Issue #23
Weekly Banking Intelligence: July 03 to July 09, 2026
THIS WEEK’S SIGNAL
The “AI experimentation” era in banking is over. Active AI use across financial services more than doubled from 30% in 2024 to 75% in 2026, according to a KPMG report released this week. That is not a gradual trend. That is a step change. At the same time, the Fed, OCC, and FDIC issued revised model risk guidance (SR 26-2) in April, regulators are now explicitly warning that AI could threaten financial system stability, and the explainable AI market in banking is on track to hit $1.61 billion this year. The industry is not debating whether to use AI. It is now being held accountable for how. Why it matters: banks that are still running AI pilots without enterprise governance frameworks, explainability controls, and architecture capable of supporting agentic workloads are not behind on technology; they are behind on risk management, and regulators are beginning to notice.
DEEP DIVE
AI Industrialization, Regulatory Accountability, and the Architecture Gap
Here is what caught my attention this week. Three things happened simultaneously, and most people are treating them as separate stories. They are not.
First, the usage numbers. KPMG’s report puts active AI adoption in financial services at 75% this year, up from 30% two years ago. Camunda’s 2026 State of Agentic Orchestration and Automation Report adds that three quarters of banking and financial services firms are already using AI agents, with 82% planning to increase automation spending over the next two years. These are not aspirational numbers. They representproduction deployments.
Second, the regulatory posture shifted. In April 2026, the Fed, OCC, and FDIC jointly issued SR 26-2, revised supervisory guidance on model risk management that explicitly addresses generative AI. This week, regulators went further, issuing public warnings that AI could threaten financial system stability. The FinCEN alert on deepfake fraud targeting financial institutions is still active. The message from Washington is no longer “proceed thoughtfully.” It is “show us your controls.”
Third, Microsoft and Temenos used the TCF 2026 conference to announce embedded agentic banking operations within the Temenos Transact core platform. Agentic AI, meaning AI systems that can take autonomous action across workflows without human approval at each step, is now being marketed as a core banking feature, not a bolt-on. When the core platform itself is making autonomous decisions, the governance question stops being theoretical.
Why it matters: SR 26-2 requires banks to treat AI models with the same rigor they apply to credit models and market risk models. That means model inventories, validation protocols, ongoing monitoring, and documented explainability. Most banks running AI pilots today do not have those controls in place at scale.
The gap between what banks are deploying and what they can demonstrate to an examiner is widening every quarter. Why it also matters at the architecture level: the explainable AI market in banking is projected to reach $1.61 billion in 2026, growing at a 23.8% compound annual growth rate. That growth is being driven by two things: fraud detection requirements and regulatory pressure for model interpretability. Banks still running product-centric, legacy core architectures face a compounding problem. Their data is siloed by product, which makes it harder to build the unified customer-level views that AI models require, and harder still to explain AI decisions to regulators when the underlying data lineage is fragmented. The PYMNTS piece this week put it plainly: instant payments and digital banking are already exposing the limits of product-centriccores. AI governance is about to expose them further.
The question I would be asking in every board meeting right now is this: if a regulator asked you today to produce a complete inventory of every AI model in production, the data it uses, the decisions it influences, and the controls governing those decisions, how long would that take? If the honest answer is weeks or months, that is not an AI problem. That is an operating model problem, and it needs a different kind of fix.
MARKET MOVES
Grab Completes Stash Acquisition
Grab Holdings, the Southeast Asian super-app operator, completed its 100% acquisition of Stash Financial on July 1, 2026. Stash is a U.S.-based digital financial services company, and Grab paid for an initial 50.1% equity stake at closing with the remainder structured to follow. This is Grab’s most direct move yet into U.S. consumer financial services, pairing its regional payments and lending infrastructure with Stash’s domestic user base and investment product capabilities.
Why it matters: U.S. banks should pay attention to this deal less for what Stash is today and more for what Grab intends to build. Grab has already demonstrated in Southeast Asia that a super-app model can displace traditional banking relationships at scale. Bringing that playbook into the U.S. market with a licensed fintech as the entry point is a different kind of competitive threat than another neobank launch. The institutions most at risk are those competing primarily on convenience rather than relationship depth.
Axos Acquires San Francisco AI Fintech
Axos Financial agreed to acquire a San Francisco-based fintech for its AI technology, the terms of which were not disclosed. This follows Axos’s finalization in May of a $2.3 billion deposit purchase from SMBC MANUBANK’s Jenius Bank division, and a separate agreement to acquire $3.2 billion in individual retirement account deposits from Capital One. Axos is clearly in an aggressive acquisition posture, combining deposit growth with technology capability in the same period.
Why it matters: Axos is not a bank that moves slowly. Pairing a significant deposit acquisition with an AI technology buy in the same quarter signals that the bank is positioning for a specific capability build, not just balance sheet growth. The interesting thing is that most banks approaching AI capability still try to build it internally. Axos is buying it. That is a faster path, but it only works if the acquired technology can actually integrate with the bank’s existing architecture. That integration question is where most of these deals succeed or fail.
VENDOR SIGNALS
Danske Bank Extends AWS Partnership
Danske Bank has extended its agreement with Amazon Web Services (AWS) to accelerate AI implementation, modernize IT systems, and strengthen its cloud and data foundations across the bank. The extension is framed explicitly around faster AI deployment and productivity improvement, not simply infrastructure migration.
Why it matters: The framing matters here. Danske is not describing this as a cloud migration. They are describing it as an AI enablement investment. That is the direction the market is moving: cloud infrastructure is becoming the prerequisite, not the destination. Banks that have not yet established a stable cloud and data foundation are not just behind on infrastructure. They are behind on the preconditions for AI deployment at scale.
Microsoft and Google Cloud: Commercial Banking AI Buildout Continues
Microsoft published a detailed look this week at how its agentic AI capabilities are being applied in corporate and commercial banking, covering decision support, workflow automation, and relationship management functions. Separately, a fintech pulse report flagged continued partnership activity between HSBC and Google Cloud in this same space.
Why it matters: The hyperscalers are not waiting for banks to define the use cases. They are defining them and bringing them to market. For bank technology leaders, the relevant question is not whether to engage with Microsoft or Google Cloud on AI. It is whether your architecture, your data governance, and your vendor contracts are structured to let you move quickly when a use case is ready, and to retain control of the outcomes when something goes wrong.
The GENIUS Act Creates New Infrastructure Requirements
The Guiding and Establishing National Innovation for U.S. Stablecoins (GENIUS) Act is now law, and its implications for bank technology infrastructure are more significant than most institutions appear to have internalized. Banks seeking to issue stablecoins or custody digital assets under the GENIUS Act framework must treat wallet and safekeeping capabilities as regulated infrastructure, subject to supervisory scrutiny and adversarial threat environments, operating on a 24/7 basis.
Why it matters: This is not a crypto story for banks that have already decided to sit out digital assets. It is an infrastructure story for any bank that may want optionality in this space over the next three to five years. Wallet custody and digital asset safekeeping require architectural capabilities that cannot be bolted onto a legacy core after the fact. Banks that want to compete in this space will need to have made the foundational architecture decisions before the regulatory window opens fully.
REGULATORY PULSE
Thought Machine Crosses $100 Million in Annual Recurring Revenue
Thought Machine, the cloud-native core banking platform provider, announced this week that it has surpassed $100 million in annual recurring revenue, with revenue up 57% in 2025. The company alsosecured $40 million in new funding from a bank investor and has pushed its IPO target to 2028. Thought
Machine’s Vault platform competes directly with Mambu, 10x Banking (founded by former Barclays CEO Antony Jenkins), and Finxact in the cloud-native core segment.
Why it matters: A vendor crossing $100 million in recurring revenue with 57% year-over-year growth is no longer a startup. It is a credible enterprise platform with the financial stability to support long-term bank partnerships. The IPO delay to 2028 is worth watching: it suggests the company is prioritizing revenue scale and margin improvement over a near-term exit, which is generally a positive signal for bank clients who do not want their core vendor distracted by public market pressures. Banks evaluating cloud-native core platforms should treat Thought Machine’s financial profile as a meaningful data point in vendor due diligence.
Intesa Sanpaolo Moves Core IT to Google Cloud
Italy’s Intesa Sanpaolo, one of Europe’s largest banks by assets, announced it is shifting its core IT banking systems to Google Cloud. The deal, reported by Reuters, represents one of the most significant hyperscaler commitments by a major European bank to date.
Why it matters: This is not a workload migration. Moving core IT systems to a hyperscaler is an architectural commitment that affects everything downstream: data residency, vendor dependency, AI infrastructure, and regulatory compliance across multiple jurisdictions. When a bank of Intesa’s scale makes this move, it signals that the risk calculus on hyperscaler dependency has shifted at the board level. U.S. banks watching from the sidelines should be asking whether their own cloud strategy is a real strategy or just a series of opportunistic workload lifts.
Bank of Sydney Goes Live on Infosys Finacle on AWS
Bank of Sydney completed its go-live on the Infosys Finacle Digital Banking Suite, running on Amazon Web Services. Infosys Finacle is a core banking platform used by financial institutions across more than 100 countries.
Why it matters: The Finacle-on-AWS combination is becoming a repeatable pattern for mid-size banks outside the U.S. seeking to modernize without building bespoke infrastructure. Each live reference client strengthens the vendor’s ability to win the next deal. Banks currently evaluating core modernization options in the Asia-Pacific region should note that this is a production deployment, not a pilot.
GFT Positions AI-Powered Migration Tooling
GFT, a global technology services firm specializing in financial services, is actively marketing AI-powered core banking modernization capabilities, positioning its tooling as a real-time migration engine capable of stabilizing transaction flows during a live core cutover.
Why it matters: Migration risk is the single biggest reason banks delay core modernization. If AI-assisted migration tooling can genuinely reduce cutover risk, that changes the risk-reward calculation for banks that have been sitting on the sideline. The question worth asking any vendor making this claim is: show me a production reference where AI tooling managed a live transaction cutover on a core with more than $5 billion in assets. The marketing is ahead of the evidence, but the direction is right.
BanBif Selects Finastra
BanBif, a Peruvian bank, selected Finastra for its core banking platform. Finastra is one of the largest financial technology vendors globally, serving institutions across retail, corporate, and trade finance.
Why it matters: Finastra continues to win in markets where large, proven platforms carry more weight than cloud-native agility. The selection reinforces that the core banking market is not converging on a singlearchitecture model. Different institutions at different stages of maturity are making different bets, and the vendor landscape will remain fragmented for the foreseeable future.
Mercury Conditional OCC Approval
Mercury, a fintech banking platform serving startups and small businesses, received conditional OCC approval for its own national bank charter (Mercury Bank, N.A.) in April 2026, with final approval possible in 2027.
Why it matters: A fintech with a national bank charter is no longer a fintech. It is a bank with a technology culture, and that is a different competitive threat than a fintech relying on a bank sponsor. Banks serving the startup and small business segments should be watching Mercury’s charter progression closely.
TALENT SIGNALS
Lloyds Banking Group Creates Chief Data and AI Officer Role
Lloyds Banking Group appointed Sameer Gupta to a newly created Chief Data and AI Officer position, consolidating data strategy and AI leadership under a single executive. This is consistent with a pattern emerging across Tier 1 banks: rather than treating AI as a technology function, they are elevating it to enterprise leadership.
Why it matters: When a bank the size of Lloyds creates a C-suite role that combines data and AI governance, it is not an organizational chart decision. It is a signal about where accountability for AI outcomes is being placed. Banks that have not yet resolved the question of who owns AI risk, not just AI development, are creating a governance gap that SR 26-2 will eventually surface.
BMO Harris Bank Is Hiring AI and Governance Roles
BMO Harris Bank is actively hiring for AI engineering and AI governance roles, consistent with the broader Tier 1 pattern of building internal capability rather than relying entirely on vendor-delivered AI.
Why it matters: The banks building internal AI governance teams now are the ones that will be able to demonstrate model risk controls to examiners without scrambling. The banks that are not will be explaining gaps to regulators in the next examination cycle. AI governance headcount is rising because AI adoption requires it. That is not a coincidence.
United Roosevelt Savings Bank Selects COCC
United Roosevelt Savings Bank (URSB), a community bank based in Carteret, New Jersey, selected COCC as its core banking technology partner. COCC is a cooperative technology provider serving community and mid-size banks primarily in the northeastern United States.
Why it matters: Community banks continue to consolidate around a smaller set of proven technology partners. COCC’s cooperative model gives smaller institutions access to shared infrastructure investment that they could not fund independently. For community banks evaluating core options, the cooperative model deserves a serious look alongside the commercial platform vendors.
CB RADAR UPDATE

Why it matters: This week’s CB Radar entries reflect two distinct dynamics. On the community and mid-market side, banks are still making deliberate, stability-driven core selections, with URSB and COCC being a clean example. On the enterprise and vendor side, the competitive landscape is accelerating: Thought Machine’s revenue milestone, Intesa’s Google Cloud commitment, and the Temenos-Microsoft agentic announcement all signal that the top of the market is moving faster than most community and regional bank executives realize. The gap between what the largest institutions are deploying and what mid-market banks are evaluating is widening. That gap has a shelf life.
RICK’S STRATEGIC TAKE
➜ The regulatory conversation shifted this week from guidance to warning. SR 26-2 is already in effect. Regulators are now publicly stating that AI poses systemic risk. If your bank does not have a model inventory that covers AI systems, a documented explainability framework, and clear ownership of AI risk at the executive level, that is the conversation to have with your leadership team before your next examination, not after.
➜ The Intesa-Google Cloud deal and the Temenos-Microsoft agentic announcement are not vendor news. They are architecture news. The largest banks in the world are making long-term infrastructure commitments to hyperscalers and embedding autonomous AI into their core platforms. Banks that have not resolved their own cloud strategy, their data architecture, and their AI governance model are not just behind on technology. They are behind on the capability to compete for the partnerships, the talent, and the regulatory standing that the next five years will require.
➜ I have seen this pattern before. A major capability shift happens at the top of the market. Mid-market and community banks watch it, debate it, and wait for it to become more proven. By the time it feels safe, the competitive gap has already been established. The banks that are having the hard architecture and governance conversations right now, not the easy pilot conversations, are the ones that will be in a stronger position when the examiners and the competitors both arrive.
For a deeper framework on what AI-ready core architecture actually requires, see CSP’s CB Architecture Series at coresystempartners.com.
Want the Full Picture?
Subscribe to BIS, the Banking Intelligence Service from Core System Partners, for the full breakdown including Rick’s Strategic Take on the governance gap, the CB Radar vendor tracking signals, and the regulatory pulse analysis covering what SR 11-7 does and does not cover for agentic deployments, delivered weekly. Banking Intelligence Service
For CSP’s full analysis of what the Fed and Treasury are actually concerned about—and a framework for what AI-ready architecture requires—visit Core System Partners.
Continue With Core System Partners
- Contact Us: https://coresystempartners.com/#contact
- The Strategic Flywheel (book): https://coresystempartners.com/resources/strategicflywheel/
- Core Insider (weekly newsletter): https://coresystempartners.com/resources/newsletter/

