Financial services firms are deploying AI faster than they can govern it. Boards want generative AI in production, developers are building on agent platforms, and employees are pasting customer data into chatbots that no one reviewed. The gap between AI use and data security is measurable: Cyberhaven's 2026 AI Adoption & Risk Report: Financial Services found a 17x difference in AI adoption between the most aggressive firms and the most cautious ones. For a chief information security officer (CISO), that rapid AI adoption is where regulatory exposure lives. The GLBA Safeguards Rule and the SEC's cybersecurity disclosure rules already govern how customer data is protected and how incidents are reported, and AI does not get an exemption.
What is AI Security for the Financial Services Industry?
AI security for financial services organizations is the practice of controlling how sensitive financial data moves into, through, and out of AI tools so that deployment stays within regulatory and internal data security policies. It covers generative AI (GenAI) applications, AI agents, and AI features built into approved software, and it focuses on enforceable controls rather than written policy alone.
For regulated firms, AI security is not a separate program from other cybersecurity initiatives. It is an extension of obligations already imposed by the GLBA Safeguards Rule, the SEC, and customer contracts. The question a regulator often asks is whether the firm can account for where customer data went, who had access, and what controls were in place when it happened.
Which Regulations Does AI Deployment Trigger in Financial Services?
AI deployment does not create a regulatory vacuum. It extends frameworks financial services firms already operate under, and two carry the most direct weight for AI data security.
The GLBA Safeguards Rule
The GLBA Safeguards Rule, issued under the Gramm-Leach-Bliley Act (GLBA), requires financial institutions to maintain a written information security program built from specific elements, including access controls, encryption of customer information, and monitoring and logging of how authorized users handle that information. When an employee submits nonpublic personal information to an AI tool, those obligations do not pause.
The rule also carries a breach notification requirement that took effect in May 2024: firms under Federal Trade Commission (FTC) jurisdiction must report a security event affecting 500 or more consumers within 30 days of discovery, and the FTC may publish the report. An unmonitored AI tool that ingests customer records is a direct gap in the monitoring, logging, and notification elements the rule requires.
The SEC cybersecurity disclosure rules
For publicly traded firms, the Securities and Exchange Commission (SEC) cybersecurity rules add disclosure obligations. Under Item 1.05 of Form 8-K, a company must disclose a material cybersecurity incident within four business days of determining that it is material. Form 10-K requires annual disclosure of how the firm manages cybersecurity risk, including board oversight.
A data exposure through an AI tool can meet the materiality threshold. A firm that cannot see what data its AI tools receive will struggle to assess materiality on the SEC's timeline or to describe its controls accurately to investors.
Where AI Creates Data Security Gaps in the Financial Services Industry
The risk concentrates in three places, and all of them sit outside the reach of network-based controls.
Shadow AI and personal accounts
Employees adopt AI tools without security review, and a large share of that use runs through personal accounts that corporate controls never see. Cyberhaven research found that 32.3% of ChatGPT usage and 24.9% of Gemini usage occur through personal accounts, with Claude and Perplexity higher still at 58.2% and 60.9%. In a regulated firm, each of those sessions is a potential transfer of customer data to an unreviewed third party, and the fastest-growing AI categories are often the ones with the least oversight.
Endpoint AI agents
AI agents now run directly on employee endpoints, where they read files, move data, and act with the access of the employee who launched them. These endpoint AI agents are a blind spot for security teams because they operate locally and do not announce what they touch. Financial services leads on this trend: 79.7% of firms are building with agent platforms, and coding assistant use jumped from 16.7% to 42.1% in a single year, according to Cyberhaven.
AI features built into approved tools
Many AI capabilities live inside software employees already use, so risky data movement does not look like an obvious exfiltration event. Network controls miss it because the traffic is encrypted and the destination is a sanctioned vendor, which leaves the firm exposed without a single policy violation that anyone can see.
How to Deploy AI Without Violating Data Security Policies
Safe AI deployment in financial services rests on four controls that map directly to what the GLBA Safeguards Rule and SEC rules already require.
- Build an inventory of AI tools in use. A program cannot govern what it cannot see. Catalog the GenAI applications, embedded AI features, and agent platforms in use across the firm, including tools employees adopted on their own. This inventory is the prerequisite for every other control and for the monitoring element the Safeguards Rule requires.
- Classify data and map it to AI risk. Submitting a marketing brief to an AI writing tool is not the same as submitting a spreadsheet of customer account data. Data security posture management (DSPM) shows where nonpublic personal information lives and which AI interactions expose it.
- Enforce controls at the point of data movement. Effective controls operate where data enters an AI tool, not after the fact. Modern DLP solutions built for AI adoption detect when sensitive data is being submitted to an AI application and either blocks the transfer or alerts with enough context to investigate.
- Keep audit-ready records. For each AI tool that touches regulated data, document what it processes, what controls apply, and how incidents are handled. This is the evidence a firm needs to satisfy an FTC examiner, support an SEC materiality assessment, and turn policy into an enforceable AI security compliance program.
How Cyberhaven Secures AI Use Within Financial Services Organizations
Cyberhaven approaches financial services AI security through Data Lineage, which records how data moves across the enterprise at the file and content level, including into and out of AI tools. That record is what lets security teams answer the question regulators actually ask: where did customer data go, and who touched it.
AI Security capabilities give teams visibility into which AI applications employees use, what data those applications receive, and where outputs go, without relying on employee self-reporting. When customer records, source code, or classified documents reach an AI tool, Cyberhaven detects it and generates an alert with the context to investigate, and it produces audit-ready records for GLBA, SEC, and contractual obligations. Linea AI, Cyberhaven's analysis engine, surfaces which tools carry the highest data risk and which user populations drive AI adoption. DSPM and DLP extend the same controls across sanctioned and unsanctioned tools, whether the AI is a standalone application or a feature inside existing software.
Financial services firms do not have to choose between AI adoption and data security policy. The firms closing the gap are the ones that can see where data moves into AI tools and prove it to an examiner. Cyberhaven gives security teams that record across GenAI applications, AI agents, and embedded AI features.
Explore how to secure the rapid adoption of agentic AI in your environment with “Governing the Autonomous Enterprise: A Security Framework for Agentic AI.”
Understand how peers are utilizing AI, and how that transforms data risks, with the “Cyberhaven 2026 AI Adoption & Risk Report: Financial Services.”
Frequently Asked Questions
Does deploying AI violate the GLBA Safeguards Rule?
Deploying AI does not violate the rule by itself. The risk comes from deploying it without the controls the rule requires. The Safeguards Rule expects monitoring, logging, access controls, and a breach notification process for customer information. An AI tool that ingests nonpublic personal information without those controls in place is the compliance gap, not the AI itself.
What AI risks must financial services firms disclose to the SEC?
Publicly traded firms must disclose a material cybersecurity incident within four business days of determining materiality under Item 1.05 of Form 8-K, and they must describe their cybersecurity risk management and board oversight annually in Form 10-K. A data exposure caused by an AI tool can qualify if it meets the materiality threshold, which makes visibility into AI data flows a prerequisite for accurate disclosure.
How is AI data security different in banking and financial services?
The data types and the regulatory consequences raise the stakes. Financial firms handle nonpublic personal information, account data, and trading or deal information governed by the GLBA Safeguards Rule, SEC rules, and customer contracts. Financial services also leads in agentic AI adoption, so the volume of automated data movement is higher than in most other industries.
Can DLP control data sent to AI tools?
Yes, when the controls operate at the point of data movement rather than at the network layer. Many AI tools run over encrypted channels or sit inside approved applications, so network controls miss them. DLP that inspects data as it enters an AI application can detect sensitive submissions and block or alert on them in real time.
How do financial services firms govern shadow AI?
Governing shadow AI starts with visibility into every AI tool in use, including the personal accounts that corporate controls do not cover. Once security teams can see which tools employees use and what data flows into them, they can apply policy, prioritize the highest-risk tools, and produce the records auditors and regulators expect.
.avif)
.avif)
