Rethinking Risk Management in the Age of Artificial Intelligence in Finance

Melissa Hall, Senior Vice President in Finance and Head of Global Tax, Assurant

Melissa Hall, Senior Vice President in Finance and Head of Global Tax, Assurant

Melissa Hall is Senior Vice President at Assurant, overseeing global tax strategy, compliance, and risk management. A respected leader in tax and finance, she advises academic institutions, lectures at top universities and serves on boards, including the Tax Council and the Tax Council Policy Institute Advisory Board.

Artificial intelligence (AI) is transforming the finance function, from predictive analytics and algorithmic trading to automated compliance and controls. When implemented effectively, AI offers tremendous advantages in speed, accuracy, and cost efficiency, significantly furthering the classic goal of making financial activities faster, better and cheaper. It can enhance forecasting, facilitate financial reporting, and streamline audits. AI will very soon be able to automate manual back-office operations, challenging the model to outsource these functions to low-cost jurisdictions or to firms using managed resource models. AI agents operate continuously in the background, quietly connecting financial systems and generating insights at a scale that would be impossible for human analysts.

Yet the power and promise of AI come with equally significant risks, many of which are evolving just as quickly as the technology itself. These risks are not entirely new, but they take on different characteristics when AI is involved. Traditional categories such as data risk, model risk, operational risk, and ethical or compliance risk still apply. But AI alters the mechanics of each, adding new dimensions and amplifying their urgency in ways that legacy risk management frameworks may not be fully equipped to address.

Take data risk. In the past, concerns focused on the accuracy and completeness of financial records or the secure handling of sensitive data. Today, AI systems rely on massive volumes of data, both structured and unstructured, to learn and operate. Emails, voice transcripts, images, spreadsheets, models, financial statements, and more are captured and manipulated. As with traditional models before AI, any bias, error, or manipulation in this data can distort financial models. The potential for distortion, however, could be on a much larger scale once AI is introduced. Additionally, AI’s need for more and more data creates new exposure to breaches, governance failures, and untraceable data sources. AI systems not only consume but also generate data, blurring the line between input and output and making the risks more dynamic and harder to detect.

“AI does not simply increase the volume of data, the speed of analysis or the complexity of models; it changes how decisions are made, how errors propagate and how accountability is assigned”

Model risk also changes dramatically with AI. Traditional financial models are based on clear statistical assumptions and formulas. They are, for the most part, explainable and auditable. AI models, especially those using machine learning, are often opaque, non-linear, and adaptive. Their internal logic can be difficult to trace, and their outputs may be sensitive to subtle changes in data or context. Some models continue to evolve after deployment, creating a moving target for risk managers. Letting AI run models that self-perpetuate makes it much harder to validate those models and raises new challenges for governance, oversight, controls and compliance.

Operational risk, long associated with internal process failures or system outages, takes on new urgency with AI. These systems must be integrated into existing workflows, often alongside legacy platforms, and require constant monitoring to ensure stability. A failure in an AI-driven reconciliation tool or a misclassification in a reporting structure can permeate an enterprise system without immediate visibility. Moreover, the increasing reliance on automation can lead to overconfidence, where human oversight is diminished because the AI is assumed to be inherently reliable or accurate. This introduces new modes of failure that are less visible but potentially more damaging.

Ethical and compliance risks become more complex in the AI context. Systems trained on legacy data may perpetuate historical biases, inadvertently introducing unfairness or discrimination into financial decisions. Regulatory expectations are shifting quickly, with a growing emphasis on fairness, accountability, and transparency in automated decision-making. Traditional compliance models, which rely on documentation and static controls, may not be robust enough to govern systems that are adaptive and lack transparency. Finance teams must therefore take a proactive stance, embedding ethical safeguards into the design, development, and deployment of AI systems.

While the fundamental categories of risk for finance teams have not changed, their form and intensity have. AI does not simply increase the volume of data, the speed of analysis or the complexity of models; it changes how decisions are made, how errors propagate and how accountability is assigned. Finance departments must recognize the shifting paradigm and evolve risk management frameworks to match the pace and complexity that AI introduces. The new risk framework must incorporate explainability, real-time monitoring, cross-functional oversight, and a deep understanding of the technologies at work. The risks have moved from hypothetical to real; they are embedded in the very systems that power modern finance. Those who recognize and manage this transformation will be best positioned to harness AI’s benefits.