continue to evolve. Models that are considered state-of-the-art today may be significantly more capable within a year, making long-term workforce planning increasingly difficult.

While it remains unlikely that major banks will dramatically reduce engineering headcounts in the immediate future, the industry will eventually need fewer people performing routine development tasks.

For now, Australia's banking sector remains in a transitional phase - eager to capture the productivity benefits of AI while navigating regulatory obligations and workforce concerns.

The challenge for banks over the coming years will be finding the right balance between innovation and caution. As AI becomes more deeply embedded across financial services, institutions will need to ensure they can unlock efficiencies without compromising security, compliance or the development of future talent.

"It's quite an interesting time," Elliott said.

"It's exciting."