As APAC’s financial services sector rapidly adopts AI to automate trading, loan processing, and customer service, organisations are introducing a new, unmanaged identity into their most sensitive systems — the AI agent.
These agents challenge traditional, human-centric security practices built for predictable human behaviour, creating a critical and urgent risk gap in the financial services sector.
The identity crisis of the AI agent
AI agents are no longer experimental tools running in isolation. They are becoming first-class actors in enterprise environments. They initiate workflows, access sensitive data, and act across multiple systems at machine speed. As these agents increasingly connect to applications, enterprise security is no longer defined by any single product or platform. It is defined by how much visibility and control enterprises have over those connections.
Agentic AI systems operate autonomously. Without identity-first security, governance, and compliance embedded from the outset, organisations risk placing decision-making authority into systems that exist outside traditional oversight controls. This shift opens new attack surfaces, creates compliance blind spots, and challenges the very structures that enterprises rely on to maintain operational, regulatory, and reputational integrity.
As adoption of agentic AI accelerates across the region, enterprises face a complex set of security challenges. One of the most immediate is the rapid proliferation of non-human identities, with machine-to-human identity ratios estimated at 92:1.
For every employee you manage, there are dozens of autonomous digital entities acting on your behalf. From software agents to service accounts, unchecked growth creates gaps in visibility and control, making it difficult to track who or what has access to critical systems. At the same time, the use of multiple AI frameworks complicates the enforcement of uniform policies across environments.
Adding to the complexity are AI-specific attack vectors. Threats such as prompt injection, model manipulation, and supply chain compromises are increasingly common, and their technical sophistication often exceeds the protections offered by traditional security controls. These risks occur against a backdrop of growing regulatory complexity.
The compliance and trust risk
In finance’s highly regulated environment, an overprivileged or compromised AI agent is not just a security breach. It’s a direct threat to compliance and the core of customer trust.
Current regulations around the region expect organisations to remain accountable for the actions of their systems. For instance, the Monetary Authority of Singapore’s consultation paper on industry guidelines underlines the importance of board and senior management oversight for AI governance and risk management.
Yet findings from Okta’s “Oktane on the Road AI” security poll show that fewer than 10% of organisations across the Asia Pacific and Japan region believe their identity systems are fully prepared to secure AI agents and other non-human actors. This gap leaves organisations exposed to both operational and regulatory risks as AI adoption accelerates.
AI agents need to be treated as identities in their own right, subject to the same lifecycle management, access controls, and monitoring as human users. This includes enforcing least-privilege access, maintaining full visibility into agent activity, and moving toward continuous authorisation for high-risk actions. Identity and access control are not just technical safeguards but essential mechanisms for tracking agent activity, enforcing accountability, and ensuring alignment with compliance obligations.
Building a secure agentic enterprise
Traditional identity and access management systems used by banks and insurers are not designed to manage autonomous, machine-based identities. Organisations must answer fundamental questions: Where are all my AI agents, what are their decision rights, and how do I audit their actions in real time?
To mitigate risks, financial institutions should consider a “secure agentic enterprise” model. This requires implementing a zero-trust security posture that governs every AI agent with the same, or greater, rigour as a human employee. An identity framework that spans both human and machine identities can help sustain digital innovation while maintaining the integrity of the financial system.
Identity plays a central role in controlling agentic AI by supporting visibility, lifecycle management, and accountability for agent activity. Strong identity governance can help build trust, which is important for organisations using AI safely and responsibly over time.
To safeguard trust, financial services organisations scaling AI ambitions in APAC need to prioritise identity security, bridge identity gaps, and strengthen the security of critical systems.
