A Global Playbook for AI Risk Management in Financial Services
In January 2026, the MindForge Handbook landed alongside NIST’s AI RMF, the Cyber Risk Institute’s FS-AI RMF, the EU AI Act, ISO 42001 and the BIS/FSB systemic-risk work. Six frameworks, six jurisdictions, one converging direction of travel, and a growing gap between what they require and what most institutions can actually demonstrate.
In this paper, Kishore Ramakrishnan, Partner at Wepoint, distils eight years of global AI governance into a single playbook. Drawing on real deployments at JPMorgan, Goldman, BlackRock, BNY, Citadel and Ardian, he sets out how to govern AI use cases rather than just models, and what every CRO, COO, Chief AI Officer and Board needs to be ready to defend in 2026.
Inside the paper: 16 pages, 10 ideas, one uncomfortable question.
You’ll come away with:
- The convergence map. MindForge, NIST, CRI, EU AI Act, ISO 42001 and BIS/FSB compared on one page, with the UK’s deliberate stance positioned alongside.
- The architecture you can draw on a napkin. Four pillars and a five-stage lifecycle that map cleanly onto Govern, Map, Measure, Manage and the three lines of defence.
- Ten ideas worth taking to every board. From why your definition of AI is itself a control, to why the inventory is the flywheel and not the filing cabinet, to how to govern human oversight when JPM’s COiN runs 12,000 contracts a year.
- The three traps seen repeatedly inside global banks, FMIs and asset managers, and the corrective each one demands.
- Implications by segment. Sell-side CIB, FMI and securities services, and the buy-side, each with the questions that now need an answer.
