2-week AI Audit
AI AuditVisibility, risk, outcomes.AI TransformationCapture AI value across workflows.AI GovernanceContinuous evidence for live AI.AI FluencyWorkforce that compounds.All servicesThe full service map.
Not sure where to start?Take the 5-min maturity assessment →Maturity modelOpen assessment
By industry
Private equityPortfolio-wide value capture.Regulated financeThe finance umbrella.Banks & capital marketsRegulator-defensible under SR 11-7.FintechShip trusted AI fast.Asset & wealthFor advisors and ops.REITs / real estateAI-driven NOI uplift.InsuranceUnderwriting + claims, instrumented.
Guides, templates, frameworks
Field notesEditorial reads on where AI work stalls.GuidesFinance AI systems, controls, and evidence.FrameworksLevers, maturity models, and control maps.TemplatesAudit memos and reusable eval artifacts.ScorecardsFast reads on adoption, strategy, and governance.Case studiesProof from AI work in finance.Golden datasetsReusable test sets for AI evaluation.NL-to-SQL evalsAudit-grade evidence for finance data agents.AI Audit resourcesInventory, Shadow AI, and board evidence.All resourcesBrowse the complete editorial library.
Featured field note
AI Fluency Is a Learning Curve.
What Anthropic's Economic Index means for workforce fluency.
Read more →
Article / AI Governance

How financial institutions get mis-sold AI.

Finance teams should measure exposure before governance pressure becomes budget.

TrustEvalsMay 29, 202612 min readAI Governance
AI GovernanceMeasure before buying.

Finance teams should measure exposure before governance pressure becomes budget.

Vendors increasingly sell AI governance to financial institutions through a familiar pattern: the vendor starts with a genuine regulator letter, paper, benchmark, or failure mode, then stretches that fact until the vendor's product becomes the only acceptable exit. The truth is the bait; the conflation is the hook; the false binary is the close.

This piece is about that pattern across banks and capital markets, private equity, real estate, and asset and wealth management. The honest answer to AI governance pressure is measurement, materiality, traces, thresholds, and operating evidence.

The thesis.

Vendors increasingly sell AI governance through fear: a seller stretches a real fact until the vendor's product looks like the only exit.

A fear-based AI governance pitch starts from something true and then performs three moves to make the vendor's product the exit. This matters because finance buyers do have real exposure: regulators ask harder questions, boards want defensible answers, and AI systems change faster than legacy control processes.

Finance teams should separate the kernel of truth from the sales distortion, then ask what evidence would make the risk measurable.

Two things follow for any finance team.

  1. Ask for measurement before budget. Finance teams should turn a governance claim into a number, a threshold, and a trace before budget approval.
  2. Hold every seller to the same standard. Providers that sell Shadow AI, agent behavior, governance evidence, or workforce fluency should show the measure behind the claim. They should quantify risk, not manufacture it.

The anatomy of a FUD pitch.

1. Real factA genuine study, regulator letter, or failure mode.
2. ConflationFuse two different properties so the fact proves a problem it does not prove.
3. False binaryEither catastrophe, or the vendor's product.
4. Excluded middleMeasure it, log it, tune it, and decide from evidence.

The diagnostic for a buyer: find the conflation in step 2. That is where the mis-selling lives.

Financial institutions deserve evidence before buying into AI governance. Vendor claims flow through underwriting questions into evidence-backed decisions.

The fallacy catalog.

1. The Determinism Fallacy: output variance erases auditability.

  • The scare: Big models give different answers to the same input. A regulator asks the risk team to replay 1,000 decisions, and the team lacks the trace.
  • Kernel of truth: LLM output is statistical, not rule-bound. Consistency is a real property to manage. APRA's 30 April 2026 letter on artificial intelligence flags unpredictable model behaviour and overreliance on vendor presentations.
  • The conflation: Reproducibility differs from auditability. Auditability means reconstructing why a specific decision was made: inputs, model version, retrieval, output, policy path, and human sign-off. Bit-identical reruns help, but trace evidence can still support an audit when reruns vary.
  • The second error: Bigger model equals more creative. IBM's small-model consistency work sits on closed-set, verifiable benchmarks. Thinking Machines Lab's Defeating Nondeterminism in LLM Inference argues that much of this is an inference-system artifact, not a mystical creativity property.
  • The third error: Finance workflows often have verifiable subdomains: approve or decline, fraud, KYC, policy routing, covenant extraction, and portfolio reporting. Papers like ICML 2025's On the Limits of RLVR and Expanding RLVR Across Diverse Domains matter because consistency can be optimized and measured in domains with verifiable answers.
  • Honest reframe: Tune for the verifiable domain, measure match-rate as an eval, route genuine edge cases to a human, and preserve the trace. Capable model, measured consistency, audit-ready evidence.

2. The Shadow AI Panic: unknown AI tools move data outside approved paths.

  • The scare: Employees paste data into tools procurement never approved. Security discovers hundreds of unknown AI systems and treats the count as the threat.
  • Kernel of truth: Discovery gaps are real. Embedded AI inside ordinary SaaS is genuinely hard to see from procurement records.
  • The conflation: Tool count differs from risk. The pitch treats a high number as the danger, when the danger is what data flows where, under whose account, with what contractual and technical control.
  • The deeper point: Aikido's Shadow AI is a fear response, and banning it makes it worse captures the operating reality: people hide tools when sanctioned paths are absent or unusable.
  • Honest reframe: Discover the surface through an AI Audit, classify by data sensitivity, create approved alternatives, and measure residual exposure. Visibility is valuable because it enables a sanctioned path, not because it inflates a tool-count headline.

3. The Regulatory-Fine Cudgel: maximum penalty, therefore buy now.

  • The scare: The EU AI Act includes penalties up to EUR 35 million or 7% of worldwide annual turnover. Deadline panic follows.
  • Kernel of truth: The penalties exist. Article 99 of the EU AI Act lays out multiple tiers, including the highest tier for prohibited practices and lower tiers for other infringements.
  • The conflation: The pitch quotes the headline maximum as if it applies to every AI use case. In reality, obligations depend on system classification, actor role, geography, and use-case risk.
  • The excluded middle: Compliance maps to specific obligations and evidence. The real gap is often knowing which systems exist, which classification each system carries, and whether evidence maps to the right framework or regulation.
  • Honest reframe: Classify systems against the actual risk tiers, map obligations, and produce framework-mapped evidence through AI Governance and the compliance map.

4. The Hallucination Doom: hallucinations create unbounded liability.

  • The scare: Hallucinations create material operational risk in regulated industries; prediction pieces like VMBlog's 2026 hallucination note use that risk as the wedge.
  • Kernel of truth: Hallucination is a real failure mode with real cost in finance: wrong customer answer, fabricated citation, invalid compliance summary, unreliable investment memo.
  • The conflation: The pitch treats hallucination as unmeasurable and unmanageable, so the only answer becomes a black-box guardrail. In practice, groundedness is a measurable rate against a source corpus.
  • Honest reframe: Set groundedness and hallucination thresholds per use case, measure continuously, gate deployment on the threshold, and route low-confidence outputs to a human. The Baseline Problem is the work: frameworks name what to measure, but each finance workflow needs its own threshold.

5. The Agentic Runaway: autonomous agents will destroy the workflow.

  • The scare: Agents will act autonomously and catastrophically; the buyer needs a control plane immediately.
  • Kernel of truth: Ungoverned agents with write access, credentials, and system-of-record permissions have real blast radius.
  • The conflation: Gartner places agentic AI on the hype curve; Eric Siegel's Forbes critique argues the agentic hype cycle is out of control. Vendors sell fear of autonomy the buyer may not actually have in production.
  • Honest reframe: Scope permissions to the real blast radius, require human sign-off for high-consequence actions, observe agent traces in production, and evaluate behavior against baselines. Govern the autonomy in the workflow, not the autonomy in the demo.

6. The Statistic Weapon: vendors turn failed AI projects into SKU urgency.

  • The scare: Gartner predicts that more than 40% of agentic AI projects will be cancelled by the end of 2027. Larridin reports that only 16.8% of companies can connect AI investment to business outcomes. The vendor turns market failure into product urgency.
  • Kernel of truth: The stats are sobering. AI failure is often a measurement failure: no value owner, no workflow evidence, no baseline, no operating cadence.
  • The conflation: The pitch launders correlation into causation. The statistic describes a market outcome. It does not prove the vendor's product is the differentiator.
  • Honest reframe: Use the statistic to justify instrumentation, not a specific SKU. A finance firm needs a board-readable operating read: value, risk, fluency, evidence, and next decision.

7. The Governance Mirage: platform sprawl proves loss of control.

  • The scare: VentureBeat reports that 72% of enterprises run multiple primary AI platforms and lack expected control.
  • Kernel of truth: Fragmented ownership and vendor sprawl are real. In finance, the same AI footprint often crosses CIO, CISO, compliance, finance, operating partner, deal team, and business-owner boundaries.
  • The conflation: No single owner becomes no control, when the gap is often operating model, ownership, materiality, and cadence.
  • Honest reframe: Name the owner, define materiality, consolidate the operating read, then decide tooling. Process first, platform second.

The buyer's FUD-detector.

Finance buyers can ask seven questions of any AI fear-pitch. Two or more no answers usually mean the pitch is skipping evidence.

  1. Find the conflation. Are two different properties being fused: reproducibility vs. auditability, tool count vs. risk, maximum fine vs. actual obligation?
  2. Whose data is the scary stat measured on? The firm's deployment, or a generic benchmark from a different model class?
  3. Is the risk quantified or just evoked? Fear without a number is a tell. Ask for the rate.
  4. Is there a false binary? Catastrophe or the vendor's product. What third door is missing?
  5. Does the fix remove a capability the business needs? A control that kills the workflow may be an overcorrection.
  6. Does the regulatory claim map to the firm's actual obligations? Or does it quote the maximum penalty without classification?
  7. Can the team measure the exposure before buying the fix? If yes, the purchase is optional.
Fear-selling grows when finance teams lack measurement. The moment a finance firm puts a number on AI value and AI risk - consistency rate, hallucination rate, exposure-ranked Shadow AI, trace-level evidence mapped to actual obligations - the conversation moves from what could go wrong to the current exposure and the next quarter's decision.

The standard we hold ourselves to.

This standard should apply to us, too. If TrustEvals cites Shadow AI, agent behavior, governance evidence, or workforce fluency, the claim should come with an operating measure.

  • Quantify, do not manufacture. Every risk claim should come with a way to measure it.
  • Avoid false binaries. TrustEvals is the measurement and audit layer, not the only thing between a finance firm and catastrophe.
  • Name the kernel honestly. When a competitor's scare has a real kernel, acknowledge it and out-reason it.
  • Lead with evidence. The honest TrustEvals move is the dual-driver operating read: capture upside, contain risk, and prove both with evals.
  • Stay pro-governance. The critique is not that governance is fake. The critique is that governance without evidence becomes sales pressure.

Sources.

These are the public references used for the claims, examples, and regulatory context above.

  1. IBM / AAAI: Small Models Exhibit Limited Answer Consistency
  2. Thinking Machines Lab: Defeating Nondeterminism in LLM Inference
  3. ICML 2025: On the Limits of RLVR
  4. arXiv: Expanding RLVR Across Diverse Domains
  5. APRA: Letter to industry on artificial intelligence
  6. Aikido: Shadow AI is a fear response, and banning it makes it worse
  7. EU AI Act: Article 99 penalties
  8. VMBlog: The dangers of AI hallucinations in high-stakes industries for 2026
  9. Gartner: Hype Cycle for Agentic AI
  10. Gartner: 40% agentic AI cancellation prediction
  11. Forbes: Eric Siegel on the agentic AI hype cycle
  12. Larridin: State of Enterprise AI
  13. VentureBeat: The AI governance mirage
Related resources

Keep the operating read connected.

GuideFindings become controls.
AI GovernanceAI Audit and AI Governance work together.
GuideTrust, mapped for finance.
AI AuditAI Trust for Finance.
ChapterSet real thresholds.
FoundationWhy frameworks tell you what to track, but not where the threshold sits.

Turn governance pressure into an evidence read.

Bring one workflow, vendor, or AI portfolio. We will map the evidence needed for finance leaders to fund, ship, or stop it.

Run the AI Audit ->