AI agents are creating a major security blind spot in financial services | Tech Radar

Overview

News, deals, reviews, guides and more on the newest computing gadgets

Start exploring exclusive deals, expert advice and more

Details

Unlock and manage exclusive Techradar member rewards.

Unlock instant access to exclusive member features.

Get full access to premium articles, exclusive features and a growing list of member rewards.

AI agents are creating a major security blind spot in financial services

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Financial services (FS) has the highest rate of AI-related security incidents of any sector — higher than healthcare, manufacturing, or government. And most organizations still treat AI agents like just another workload. They're not.

As a sector built on highly sensitive data and deeply interconnected systems, the stakes are higher. The risks go far beyond isolated incidents, from large-scale data exposure and financial loss to regulatory breaches, loss of customer trust, and even systemic disruption if critical services are impacted.

This isn’t a contained problem. It spills over. And because FS is often first to adopt new technologies, how it handles AI today will shape how other industries follow.

How AI agents are wrecking havoc in legacy security setups and enterprises are catching up

Why self-running agents are creating the biggest security crisis of 2026

Get it wrong, and it becomes the blueprint for what not to do.

So why is this happening? FS organizations are pushing non-deterministic actors into production without the guardrails to control them.

The data is clear. It's not the AI that's unsafe. It's the access we're giving it. Organizations that grant broad access to AI agents report far higher incident rates than those enforcing least-privilege controls.

This creates an entirely new class of risk - and it scales fast. Unlike traditional software, AI agents operate autonomously, at machine speed, 24/7, and they don’t get tired. So when you give them excessive permissions, they don’t just introduce risk, they amplify it.

To be useful, AI agents need a broad reach across systems. This is especially true in FS, where agents are used in customer onboarding or risk management, and need access to a variety of data to pull insights. Agents are also operating in a highly complex and interconnected infrastructure. So teams take the shortcut: they grant wide permissions to make things work.

That’s where the problem starts. Overprivileged agents don’t just increase the likelihood of data exposure; they also make it harder to see what’s happening, harder to prove control, and harder to meet audit requirements. When something goes wrong, it doesn’t stay contained - the blast radius expands fast.

The push to move fast and adopt AI tools quickly is understandable. But speed without control is exactly what creates the problem - particularly in environments already dealing with fragmented identity, credential sprawl, and inconsistent identity governance.

AI agents now commit and conceal cybercrimes on their own

AI agents create new risks requiring continuous monitoring and oversight

Always-on AI Agents put everything hackers could ever want behind a single attack surface

At its core, this is a mismatch. Traditional identity management models assume static users and predictable access. AI agents are neither. They’re dynamic, non-deterministic, and constantly interacting with multiple systems, and the old models don’t hold up.

The good news? This security crisis is absolutely fixable. Here’s how to approach it.

First, identity needs to be rethought from the ground up. Every actor - human, machine, or AI - should operate within a single, secure, auditable framework.

For AI agents, this starts with a unique, verifiable identity from the moment it is created. No shared credentials, no ambiguity, no gaps.

Everything else builds from there. The next steps all depend on getting identity right at the start. Because if you can’t reliably identify an agent, you can’t control it, and you definitely can’t secure it.

Next, reduce access to what’s strictly necessary. Audit existing agents, identify over-privileged access, and restrict permissions to specific tasks, systems and datasets.

Access should be precise and time-bound, and anything more is unnecessary risk - a core principle of zero trust access.

Static credentials, like passwords, API keys, long-lived service accounts, create persistent access that’s difficult to control. They linger. They spread. They get reused. All of this contributes directly to credential sprawl.

Instead, replace them with short-lived, identity-based access tied to context. No fixed secrets. Just verified identity. This is especially critical when managing machine and workload identity at scale.

Without visibility, risk builds quietly - until it doesn’t. AI agents can’t operate as black boxes. Every action should be logged, and every movement should be traceable across systems and workflows. And that visibility needs to plug into existing monitoring and detection.

No visibility, no accountability. And no effective identity governance.

Reshape identity management for an AI-driven world

Identity has to become an engineering discipline, not just a security function. That means platform, engineering, and security teams aligning around a single identity model — not bolting tools together after agents are already in production.

That means aligning platform, engineering and security around a shared model. Consolidating fragmented systems into a unified identity layer to drive lower complexity and stronger control. Treating identity as core infrastructure - not a bolt-on.

AI agents are already embedded in financial services. That’s not changing. But the way they’re secured has to. Treating autonomous agents like traditional workloads isn’t enough, and assuming they fit existing identity models is wishful thinking.

In financial services, identity isn't a compliance checkbox. It's the infrastructure that determines whether you can scale AI at all.

We feature the best RPA software, to make it simple and easy to reduce costs by using Robotic Process Automation.

This article was produced as part of Tech Radar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of Tech Radar Pro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

You must confirm your public display name before commenting

1 New Apple TV sci-fi series Star City will be 'totally different' to For All Mankind season 5 despite having the same creative team — 'we wouldn't have made it if it was a companion piece'

2 Forget stolen passwords — this is how hackers are actually breaking into US companies in 2026

3 Kansas City Public Schools is spending millions on Mac Book Neos to replace 30,000 Windows PCs and Chromebooks and become an 'all-Apple district'

4 Quordle hints and answers for Tuesday, May 26 (game #1583)

5NYT Connections hints and answers for Tuesday, May 26 (game #1080)

Tech Radar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.

Key Takeaways

News, deals, reviews, guides and more on the newest computing gadgets
Start exploring exclusive deals, expert advice and more
Unlock and manage exclusive Techradar member rewards
Unlock instant access to exclusive member features
Get full access to premium articles, exclusive features and a growing list of member rewards