AI Agents Force Finance to Fix the Sandbox Problem

finance sandbox

The finance team built the model. It ran clean in the pilot. It surfaced patterns the analysts had missed for years. Then the quarter hit, deadlines compressed and the dashboard sat open in a browser tab nobody had time to check.

    Get the Full Story

    Complete the form to unlock this article and enjoy unlimited free access to all PYMNTS content — no additional logins required.

    yesSubscribe to our daily newsletter, PYMNTS Today.

    By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions.

    That moment, repeated across hundreds of finance functions at banks, insurers, and asset managers, is the actual state of enterprise AI in 2026. Not failure. Not fraud. Just friction. It was the subject of a recent report from PYMNTS Intelligence, and it’s the subject of this issue of The Prompt Economy Weekly.

    Of course when the topic is enterprise AI, the CFO figures prominently. MIT Sloan Management Review found that when CFOs speak candidly, a different story from the public optimism emerges. Proofs of concept that never leave their sandboxes. Models that looked promising in the pilot sitting unused when the pressure of the quarter hits. Dashboards produced and refreshed but rarely shaping the decisions that matter most.

    The researchers spent several years working directly with CFOs and their teams applying AI in practice. Their conclusion was not that the technology failed. It was that finance functions have structured themselves in ways that prevent AI from influencing the work that matters. The problem is not data quality or model trust or vendor overpromise, though all of those factors play a role. The deeper issue is that similar AI technologies introduced under broadly comparable conditions produce very different outcomes in finance than in other corporate functions.

    Finance teams optimized for control and auditability treat AI outputs as inputs to human review rather than inputs to decision-making. That posture is precisely what keeps the model in the sandbox. And the sandbox, as MIT Sloan makes clear, is where most finance AI still lives.

    The Use Cases Are Real. The Risks Are Systemic.

    The sandbox problem is not just organizational. It is also structural. Tao Zhang, BIS Chief Representative for Asia and the Pacific said in remarks delivered at the Asian Financial Forum that financial institutions are already deploying AI across credit underwriting, fraud detection, risk management and back-office automation, with advances in large language models expanding applications further into customer interaction, internal analysis and supervisory processes.

    But the same adoption creating those operational gains is generating new systemic exposures that connect directly to the governance gaps MIT Sloan identified. AI speeds up trading and portfolio adjustments, intensifying short-term price movements under stress. Most institutions now depend on a small number of specialized hardware providers, cloud services and pretrained models, meaning a single operational disruption carries consequences well beyond the firm experiencing it.

    The BIS also flagged the correlated behavior problem. When institutions run similar models trained on similar data, they respond to market shocks in the same way at the same moment. That synchronized response can amplify contagion across markets and jurisdictions faster than any human risk team can intervene. The individual use cases work. The system they are collectively building is one regulators are still learning to read.

    From Human Instructions to Agent Decisions

    The governance gap the BIS flagged becomes structural when agentic AI enters the picture. The IMF noted in its paper on agentic payments that the shift now underway is not incremental. Payments are moving from human-initiated instructions to agent-mediated decisions, with AI systems interpreting objectives, breaking them into tasks and interacting with financial infrastructure with limited human input across authorization, liquidity, settlement and compliance workflows.

    That creates a specific tension the current governance stack was not built for. Payment infrastructure was designed around deterministic logic: a transaction either meets the rule or it does not. Agentic AI is probabilistic. It produces outputs that are directionally correct most of the time. That is a different standard than the one a compliance team, a regulator or a network rule requires.

    The IMF called for regulators to move from Know-Your-Customer frameworks to Know-Your-Agent requirements, with mandated verifiable identities for financial bots linked to legal entities and authentication frameworks that verify both the agent’s identity and the delegated authority behind it.

    For all PYMNTS AI coverage, subscribe to the daily AI Newsletter.