Why American Bankers Want More AI Regulation Than Europeans (And Why That's Backwards)
American financial professionals are asking for something unusual: more government regulation of artificial intelligence. Meanwhile, their European counterparts, who live under the world's most prescriptive AI rulebook, are calling for regulatory restraint. This reversal exposes a fundamental problem with how governments are trying to govern technology that moves faster than legislatures can keep up with.
Why Are U.S. Bankers Suddenly Pro-Regulation?
For decades, American financial regulation has followed a predictable playbook. Regulators write detailed rules, banks follow them, and everyone knows where they stand. In 2011, federal regulators issued SR 11-7, a set of prescriptive guidelines for how banks should govern artificial intelligence models used in fraud detection and compliance. That framework lasted 15 years untouched and became the global gold standard for model risk management.
This regulatory stability created a deeply held conviction in the U.S. financial sector: when the next big technological shift arrives, Washington will figure it out and write the rules. But that assumption is crumbling. When regulators finally revised SR 11-7 in April 2026, they explicitly excluded generative and agentic AI from its scope. There is still no comprehensive federal AI law on the books, and the path to one remains uncertain.
A survey of 600 senior compliance leaders across three regions found that nearly a quarter of North American financial crime professionals want regulation to come first, with innovation developing inside predefined guardrails. That appetite reflects their discomfort with the current vacuum. Without the regulatory certainty they're accustomed to, many U.S. bankers feel adrift.
What Went Wrong With Europe's AI Act?
Europe took the opposite approach. Rather than waiting for technology to mature, the European Union built the world's most comprehensive AI rulebook. The EU AI Act threw out Europe's traditional philosophy of flexible, principles-based regulation and tried to pin down a technology that moves faster than any legislature can keep up with.
The results have been discouraging. The European Commission missed its own deadlines for providing guidance on high-risk AI systems. Standards bodies tasked with developing technical requirements missed theirs too. Enforcement of the high-risk provisions has been pushed back 16 months to December 2027. Executives from major European companies including ASML, Airbus, Ericsson, Nokia, SAP, Siemens, and Mistral AI have publicly warned that the EU is regulating itself out of the global AI race.
Ironically, European compliance leaders are now more likely than their American counterparts to say that innovation should be allowed to lead the way. The continent that produced the EU AI Act is favoring regulatory restraint, while the home of Silicon Valley is showing a measurable appetite for Washington to write the rules first.
What Does a Better Approach Look Like?
The United Kingdom's Financial Conduct Authority (FCA) may be the first major regulator to acknowledge openly that the traditional approach is broken. In December 2025, FCA Chief Executive Nikhil Rathi declined to create new AI-specific rules, calling AI a technology where "the frontier is moving every three to six months." He went further, noting that "there needs to be a different relationship between regulator and regulated".
"There needs to be a different relationship between regulator and regulated," stated Nikhil Rathi, Chief Executive of the Financial Conduct Authority.
Nikhil Rathi, Chief Executive, Financial Conduct Authority
Rathi isn't proposing a refinement of the existing supervisory model. He's saying the model itself doesn't fit the technology. The old cycle of write, comply, update, repeat simply doesn't work at the speed of AI. The real takeaway is that models of regulation, not just regulations themselves, need to change for AI.
How Can Regulators and Banks Build a New Framework?
The answer is neither an innovation-led approach nor a regulation-first model, but a fundamentally different relationship between regulator and regulated. This relationship would be continuous, adaptive, and built for the speed of AI rather than the speed of legislation.
- Continuous Engagement: Rather than waiting for formal rule-making cycles, regulators and banks should engage in ongoing dialogue about emerging risks and opportunities in AI deployment.
- Documented Rationale: Banks should use AI where it makes sense, particularly to augment the process of detecting financial crime and reduce high-volume noise that often obscures meaningful signals during detection.
- Regular Performance Checks: Banks should demonstrate they have the means to regularly check if AI performs as intended, exactly what banks should be doing with any form of control framework.
- Adaptive Standards: Rather than prescriptive rules that become outdated in months, regulators should establish principles and let banks demonstrate compliance through documented processes that evolve with the technology.
No major jurisdiction has fully defined what this looks like yet. The EU's AI Act was Europe's attempt to be a trailblazer, but they ended up needing to backtrack on the scope of the legislation. Rathi has not indicated that the FCA is moving in this direction yet, but industry observers expect to see some consultations in the second half of 2026 that move the industry toward this new model.
The honest reality, as Rathi has noted, is that none of us truly knows how much or how quickly AI is going to develop over the coming years. That's why now is the time to test out hypotheses and engage with regulators. The best way to predict the future is to invent it, not to legislate it.