Cloudera's Keir Garrett shares insightful information into AI, operational risk and compliance

Cloudera helps financial institutions turn compliance into a strategic function – streamlining operations, boosting agility and using data to drive trust, growth and resilience. 

Keir Garrett (pictured), Regional Vice President at Cloudera ANZ, shares insightful information into Artificial Intelligence (AI), operational risk and compliance. 

With CPS230 taking effect on July 1, many financial institutions would have already laid the groundwork for compliance. How do you see AI continuing to reshape operational risk and compliance strategies beyond the initial deadline?

With CPS230 coming into effect, the focus will shift from just meeting the deadline to getting answers faster – and doing it in a way that lightens the load on IT, risk, and compliance teams. AI helps by predicting issues, pinpointing anomalies, automating reporting, and improving how credit risk is assessed. GenAI takes it further by summarising complex regulations, reviewing legal docs, and helping teams make smarter decisions – all at scale and in real time.

This transformation is also driving a broader rethink of how AI is deployed. Institutions are increasingly prioritising secure, governed environments that ensure transparency, data lineage and regulatory compliance – especially when working with complex, sensitive or unstructured data. The goal is to move fast, stay compliant and scale AI responsibly – not just for CPS230, but for whatever comes next. The future of compliance isn’t just about staying in line – it’s about staying ahead.

Can you walk us through real-world examples where AI models have significantly improved day-to-day operations within the banking and finance sector? 

One of the biggest shifts we’re seeing is that organisations are moving beyond just ticking the compliance box – they’re starting to use AI in much more strategic ways to manage risk and drive real value.

A great example of real-world AI impact is OCBC Bank, one of Southeast Asia’s largest banks. They’re using Cloudera to improve everything from customer engagement to operational efficiency and risk management. Through their mobile app, they deliver over 250 million personalised insights a year, helping customers make smarter financial decisions.

They’ve also built a smart AI engine called “Next Best Conversation” that suggests hyper-personalised offers – and it’s working. Campaign conversion rates have gone up by 1.5 to 2 times. On the operations side, they’ve cut data provisioning times by up to 80%, and now handle 10% of customer website interactions through intelligent chatbots.

When it comes to risk, they’re using machine learning models on Cloudera to predict system failures before they happen, so they can act early and avoid potential regulatory issues.

And importantly, all of this AI runs privately within their own secure environment. That means customer data stays protected and fully governed – no third-party exposure. It’s a great example of how AI, when done right, can help teams move faster, reduce the load on IT and compliance, and make smarter decisions – all while the organisation maintains control.

Traditionally, compliance has been viewed as a necessary and often admin heavy burden. How are banks shifting this mindset and using compliance as a strategic advantage? 

Compliance used to be expensive, restrictive, and often disconnected from the bigger picture. But that mindset is shifting. With the right platform in place, compliance can actually become a competitive edge.

Hybrid cloud is the key to leveraging compliance, as it gives banks the best of both worlds – the control and governance of on-prem, with the flexibility and scale of the cloud. That means they can move faster, adapt to regulatory changes in real time, and still keep everything secure and compliant with existing regulations.

When you bring AI and ML into the mix, especially across hybrid environments, you can start to automate the heavy lifting – monitoring, anomaly detection, audit-ready reporting – all with full transparency. Compliance isn’t just about keeping up any longer. It’s about staying one step ahead of threats.

A great example of this in action is Bank Rakyat Indonesia (BRI) which is using Cloudera to power the bank’s real-time fraud detection system – and the results are impressive. By pulling in data from multiple sources and running machine learning models at scale, they’ve gone from taking weeks to detect fraud to the process being near-instantaneous.

That’s a huge win – not just for compliance, but for customer protection, too. It shows how the right data platform can ensure customer data is handled securely and ethically, while enabling organisations to move faster, stay ahead of threats, and maintain trust through transparency and accountability.

How does Cloudera’s hybrid data platform support financial institutions when integrating compliance into their core operations?

With growing regulatory pressure and increasingly complex data environments, the real opportunity is to make compliance part of how the business runs, rather than an afterthought.

That’s where Cloudera’s hybrid data platform comes in. It gives institutions secure, governed access to data across on-prem, cloud, and hybrid environments – so they can unlock the full value of their data without crossing regulatory lines. It’s not just about storing data safely; it’s about breaking down silos, making sure it’s traceable, transparent, and usable from end to end.

What really sets Cloudera apart is how it brings AI, analytics, and governance together on one platform. That means banks can run machine learning models to monitor risk, flag anomalies, and surface compliance issues in real time – with full audit trails built in.

With tools like AI Inference Service and Agent Studio, teams can work even faster. These tools allow companies to deploy AI agents that actively support key compliance workflows – like KYC, AML, and regulatory reporting. Business users can tweak and adapt these workflows quickly using low-code tools, without waiting on IT.

Most importantly, Cloudera helps democratise data as a strategic asset. By enabling governed self-service access, it empowers every function – from risk and finance to operations and customer service – to make informed compliant decisions. This turns compliance from a constraint into a catalyst for innovation and resilience.

What are the biggest hurdles when rolling out AI in highly regulated environments like banking, and how do we overcome them?

In highly regulated sectors like banking, the biggest blockers to AI adoption aren’t just technical – they’re cultural too.

On the tech side, you’ve got fragmented data systems, latency issues, and the challenge of processing data in real time. That makes it hard for AI to deliver real value. But just as importantly, there’s often resistance to change, concerns about job security, and low AI literacy – all of which can slow things down and erode trust.

Our partnership with AWS helps financial institutions overcome these challenges by modernising data infrastructure without compromising on governance or compliance. By leveraging AWS Graviton processors, Apache Iceberg and Lakehouse Optimiser within Cloudera’s hybrid data platform, banks can process regulatory data more efficiently, reduce energy and storage costs, and scale AI responsibly. The result: faster deployment of AI for fraud detection, predictive compliance and customer insights – backed by full data lineage, auditability and trust.

Banks are also turning to Private AI where all model training and inference happen securely, right where the data lives – inside the organisation’s own infrastructure. It’s another way to keep sensitive data protected and gives stakeholders confidence that AI is being used responsibly.

As compliance standards evolve, how can banks build data infrastructure that’s both resilient and adaptable to future regulatory shifts?  

With frameworks like CPS 230 raising the bar on operational resilience and risk oversight, financial institutions need more than quick fixes. They need data architectures that are resilient by design and adaptable by default.

One approach is the open data lakehouse architecture. By blending the scalability and flexibility of data lakes with the performance and structure of data warehouses, this model supports a more unified, governed and analytics-ready environment. It allows institutions to maintain data integrity and lineage across hybrid environments, enables real-time insights without compromising control and supports cross-functional collaboration while enforcing consistent governance.

Crucially, an open architecture ensures that banks aren’t locked into a single vendor or cloud provider. This openness is key to long-term adaptability because let’s face it – compliance isn’t static. It’s a moving target. And the institutions that design for adaptability now will be the ones best positioned to navigate what’s next – without costly overhauls or disruption down the line.

Cloudera talks about unifying data across cloud and on-premises. Why is this critical for enabling AI-driven risk mitigation in FSIs?

Unifying data across cloud and on-prem environments is absolutely critical if banks want to get serious about AI-driven risk mitigation.

Right now, most banks are dealing with fragmented data – spread across legacy systems, private data centres, and multiple cloud platforms. And when your data is siloed like that, your AI models are flying blind. They can’t access the full picture needed to spot emerging risks, detect fraud, or predict market shifts with any real accuracy.

Cloudera breaks down those silos and creates a seamless data fabric, helping banks bring together real-time and historical data at scale – no matter where it lives. That unified foundation gives AI the fuel it needs to deliver smarter, faster, and more proactive risk insights.

In a high-stakes, heavily regulated industry like banking, this isn’t just a nice-to-have – it’s a strategic must. The ability to harness unified data across environments is what sets resilient, future-ready institutions apart from the rest.

Looking ahead, what do you see as the next frontier in AI for financial services beyond automation and document validation? 

Financial institutions are moving beyond basic automation and looking at how AI can become an active, intelligent partner – not just a tool for efficiency, but as an enabler of strategic business outcomes.

This is where Agentic AI comes in. Rather than simply responding to prompts or automating tasks, Agentic AI systems can reason, plan and act autonomously within defined guardrails. For banks, this opens the door to transformative use cases like real-time fraud interdiction, predictive compliance and hyper-personalised financial advice, tailored to individual customer profiles and delivered at scale.

But the real breakthrough lies in how these agents are deployed. According to Cloudera’s latest survey on Agentic AI, financial institutions are prioritising Agentic AI not just for efficiency, but for resilience and trust. In fact, 59% of surveyed IT leaders in finance plan to use AI agents for risk assessment, while others are deploying them for fraud detection (41%) and portfolio management (41%).

What’s driving this evolution is the convergence of four key capabilities:

1. Model flexibility – Institutions need the freedom to fine-tune and deploy the best open models (like Llama 3 or DeepSeek) without vendor lock-in.
2. Data gravity – AI agents operate where the data resides – on-prem or in the cloud – minimising risk and latency.
3. Infrastructure neutrality – Agents run across hybrid environments with full governance, ensuring compliance and auditability.
4. Ethical AI – In highly regulated sectors like finance, it’s not about what the agent can do, but whether it does it transparently, accountably and with integrity.

Platforms like Cloudera enable Agentic AI capabilities by unifying open models, secure hybrid data access and governed infrastructure – bringing AI compute to where the data lives with full control and flexibility.

In such a heavily regulated industry, how can institutions balance embracing innovation and managing risk when adopting new AI technologies?

Striking the right balance between innovation and risk isn’t easy. That’s why more financial institutions are leaning into the idea of “governed innovation” – pairing cutting-edge tech with the right level of oversight.

What does that look like in practice? It means testing new ideas in sandbox environments, building explainability and audit trails into every model, and making sure compliance teams are involved early, not just at the finish line.

This approach allows banks to move fast, but with guardrails. Features like model monitoring, version control, and rollback mechanisms are becoming essential – not just for managing risk but for building trust across the organisation.

When AI systems are secure, transparent, and adaptable, banks can innovate with confidence – meeting regulatory expectations while still pushing the boundaries of what’s possible.