Plain-language definitions of the terms that come up when you govern AI in financial services.
The processes, policies and controls that ensure AI systems are safe, compliant, fair and accountable across their lifecycle.
An attack that hides malicious instructions in user input or retrieved content to manipulate a model into unintended behavior.
A prompt crafted to bypass a model's safety controls and elicit restricted or harmful output.
A runtime control that inspects prompts and responses and blocks unsafe or non-compliant behavior before it reaches a user.
How often a safety system wrongly flags a legitimate request as an attack. Low FPR is essential for production use.
When a model generates confident but false or fabricated information — a serious risk in regulated advice.
Gradual degradation in a model's performance as real-world data diverges from its training distribution.
Adversarial testing that probes an AI system for vulnerabilities before attackers find them.
Standardized documentation of a model's purpose, data, performance and limitations for transparency and audit.
AI systems that plan and take autonomous, multi-step actions — requiring agent- and network-level oversight.
Retrieval-augmented generation: grounding a model's answers in retrieved documents, which introduces new injection risks.
Techniques that attribute a model's decision to input features so outcomes can be understood and audited.
The EU's risk-based AI regulation. Many BFSI use cases are "high-risk," triggering strict governance obligations.
A voluntary US framework structured around Govern, Map, Measure and Manage functions for AI risk.
The international standard for an AI management system (AIMS) — auditable processes for responsible AI.
India's Digital Personal Data Protection Act, governing consent, data rights and processing of personal data.
Keeping data within a specific jurisdiction or environment to meet legal and regulatory requirements.
Governing AI at the model, agent, application and network layers — not just one point in the stack.
See how Zytra operationalizes governance across every layer.