Retail banks have large volumes, heavy regulation, and clear AI opportunities. Here’s how to adopt AI within the rules in 2026. (dgm implements osFoundry as an independent partner; regulatory responsibility stays with the bank.)
Where AI helps
- customer service and contact-centre support;
- fraud and AML detection;
- document and application processing;
- complaints handling;
- credit and risk processes (with care and oversight); and
- knowledge retrieval for staff.
AI accelerates these while the bank evidences good outcomes and keeps humans on significant decisions.
The regulation
Dual-regulated by the PRA and FCA. The key frameworks:
- Consumer Duty — the primary lens for customer-facing AI;
- SM&CR — senior-manager accountability; and
- SYSC — governance, outsourcing and operational resilience.
(The FCA applies existing frameworks, not AI-specific rules.)
Consumer Duty and fairness
AI in pricing, lending, complaints or service must not produce unfair or discriminatory outcomes, and the bank must evidence good outcomes — making fairness, explainability and audit central. This is where regulatory risk concentrates for bank AI.
Operational resilience
SYSC operational-resilience and outsourcing rules apply to AI systems and third-party providers. Banks must manage AI within their resilience and outsourcing frameworks — data control, continuity, and provider oversight.
Where osFoundry and dgm fit
dgm builds Consumer-Duty-aware AI on osFoundry: fairness, explainability, audit trails, and human oversight, with data control (self-hosting or an EU region; it publishes US/EU/JP regions, not a UK one) and bring-your-own-key addressing outsourcing/resilience and data concerns.
dgm is an independent integration partner with zero integrations so far — no bank case studies to claim. Regulatory responsibility stays with the bank. To scope a compliant bank AI project, book a consultation with dgm. Not regulatory advice.