TrendAI: The Hidden Risks of Agentic AI in Finance

Financial services firms are accelerating their adoption of agentic AI.

However, a new challenge comes along in tandem – that governance is struggling to keep pace with innovation. 

TrendAI, a global leader in AI cybersecurity and a business unit of Trend Micro, is positioning itself at the centre of this shift, helping institutions manage the growing risks associated with autonomous systems.

AI adoption accelerates amid pressure

The research from TrendAI highlights a widening disconnect between deployment and control across the financial services sector. 

Based on a global survey of 407 finance, insurance and accounting organisations, the findings suggest that while AI adoption is surging, oversight frameworks remain underdeveloped.

Nearly one in three (31%) financial services firms lack observability or auditability over AI agents – an issue that becomes more acute as these systems move beyond decision support into autonomous action across fraud detection, compliance and risk management.

Adoption is also being driven by competitive pressure.

More than two thirds (68%) of organisations report being pushed to approve AI deployments over the past year despite security concerns, with 15% describing those concerns as “extreme” but overridden.

“Financial services firms are not short of awareness when it comes to AI risk, but awareness alone is not control,” says Bharat Mistry, Field CTO at TrendAI.

“What we are seeing is a widening gap between how quickly AI is being deployed and how well it is being governed. 

“That gap is where risk lives and it’s a problem that’s getting worse in light of increased interest in, and uptake of, agentic AI tools.”

Governance gaps expose new risks

For TrendAI, this signals a broader inflection point. 

Financial institutions are no longer experimenting with AI – they are operationalising it at scale. 

However, the report finds that governance maturity remains low in a sector defined by regulation.

Only 21% of firms have comprehensive AI policies in place, while just 32% report moderate confidence in their understanding of the legal frameworks governing AI.

Meanwhile, 44% cite unclear regulation or compliance standards as a barrier to progress.

At the same time, the risk landscape is evolving. 

Sensitive data exposure is the top concern for 40% of respondents, TrendAI finds, followed by 34% saying an expanded cyber attack surface is a concern. This was followed by the risks tied to autonomous execution and misuse of trusted AI status at 32%.

The report also finds that awareness of emerging threats remains limited. 

Just 30% of organisations recognise prompt injection as a significant risk, despite its growing use in manipulating AI systems.

“Agentic AI changes the equation,” Bharat adds. 

“These systems are not just supporting decisions, they are taking action. 

“Without visibility, auditability and clear control mechanisms, organisations are effectively handing over authority without accountability.”

Securing the AI lifecycle

TrendAI’s strategy centres on delivering unified visibility and control across the AI ecosystem. 

Its TrendAI Vision One platform integrates security across cloud, endpoints, networks and data, enabling organisations to manage cyber risk across the full AI lifecycle – from infrastructure to models to users.

This approach is becoming critical as firms grapple with how to retain control over increasingly autonomous systems. 

While 40% of organisations support the introduction of AI “kill switches” to shut down systems in the event of misuse, 46% remain uncertain, reflecting a lack of consensus on intervention strategies.

“This lack of alignment points to a deeper issue,” Bharat concludes. 

“Organisations are deploying increasingly powerful AI systems without a shared understanding of when, or how, human intervention should take place when it matters most.”