FS-ISAC releases GenAI risk guide for financial institutions

It provides a structured approach to data governance to ensure financial firms remain compliant with security standards.

FS-ISAC has published a new guide to help financial institutions mitigate risks associated with Generative AI (GenAI) whilst maximizing its benefits.

The guidance titled “More Opportunity, Less Risk: 8 Steps to Manage Financial Services Data with GenAI” was developed by FS-ISAC’s Artificial Intelligence Working Group and provides a structured approach to data governance to ensure financial firms remain compliant with security standards.

To maintain data integrity and traceability, FS-ISAC emphasizes the need to create and maintain a data lineage inventory. Strong access controls, data sanitization, and accurate classification methods help prevent security breaches and ensure compliance.

Customer data protection remains a priority, with FS-ISAC recommending the use of differential privacy, encryption, data sanitization, and sandboxing to safeguard sensitive information.

Another important aspect is effective model testing. Financial firms should establish testing baselines and leverage cross-sector data sharing to enhance GenAI reliability.