Navigating the Emerging Risks and Opportunities of Generative AI in the Cross-Border Payment Industry: A Compliance Perspective

A Report by CYS Global Remit Legal & Compliance Office

Part 2: Global Regulatory Frameworks and Governance Models for Generative AI in Financial Services

Introduction 

Generative AI (GenAI) is fundamentally reshaping the financial services landscape worldwide, offering powerful capabilities for automation, risk detection, and customer engagement that were unimaginable just a few years ago. However, its rapid adoption also raises significant regulatory and governance challenges that institutions must address proactively.

For compliance professionals operating in the cross-border payment industry, understanding the evolving global regulatory environment is essential to navigating risks effectively and ensuring responsible, sustainable use of these transformative technologies.

1. The Global Push for Responsible AI 

• Regulators across jurisdictions are converging on key principles for AI governance: fairness, transparency, accountability, and data privacy.

  
  

• International bodies such as the OECD, G7, and Financial Stability Board (FSB) have issued guidelines promoting ethical AI use in financial services.

  
  

• The EU AI Act, one of the most comprehensive regulatory frameworks, classifies GenAI systems based on risk and mandates strict compliance for high-risk applications like fraud detection and AML.

  
  

2. Key Regulatory Developments Across Jurisdictions

• European Union: The EU AI Act requires transparency, human oversight, and risk management for GenAI used in financial services. It also imposes obligations on third-party providers.

  
  

• United States: Regulatory bodies like the SEC, FTC, and OCC are scrutinizing GenAI use, especially in areas involving consumer protection and financial disclosures.

  
  

• United Kingdom: The FCA emphasizes a principles-based approach, encouraging firms to adopt internal governance and ethical AI practices.

  
  

• Asia-Pacific: Countries like Singapore, Japan, and Australia are developing sector-specific AI guidelines, with a focus on financial stability and data sovereignty.

  
  

3. Governance Models for GenAI in Financial Institutions

• Financial institutions are adopting enterprise-wide AI governance frameworks to manage GenAI risks.

  
  

• Common governance practices include:

  
  

  • AI Ethics Boards to oversee model development and deployment.

    
    

  • Model Risk Management (MRM) frameworks extended to GenAI, covering bias, explainability, and robustness.

    
    

  • Third-party risk assessments for external GenAI tools and APIs. 

    
    

4. Compliance Implications for Cross-Border Payments

GenAI tools used in cross-border payments must navigate:

• Data residency laws: Some jurisdictions restrict cross-border data flows, impacting GenAI model training and inference.

  
  

• Privacy regulations: Compliance with GDPR, CCPA, PDPA, and other data protection laws is critical.

  
  

• Auditability: Regulators expect GenAI outputs—such as transaction monitoring alerts or KYC summaries—to be explainable and traceable. 

  
  

5. Strategic Considerations for Compliance Teams

• Map regulatory obligations across jurisdictions where GenAI tools are deployed.

  
  

• Establish internal controls for GenAI use in compliance functions, including documentation and validation protocols.

  
  

• Engage with regulators proactively, especially when piloting GenAI in sensitive areas like AML or sanctions screening.

  
  

• Collaborate with legal and data teams to ensure GenAI models align with both regulatory and ethical standards.

  
  

Conclusion 

As GenAI continues evolving at remarkable pace, regulatory frameworks are catching up—albeit unevenly across regions and with varying degrees of specificity. For compliance professionals in the cross-border payment industry, this regulatory fragmentation creates complexity but also opportunity.

Adopting a proactive, globally informed governance approach enables institutions to leverage GenAI responsibly whilst maintaining regulatory compliance and stakeholder trust. The institutions that succeed will be those that view regulatory compliance not as a constraint but as a framework for sustainable innovation.

In the next article, we'll explore how GenAI is specifically transforming AML, KYC, and transaction monitoring practices, examining emerging best practices in these critical compliance areas that represent both significant opportunities and substantial risks.