When I walk into a regulated financial institution for the first time, I ask one question before I look at a single policy document or AI governance framework: How many AI systems are currently running in production?

In practice, the answer is almost always materially incomplete. It is often in ways that create examination exposure leaders do not discover until a regulator is already in the room.

The question is never whether AI is running outside your governance controls. The question is whether you find it before the examiner does.

The institution that thought it had twelve

The clearest illustration of this problem came from a mid-sized U.S. credit union. The management had done what most institutions do: built a model inventory, established a governance committee, and documented validation processes. By internal measures, they were in reasonable shape.

Their answer was confident: Only twelve AI systems in production.

We found forty-seven!

An institution that believed it had twelve governed systems had thirty-five additional production systems making consequential decisions: credit approvals, fraud flags, customer communications. Some of the systems touching data subject to fair lending requirements with no validation documentation, no named accountable owner, and no active monitoring.

Where the additional systems came from

Understanding how this happens matters more than the number itself, because the same pattern is emerging across financial institutions.

1. Vendor-embedded AI: Core banking and fraud platforms include scoring models and decisioning logic as part of standard releases. These capabilities are often activated without explicit governance review. The institution licenses the platform and the AI comes with it, ungoverned.
2. Business-unit-developed models: Fraud, collections, and credit teams build models to meet immediate needs. When approval cycles lag, those models move to production outside formal validation processes. The models work and go live, but they never go through governance.
3. Enterprise platform features: Platforms such as Microsoft and Salesforce now include embedded AI capabilities. Many are enabled by default or activated during upgrades. Each one is making decisions. Almost none are on anyone’s model inventory.

None of these entry points reflect negligence. They reflect the pace of AI adoption colliding with governance architectures designed for a slower environment.

This pattern is not unique to one credit union. It is emerging across financial institutions as AI enters production through vendors, business units, and enterprise platforms faster than governance architectures were designed to capture.

We see this consistently across institutions of different sizes and regulatory profiles. Each ungoverned system is also an ungoverned data pipeline: consuming, processing, and acting on data that has not been fully classified, lineage-tracked, or audited.

What regulators do with this gap

The issue is not the number of systems. It is what happens when the gap is discovered.

Regulatory expectations, including Federal Reserve SR 11-7 and OCC model risk guidance, require a complete model inventory, independent validation, and ongoing monitoring. These requirements are not new. The scale of the inventory challenge is.

When an examiner asks to see your model inventory and it is incomplete (when material decisioning systems are absent from the list), that is not classified as a technology gap or a documentation deficiency. It is a governance failure. The finding is structural, the remediation is expensive, and the reputational cost with the regulator outlasts the examination cycle.

In my experience, the most serious findings consistently trace back to four structural breakdowns:

• An incomplete inventory
• Unclear single-point accountability
• Validation that exists on paper but not in practice
• Monitoring assembled for examinations rather than operating continuously

Governance built to satisfy documentation requirements does not survive examination scrutiny.

What changed and why it worked

At the credit union, the solution was not to write more policy. It was to change the architecture. Governance had to become something the system enforces, not something documentation describes.

We started with three evidence sources many governance programs underuse:

• The IT asset registry
• The vendor contract portfolio
• Business-unit workflow logs

Within thirty days, all forty-seven systems were identified, documented, classified, and made defensible.

Each system was risk-classified based on decision materiality, data sensitivity, and regulatory exposure. A single named accountable owner was assigned to each: an individual, not a function.

The highest-risk systems were prioritized for examination readiness: validation documentation completed, continuous monitoring activated, and evidence generation embedded into operations rather than assembled before each examination.

The institution entered its next examination cycle with a complete, defensible AI inventory. The examiner specifically noted its completeness. That observation, unremarkable to a casual reader of the examination report, represented the difference between a clean examination and a remediation order that would have consumed the next eighteen months of the institution’s governance bandwidth.

The question every CDO should ask

How many AI systems are currently in production in your organization?

Now answer again: including vendor-embedded AI, business-unit-developed models, and AI features activated inside enterprise platforms your institution licenses for other purposes.

If your answer changes, even slightly, that gap has a regulatory cost. Not theoretical. But examinable, measurable, and remediable.

The institution in this example did not have a governance problem because it was negligent. It had a governance problem because the way AI enters organizations today has outpaced the architectures designed to contain it. Closing that gap is not a documentation exercise. It is an architectural one.

The only question is whether your institution closes it, or your examiner does!