Part III: Why AI Governance in QA is Now a Global Banking Concern
This article serves as the final installment in a three-part series discussing the critical role of AI governance in the context of Quality Assurance (QA) within banking and financial services. It examines the intersection of modern AI systems with regulatory expectations, the response of supervisors, and the increasing responsibility of QA teams to manage AI risk, control, and evidence.
Global Issue
As AI governance reaches the QA function, it transcends local boundaries and becomes a global concern. International banking groups operate across jurisdictions, each with differing regulatory philosophies, uneven enforcement timelines, and diverging expectations regarding AI transparency and control.
Despite these differences, the underlying technologies—such as machine-learning models, generative AI systems, and synthetic data pipelines—exhibit similar behaviors worldwide. This creates a structural challenge where a system that meets governance requirements in one market may not satisfy those in another. Consequently, QA teams are tasked with reconciling these discrepancies through rigorous testing and evidence-gathering frameworks that withstand international scrutiny.
The recent World Economic Forum has articulated that the governance of AI in finance is no longer a distant concern, emphasizing that regulators are increasingly focused on whether financial institutions can demonstrate that their AI systems are reliable, explainable, and resilient throughout their lifecycle.
Testing as a Mechanism for Trust
For QA teams, the implications are clear: testing is evolving from a downstream activity to a vital mechanism for building and maintaining trust. The WEF highlights that gaps between AI ambition and operational readiness often manifest in testing. When firms struggle to provide evidence of control, oversight, or accountability, these gaps translate into testing failures rather than abstract governance issues.
The WEF also underscores that the risks associated with AI evolve over time. Unlike deterministic systems, AI models can alter their behaviors as data shifts or when interacting with other models. Therefore, static validation is inadequate; continuous testing and monitoring are essential governance tools.
Allianz: A Case Study in Governance
Some large financial institutions are already embedding governance directly into their engineering and testing practices. Allianz, one of the world’s largest insurers, exemplifies this by treating AI governance as a global discipline rather than a local compliance exercise.
According to Philipp Kroetz, CEO of Allianz Direct, the organization emphasizes an outcome discipline, insisting on clarity regarding what constitutes a “good” outcome. This focus shapes how data quality, testing, and AI governance are integrated throughout the business.
For QA teams, Allianz’s emphasis on data lineage, consistency, and traceability is particularly relevant. The firm has invested heavily in developing shared data models, business glossaries, and data catalogs that enable testing teams to understand data origins, transformations, and usage in models.
Integration of AI Governance in Other Industries
The governance challenge is not unique to finance; highly regulated sectors like pharmaceuticals are reaching similar conclusions. AstraZeneca‘s Director of Testing Strategy, Vishali Khiroya, noted that AI governance is being integrated into testing practices rather than treated as a separate control layer.
Khiroya emphasized that while AI introduces new risks, established testing principles still apply. The principles of documentation, controlled use of test data, and standard operating procedures remain vital, reinforcing the necessity of human oversight within governance boundaries.
The Role of Quality Engineering
Vendors supporting banks are also redefining Quality Engineering as a governance mechanism. Dror Avrilingi, Head of Quality Engineering at Amdocs, argues that while GenAI accelerates innovation in financial services, it is imperative for Quality Engineering to evolve concurrently.
Avrilingi asserts that quality engineering must transcend mere compliance checkpoints, serving as a critical accelerator or enabler of innovation. He highlights the risk of scale, noting that approximately 40% of GenAI-generated code requires remediation, and emphasizes that testing and remediation must scale just as rapidly as development cycles.
Political Scrutiny and Regulatory Implications
Political scrutiny is reinforcing the shift towards rigorous AI governance. In the UK, lawmakers warn that regulators and firms are underprepared for the systemic risks associated with AI. The House of Commons Treasury Committee has argued that without AI-specific stress testing, the financial system faces new forms of instability.
Committee chair Dame Meg Hillier cautioned that current approaches expose consumers and the financial system to potentially serious harm as AI adoption accelerates. The committee has recommended that AI must be explicitly tested under extreme but plausible scenarios, placing additional responsibility on QA teams.
Conclusion: QA as the Connective Tissue
Across regulatory bodies, industry organizations, vendors, and lawmakers, a clear pattern emerges: AI governance cannot succeed without testability. The insights provided in this series illustrate that if AI systems cannot meet traditional explainability demands, governance frameworks must adapt accordingly.
However, until regulatory frameworks fully reflect these realities, QA teams will continue to act as translators between law and technology. Testing artifacts are increasingly becoming governance artifacts; test coverage serves as evidence, monitoring dashboards provide assurance, and stress tests signal regulatory compliance.
As banks continue to scale AI, the defining question will not be the extent of AI deployment but how convincingly they can demonstrate control. Increasingly, the answers will be found in test results rather than policy statements.
