Author: Daniela Vasquez, MPA candidate at Columbia University & former supervisor, Superintendencia de Banca, Seguros y AFP del Perú

In April and May 2026, Digital Transformation Solutions and Columbia University’s Center for Digital Finance and Technologies co-hosted a two-part closed-door roundtable series at Duane Morris LLP in New York. Held under Chatham House rules, the sessions brought together approximately forty senior professionals from fintech companies, banks, regtech and suptech providers, researchers and regulators to examine the latest developments, opportunities and potential mismatches at the intersection of AI and financial services.

Stay tuned for announcements of upcoming sessions in this series and request an invitation: https://digitaltransformationsolutions.io/events/innovation-community-roundtables-ai-in-fintech-regtech-and-suptech/  

_________________________

On May 1, I joined a roundtable on AI in Compliance, RegTech, and SupTech, organized by Digital Transformation Solutions in collaboration with Columbia University’s Center for Digital Finance and Technologies and Duane Morris LLP. The discussion included professionals from industry, research, and regulation, each working on this topic from a different angle.

As a master’s student finishing the first year of my program, and with previous experience as a financial regulator, I came into the discussion with curiosity shaped by both perspectives. I wanted to understand how conversations about AI are showing up in practice.

The roundtable made me think that the AI conversation is bigger than the technology itself. It is also about how institutions organize work, assign responsibility, and learn from each other.

This matters because AI is moving fast. Used well, it can help institutions work better and respond faster. But if it is not designed and revised carefully, it can also make existing gaps bigger, both within the market and between industry and regulators.

With that in mind, four ideas stayed with me after the discussion.

1. AI adoption is a process redesign question, not just an automation question

In the last few years, many institutions have used AI to make tasks faster. It helped automate repetitive work, find patterns in data, and reduce manual steps. In financial services, this can be useful for areas like fraud detection, risk assessment, compliance, and regulatory reporting.

More recently, firms seem to be thinking less about AI as a separate tool, and more about how it fits into the process itself. Several examples from the discussion pointed to AI supporting analysis, validation, monitoring, product development, regulatory reporting, and communication across teams.  These are not isolated tasks. They are part of broader workflows where information moves, teams interact, and decisions are made.

This is why process design in financial services demands a more proactive mindset. Before, many processes changed when the business changed or when the industry moved in a new direction. With AI integration, processes cannot be treated as something fixed. Institutions need to keep reviewing how work is done, where AI is useful, where it creates friction, and what needs to change.

2. From machine-readable regulation to more actionable compliance

Another idea that came up was machine-readable regulation. The point is very practical: regulation is usually written for people, but compliance has to be translated into policies, controls, data, systems, and reporting tools. That translation can create friction. A rule may start with a legal interpretation and later become an internal procedure, a system requirement, a control, or a monitoring report. Each step has a purpose, but it can also create delays, inconsistencies, or operational errors. As AI agents become part of compliance processes, this gap matters even more, because AI systems do not naturally understand legal, political, or institutional context unless that context is clearly defined.

This is where machine-readable regulation can help. It makes regulatory requirements easier for software systems and AI models to read, track, and apply. It can create a more common language across policies, controls, data, and systems, with fewer intermediate translations.

This does not remove interpretation or human judgment. Many rules still require context. But a more structured approach can help legal, compliance, risk, and technology teams work from the same foundation and review whether the rule, the internal procedure, the control, and the system output are aligned. The goal is to spend less time on operational translation and more time on deeper analysis, monitoring, and supervision.

3. Responsible AI demands clear governance, accountability and privacy safeguards

Making compliance more actionable is only one part of the discussion. As firms continue increasing their use of AI, governance has to be clear from the start. This means knowing who is responsible at each point of the workflow, especially when several teams are involved or when the technology comes from an external vendor. Institutions need clarity on ownership, review, final decision-making, and escalation if something goes wrong.

Human review also needs to be active. “Human in the loop” should not mean that a person only appears at the end of the process. People need to know when to trust the output, when to challenge it, when to ask for a deeper explanation, and when to escalate or stop the process. This is especially important to avoid risks such as confirmation bias, where AI may reinforce what users already expected to see.

Privacy and data governance are also central. AI depends heavily on data, and financial institutions work with sensitive information about clients, payments, behavior, and risk. This makes it important to know what data is being used, who can access it, and how it is protected. Having a common data source and clear data definitions can help, because teams are not working from different versions of the same information.

In the end, the goal is not only to make AI use more efficient. It is to make sure it remains controlled, explainable, and accountable.

4. Regulators and industry need more spaces for coordination and learning

With AI moving so fast, one real concern is that the gap between industry and regulation could keep growing. Firms move quickly because they are testing tools, building products, and adapting processes every day. Regulators, on the other hand, need time to understand the risks, the use cases, and how their supervisory toolkit should evolve. If that gap keeps growing, it can become a problem for both sides.

This is why coordination matters. It should not happen only between senior leaders. It should also include the teams closer to implementation, such as compliance, risk, technology, supervisors, and examiners. These teams see how procedures work in practice, what outcomes are produced, where concerns appear, and what still needs to improve.

Before creating new expectations or rules, regulators need to understand what is already being built. At the same time, firms need clearer guidance, shared definitions, and common data standards to show how they are complying.

For me, this is the practical side of responsible innovation. SupTech and RegTech are not only about new frameworks. They are also about creating spaces where regulators and industry can learn what is already happening, build on what works, and keep clear limits where needed. Regulators do not need to know everything immediately. But they do need to stay proactive, ask the right questions, and remain open to dialogue as technology keeps changing.

Overall, this topic is far from settled. AI will keep changing how financial institutions and regulators work, and SupTech and RegTech will need to adapt as well. For me, that is what makes this space so interesting: many questions are still open, and there is still a lot to learn from each other. I look forward to being part of that dialogue.

_____________________________

Reach out to events@govspace.io to join future conversations and let us know what topics would be top of mind for you to discuss with your innovation community!