In 2023 the largest banks banned ChatGPT. By 2026 many of the same banks had put AI assistants in the hands of tens of thousands of employees. The industry paid a steep price for the lesson: a ban does not stop AI use – it just moves it underground and without oversight. This is how banks went from blocking to secure enablement.
The last three years of AI in banking is a textbook example of why a blunt block is a bad idea. When ChatGPT took off in the early part of 2023, the biggest banks did what regulated institutions do: they blocked it. JPMorgan, Goldman Sachs, Citigroup, Bank of America, Wells Fargo and Deutsche Bank blocked or banned employees from using it, on the grounds of third-party data-handling and compliance risk. It was the safe-looking move. And it was also not enough on its own – because a block is a front door that is closed but all other doors are open.
Fast-forward to 2026, and several of those same institutions run some of the most ambitious internal AI deployments in any industry. Morgan Stanley's OpenAI-powered assistant reached 98% adoption among its financial-advisor teams. JPMorgan launched an internal suite of LLMs to tens of thousands of employees. Goldman Sachs rolled out its GS AI Assistant across the firm. Banks did not give up caution – they swapped the blunt instrument of blocking for a more nuanced approach: secure enablement. This guide is about how that change occurred, why blocking fails, and the practical framework banks use to enable employees to be productive with AI without putting the institution at risk.
The industry went through three phases in about three years. Knowing the curve explains why "just block it" is now the wrong answer – and what took its place.
The uncomfortable truth banks discovered: a ban doesn't eliminate AI use, it eliminates AI visibility. It can't keep models out of company PCs, but it can't keep models out of employees' personal phones – and a motivated employee with a deadline will paste that spreadsheet into ChatGPT on their own device, where the bank has no monitoring, no redaction, no record. Blocking turns a governable risk into an invisible one. The Samsung case made this real: 20 days after approving ChatGPT, engineers leaked confidential source code and meeting notes three times – and that was with approval, in the open, where it could at least be seen.
The banks that get this right all arrive at the same four-part solution. It is not a question of productivity versus security, but of building the framework in which the employee gets the tool and the institution retains control.
Not all employees and not all tasks are equal and it is this that makes governance feel like friction. Banks that protect productivity use tiered controls – light touch for low risk use and tighter control where regulated data is in play.
| Use case | Data involved | Control posture |
|---|---|---|
| Drafting internal memos, brainstorming | No client or regulated data | Light — allow & log |
| Summarizing public market research | Public information only | Light — allow & log |
| Coding assistance | Internal (non-production) code | Medium — inspect for secrets |
| Client-facing analysis, advisory prep | Client PII, account data | Strict — redact/block CHD & PII |
| Anything touching MNPI or deal data | Material non-public information | Strict — block to ungoverned tools |
This is not just sound practice – it is driven by a pile of banking-specific obligations: GLBA and Reg S-P for customer financial data, SR 11-7 model-risk-management expectations, FINRA/SEC supervision and recordkeeping rules, MNPI and information-barrier requirements, and new AI-specific guidance. All of them require you to be able to show you have control over where sensitive data goes. An AI governance program that generates logs and enforces policy is not only safer – it is the answer to the examiner's question.
The pattern is very similar for all the institutions that went from banning to enabling: build or license a safe tool and then govern access to it and around it.
Banks that won did not have to choose between security and productivity – they rejected the idea that it was a
— Polygraf AI, on secure AI enablement in bankingWhat is the actual risk of how your people are using AI right now? Polygraf's AI Risk Calculator shows you your exposure to breach, regulatory and litigation risk and which obligations apply from GLBA to SR 11-7 to state privacy laws based on your tools, data types and current controls.
If you are moving your institution from blocking (or from an ungoverned free-for-all) to secure enablement, this is the order to follow
Polygraf AI is the control layer that makes "enable without exposing" a reality. It is where employees interact with any AI tool, whether approved or not, and scrubs every prompt in real time for the data types banks need to protect: customer PII, account and card numbers, MNPI and source code. It strips and blocks that data before it leaves the environment, so employees can continue to be productive on their daily tasks while the specific interactions that would violate GLBA, expose MNPI or leak client data are automatically stopped. And it records every decision, providing the audit trail that examiners and model-risk teams need. Because it is on-premise with zero data egress and sub-100ms latency, it controls AI use without adding a new data-exposure point or slowing down employees. It is how a bank says yes to AI productivity without saying yes to the risk.
Polygraf AI audits every AI prompt for PII, account data, MNPI, and source code – redacting or blocking it before it is sent out, with the audit trail the regulators need. Productivity and control, together. On-premise, sub-100ms, zero data egress.
At Polygraf, we envision a future where AI augments human capabilities without compromising safety, privacy, or ethical standards. Trust in our commitment to building this future with you.
© 2026 Polygraf AI. All rights reserved.
Your download will start now.
Please provide information below and we will send you a link to download the white paper.