FINRA Warns about GenAI Risks in 2026 Regulatory Oversight Report

Overview

Listen

FINRA recently released its 2026 Regulatory Oversight Report, and AI was a major theme. Hear more about how Red Oak's AI was built to stand up to the regulatory oversight FINRA is recommending in this quick chat.

Critical Questions Powered by Red Oak

FINRA’s report highlights several emerging risks tied to the rapid adoption of GenAI across financial services, including AI agents acting autonomously, lack of traceability in multi-step reasoning, potential misuse or exposure of sensitive data, misaligned reward functions, and gaps in domain expertise. These risks underscore the need for strict governance, human oversight, and strong auditability as firms integrate AI into compliance workflows. 

Firms can strengthen GenAI governance by implementing strict human-in-the-loop review processes, restricting AI agents to clearly defined scopes, ensuring transparent reasoning behind outputs, and maintaining complete audit trails. They must also prioritize secure models, protect sensitive data, and configure AI tools to align with written supervisory procedures (WSPs). FINRA’s 2026 guidance reinforces that AI adoption must follow the same accountability standards that govern all firm communications and supervision. 

Red Oak proactively built its AI review solution with guardrails that directly address FINRA’s concerns. The platform limits AI agents to configured tasks, provides full transparency into every finding and its reasoning, stores all reviews in a 17a-4 compliant data environment, and ensures no customer data trains third-party models. Red Oak also enables granular prompt customization to bridge domain knowledge gaps and uses continuous human oversight to prevent misaligned or autonomous AI behavior. This governance-first approach allows firms to adopt GenAI with confidence—not risk. 

Transcript

Speaker 1: 00:00
Welcome back to the deep dive. Today we're uh we're really strapping in. We are tackling FINRA 2026 regulatory oversight report. It's nearly 90 pages, and I mean, honestly, it reads like a huge warning siren for generative AI.

Speaker 2: 00:15
It really is. It's like watching a speeding train head for a broken bridge. Yeah. That's the feeling you get. The industry is moving so fast, you know, adopting Gen AI for efficiency summarizing research, drafting emails. But this report, it just confirms our biggest worry. The governance, the rules to manage this tech are lagging way, way behind how fast it's being .

Speaker 1: 00:36
And that tension is really the core of it all, isn't it? What Fenera is saying here, it couldn't be clearer. Firms are not getting a grace period.

Speaker 2: 00:43
No. They're sending a really strong signal that innovation, no matter how cool or efficient it is, doesn't get you a pass on accountability.

Speaker 1: 00:50
Right.

Speaker 2: 00:51
Exactly. I mean, if you're using a new large language model for, say, anything that touches a financial record or a client communication, that output is immediately subject to rules that have been around for decades.

Speaker 1: 01:01
All the existing stuff, record keeping, supervision, transparency.

Speaker 2: 01:05
All of it. The bedrock of regulation. It all still applies, even if the tech feels brand new. The fact that there isn't some formal AI rule book today is not going to protect you from a failure tomorrow.

Speaker 1: 01:16
I think that stance is so telling. It just reframes the whole conversation. We're not waiting for new laws. We're applying these, I guess, almost ancient principles to technology that feels like it's from the future. Okay, so let's unpack this. Our mission here is to break down the specific risks FINRA is flagging and then look at what's actually required to build AI that regulators can, you know, trust.

Speaker 2: 01:40
And to set the stage, you have to remember the pressure firms are under. The opportunity with Gen AI is just massive. You know, pulling information, summarizing calls, automating workflows. If you hesitate, you risk falling behind. So there's this huge incentive to just rush it out the door.

Speaker 1: 01:54
That speed, that's the thing. It reminds me of when email first took off in the early 2000s. Firms had this super fast communication tool that just blew past their old paper-based supervision. This report feels like history repeating itself, but the risk is exponentially higher.

Speaker 2: 02:09
That's a great analogy.

Speaker 1: 02:10
Because the technology can act on its own. It's not just FAF.

Speaker 2: 02:13
That's exactly. FINRA's big warning is that accountability is not negotiable. And they're already seeing these risks emerge in firms that are sort of treating Gen AI like it's just another IT project.

Speaker 1: 02:26
Instead of a massive governance challenge.

Speaker 2: 02:28
A critical governance challenge. The oversight has to cover everything, not just the final output, but the AI's internal process. If an AI action creates a financial record, that whole process needs its own auditable record.

Speaker 1: 02:42
We should probably pause on that for a second. The gravity of this. This isn't just about getting a fine. It's about a complete breakdown of supervision that could, you know, lead to real investor harm or market issues. Which brings us right to the core of the report. This is where it gets really specific. FINRA lists out seven uh distinct categories of risk for Gen AI agents.

Speaker 2: 03:02
And this list of seven risks, this is the roadmap for any firm's compliance strategy. If you ignore this list, you're basically ignoring what regulators are going to be looking for in their next exam.

Speaker 1: 03:12
Okay, so let's dig in. Let's start with the one that, I mean, it hits the core of supervision itself, autonomy risk.

Speaker 2: 03:18
This is the big one. It's the inherent danger in letting these AI agents, these programs that do things on their own act, without a human in the loop, to validate and approve the action. The risk here isn't just a mistake, it's an action you can't take back.

Speaker 1: 03:34
And we're not talking about a helpful little chat bot.

Speaker 2: 03:37
Not at all. We're talking about an AI agent that might be executing trades or submitting regulatory filings or even making client recommendations without any human sign-off that you can trace. That just fundamentally breaks supervision rules.

Speaker 1: 03:49
And the consequence there would be devastating. If a firm can't prove a human approved it, it's an immediate failure of supervision. Okay, risk number two: scope or authority risk.

Speaker 2: 03:60
This is the straying agent. Yeah. The AI starts doing things beyond what you intended. So maybe you set it up to summarize meeting minutes, but because of some vulnerability or weird chain of commands, it starts pulling proprietary client data from a server it was never ever supposed to touch.

Speaker 1: 04:15
So scope creep that leads to a massive data breach.

Speaker 2: 04:18
A massive data governance failure, exactly.

Speaker 1: 04:20
Okay. Number three, and this has to be the nightmare scenario for any chief compliance officer, auditability risk, the classic black box problem, just amplified.

Speaker 2: 04:30
It is. It's the inability to explain why an AI made a certain decision. As these AI tasks get more and more complex, with multiple steps, tracing the output back to the input can become almost impossible.

Speaker 1: 04:42
So an examiner walks in and asks why a specific client got a certain email.

Speaker 2: 04:47
And if your firm can't show the exact data, the prompt, and all the steps the AI took to create that email, you failed the exam. If you can't trace it, you can't audit it. Period.

Speaker 1: 04:57
That makes perfect sense. Transparency isn't optional. Let's talk about number four, data sensitivity risk.

Speaker 2: 05:03
This one hits close to home because financial firms handle the most sensitive day there is. The risk is that an AI agent working on that data, say, analyzing a client's portfolio, accidentally stores it or discloses it or misuses it. The danger is really acute when firms use those big third-party general models where the terms of service might let them use your data to train their models in the future.

Speaker 1: 05:25
And you've just exposed all your proprietary information.

Speaker 2: 05:28
Potentially, yes.

Speaker 1: 05:29
Okay. Which leads to the intelligence gap number five. Domain knowledge risk. This feels especially important for finance where everything is so specific.

Speaker 2: 05:38
It is. General purpose models, they're trained on the whole internet. They're generalists, they're not specialists. They just don't have the deep, nuanced knowledge to handle really complex industry-specific tasks. Think about tax codes or specific regulatory filings. An LLM might get it right 95% of the time.

Speaker 1: 05:57
But that 5%.

Speaker 2: 05:58
That 5% where it fails because it doesn't get the nuance can lead to a catastrophic compliance error.

Speaker 1: 06:03
Okay, risk number six is where things get really uh ethical and structural. Reward misalignment risk. This sounds subtle, but the impact could be huge.

Speaker 2: 06:12
It is subtle and it's insidious. The problem happens when the reward functions, basically the goals you program the AI to achieve are poorly designed. For example, say you reward an AI only for generating a high volume of marketing leads really fast, but you don't penalize it for compliance breaches in those leads.

Speaker 1: 06:30
Then it's going to optimize for speed and volume and ignore compliance.

Speaker 2: 06:34
It will inevitably create high volume aggressive marketing that's completely non-compliant. The AI did what you told it to do, get leads, but it ended up harming investors or the firm in the process.

Speaker 1: 06:47
That's a perfect illustration of why setting those parameters is a governance job, not just a coding job. You're literally telling the machine what success looks like.

Speaker 2: 06:55
Exactly. And if compliance isn't part of that definition, you're programming for failure.

Speaker 1: 06:60
And finally, number seven, the catch-all. General risks.

Speaker 2: 07:04
Right. This is the bucket for all the known issues we've been talking about for years. Things like bias creeping into the models, hallucinations where the AI just makes stuff up, and basic privacy issues. These aren't new, but Gen AI just puts them on steroids and injects them deep into your workflow.

Speaker 1: 07:19
Wow. That is a very comprehensive list. And it paints a really clear picture. If you deploy this technology without a governance structure, you're just accepting a huge amount of risk. So what does this all mean? We have the seven pitfalls. Now let's connect the docs to what a solution actually looks like. What do firms need to build?

Speaker 2: 07:36
The whole framework has to be built on principles that directly counter each of those risks. You have to embed the compliance controls before the model ever touches the data, not try to bolt them on after the fact.

Speaker 1: 07:47
Okay, so let's start with that big one: autonomy risk. If the AI can't run free, that means you need mandatory human intervention. But doesn't that just defeat the whole purpose? Isn't that just adding back the inefficiency?

Speaker 2: 07:60
That is the critical question. The goal isn't to make the human do all the work again. The goal is to have the human do the approval. AI should be used to speed up the review, to increase the quality, and to reduce risk. And that only works if a human is there for oversight and for the final sign-off on every critical review. The human guides it and the human approves it. It's about accelerating governance, not removing it.

Speaker 1: 08:23
Okay. So what about scope and authority risk, the agent that goes rogue? How do you keep the AI in its cage effectively?

Speaker 2: 08:29
Through very strict confinement, you have to limit the AI agents only to the very specific tasks they're configured for. A compliant solution will only review and return findings based on parameters set by a human administrator.

Speaker 1: 08:42
So if its job is to review marketing, it physically cannot touch trading records.

Speaker 2: 08:47
It cannot. By architectural design, it has to be partitioned off.

Speaker 1: 08:50
Right. Now for auditability risk, explaining the why, this is the cornerstone of any regulatory exam. How do you build in that transparency?

Speaker 2: 08:59
By mandating a visible chain of custody for every decision. Each AI review has to return not just the finding like this violates rule X, but also the specific reasoning and the source in the content that triggered it. And ideally, the system should also suggest how to fix it. That helps the user and it gives an auditor even more clarity on the why.

Speaker 1: 09:19
And this ties right into a critical piece of infrastructure we need to spell out for you, the listener: 17a-4 compliance. For anyone not deep in the weeds of archiving roles, why is this the absolute foundation? What happens if a firm gets this wrong?

Speaker 2: 09:32
Well, the whole structure just collapses. Rule 17a-4 is the SEC and FINRA rule that says firms have to preserve their books and records, which includes electronic communications, in a very specific, tamper-proof, time-stamped format for years.

Speaker 1: 09:45
Usually seven years or more.

Speaker 2: 09:47
Right. So if your AI is part of any communication workflow, the framework must ensure that everything, the data, the prompts, the AI's output, the human's review, is all stored in a 17a-4 compliant data store. If you fail to do that, you can't produce records for a regulator, and that means severe penalties.

Speaker 1: 10:06
So the AI's activity has to be treated with the same weight as an official trade confirmation. Okay, moving to data sensitivity risk. How do firms stop their proprietary data from, you know, training their competitors' models?

Speaker 2: 10:19
This is all about vendor management and security architecture. Firms must use secure, enterprise grade models where the contract absolutely guarantees that your information is never stored by the third party and critically is never used to train their models.

Speaker 1: 10:34
You need ironclad guarantees.

Speaker 2: 10:35
Ironclad. Legal and technical. Your standard generic API just isn't going to work for sensitive financial data.

Speaker 1: 10:41
And what about that domain knowledge gap, especially since the financial rule book is always changing?

Speaker 2: 10:46
The solution is configurability. The AI can't just be a general black box. Firms must be able to customize the prompts and the rules based on the fine-grained details in their own internal rulebooks, their written supervisory procedures or WSPs. Different products, different rules. The AI has to be guided by the firm's specific living WSPs so it acts like a specialist, not a generalist.

Speaker 1: 11:09
And finally, how do you mitigate those general risks like hallucinations and that reward misalignment problem?

Speaker 2: 11:15
You have to treat the AI not as a product you just deploy, but as an ongoing process of quality control. It requires a constant feedback loop, user feedback, prompt refinement, continuous monitoring. That's the only reliable way to improve accuracy and make sure the AI is optimizing for compliance and safety, not just for speed.

Speaker 1: 11:33
So if we tie all of this back to the big picture, what FINRA is saying here, it really all boils down to one concept. AI governance isn't some new magical thing. It's just an extension of the standards firms are already supposed to be upholding.

Speaker 2: 11:45
Exactly. The message is the rule is the rule, no matter how the method changes. The key takeaway for you, the listener, is that you can't look at AI as a shortcut or a way to, you know, cut compliance staff. That whole perspective is just fundamentally flawed.

Speaker 1: 12:00
Instead, it has to be adopted as a supervised, auditable extension of a compliance program that's already strong. It has to live inside a framework that regulators already understand and can easily examine.

Speaker 2: 12:12
Which leaves you with a really important question to consider for your own firm's strategy. Given how fast AI is being adopted and the very real risk of that reward misalignment, how much systemic risk are firms carrying right now by just experimenting with general tools that don't have these guardrails? And with FINRA's guidance being so clear, why is adopting a purpose-built solution, one that's built with regulatory guardrails from day one, why is that shifting from just a competitive edge to an absolute necessity for survival? It really feels like the clock is ticking and accountability will catch up to innovation.

Speaker 1: 12:44
That is essential food for thought. Thank you for joining us on this deep dive. We'll see you next time.

Read the Blog Post

FINRA recently released its 2026 Regulatory Oversight Report, and one theme stood out across the nearly 90 pages of recommended practices: AI is being adopted by firms faster than governance frameworks are being built to support it. 

For many firms, this report is a wake-up call. For Red Oak, it’s validation. 

Red Oak’s platform is rooted in compliance, and we operate under the simple belief: the absence of formal AI regulations today does not exempt firms from the compliance expectations that will unquestionably come in the future. Firms do not get a “free pass” on recordkeeping, transparency, or supervision simply because the technology is new. That’s why we engineered Red Oak’s AI capabilities to meet the same stringent requirements as any financial record.  

The oversight report highlights the opportunities of GenAI and the risks firms must manage to use it responsibly. Below, we break down FINRA’s key findings and share how Red Oak has proactively embedded guardrails directly into our platform, ensuring our clients adopt AI with confidence—not concern. 

Innovation Doesn’t Reduce Accountability 

In its new section on GenAI, FINRA highlights the industry’s rapid adoption of AI for efficiency—particularly for summarization, information extraction, and automation—and warns of risks that could adversely impact investors, firms, or markets. FINRA outlines the risks and challenges as follows: 

  • AI agents acting autonomously without human validation and approval 
  • Agents may act beyond the user’s actual or intended scope and authority 
  • Complicated, multi-step agent reasoning tasks can make outcomes difficult to trace or explain, complicating auditability
  • Agents operating on sensitive data may unintentionally store, explore, disclose, or misuse sensitive or proprietary information 
  • General-purpose AI agents may lack the necessary domain knowledge to effectively and consistently carry out a complex and industry-specific tasks 
  • Misaligned or poorly designed reward functions could result in the agent optimizing decisions that could negatively impact investors, firms, or markets 
  • Bias, hallucinations, privacy, etc., also remain present and applicable for GenAI agents and their outputs

These risks aren’t hypothetical. They’re already emerging in firms experimenting with AI—often without the right oversight structures in place. 

This is exactly the gap Red Oak set out to eliminate. For the last three years, Red Oak has taken careful and deliberate consideration of the impact of GenAI on firm compliance initiatives. We knew that we couldn't simply create AI agents that performed document review, but that we had to define a set of guiding principles so that our products, messaging, terminology, and advice could be informed by those principles. 

The guiding principles Red Oak adopted for the usage of AI in our products address—and mitigate—the concerns outlined in FINRA's report.  

Autonomy: Red Oak does not use AI Agents without human guidance and intervention from both a configuration and review perspective. Our stance is that AI Agents can be used to speed up the review process, increase its quality, and reduce risk—but only if human intervention, oversight, and approval are included in the right place at the right time for every single marketing review performed.   

Scope and Authority: Red Oak’s AI agents are limited to only the specific tasks that they are configured to perform within Red Oak’s compliance platform. It will only review and return findings related to parameters that are configured by human users and administrators. 

Transparency: Every review performed by an AI Review Agent in Red Oak returns findings of potential compliance reviews and also gives the reasoning behind each finding. It goes one step further and provides a suggestion of how a piece of content might be altered to help address that specific finding. In the interest of governance, the underpinnings and results of every single AI review are stored in a 17a-4 compliant data store and preserved as part of the books and records for each firm. 

Data Sensitivity: Red Oak uses only secure, enterprise-grade models with terms of service which guarantee that information on AI reviews or document review is never stored within a third-party organization or used to train models. 

Domain Knowledge Gaps: Red Oak’s AI review solution was designed from the ground up to allow for configurability. Different prompts are needed for different materials and products, which require different types of compliance review. With Red Oak’s AI review solution, firms can customize their prompts according to the fine-grained details contained within their written supervisory procedures (WSPs) for every kind of marketing piece they produce. 

Reward Misalignment and Unique Risks of GenAI: We strongly believe that a continued iterative process of user feedback and subsequent prompt refinement is the best way to reduce hallucinations and improve the quality and accuracy of AI reviews. 

FINRA’s Oversight Themes Reinforce the Importance of AI Governance  

FINRA is making it clear that firms who adopt AI must hold it to the same standards that already govern their communications, supervision, and documentation. And we couldn’t agree more. 

We engineered our AI review capabilities to operate inside the framework regulators expect—even before those expectations were published. 

Because to Red Oak, AI is not a shortcut. It’s a supervised, auditable extension of a compliance program. 

If you’re evaluating AI capabilities for compliance review, now is the time to adopt a solution built with regulatory guardrails from day one. 

Book a demo to see how Red Oak helps firms use AI confidently and compliantly.

Contributor

Rick Grashel is the Chief Technology Officer and Co-Founder of Red Oak. Connect with Rick on LinkedIn.

Related Content