GBAF Logo
Global Banking & Finance Awards® 2026 Nominations open, free to enter Nominate now →
TMX Group Urges Financial Services Firms to Use Extended AI Act Timeline to Strengthen Compliance Readiness - Technology news and analysis from Global Banking & Finance Review
Technology

TMX Group Urges Financial Services Firms to Use Extended AI Act Timeline to Strengthen Compliance Readiness

Published by Barnali Pal Sinha

Posted on July 16, 2026

4 min read
Add as preferred source on Google

Additional time under the EU AI Act should be used to build robust governance frameworks, as financial and reputational risks continue to grow

MANCHESTER, UK – The TMX Group is encouraging financial services and insurance organisations to make full use of the additional time provided under the European Union’s Artificial Intelligence Act, following the decision to postpone key obligations for certain high-risk AI systems until December 2027.

The extension provides businesses using AI in areas such as credit scoring, underwriting and fraud detection - with an opportunity to strengthen governance frameworks, review existing technologies, and prepare for a regulatory environment that will place increasing emphasis on transparency, accountability, and evidence-based decision-making.

The extension reflects the growing recognition that AI governance has become a strategic priority across financial services. Research from organisations including the World Economic Forum, the Bank for International Settlements (BIS), and McKinsey suggests that as AI adoption accelerates, financial institutions are increasingly investing in governance frameworks that support transparency, operational resilience, and regulatory compliance alongside technological innovation.

“The additional time is welcome,” said Martin Lucas of The TMX Group, a UK technology company that develops deterministic AI systems. "Many organisations have been working towards compliance, while supporting guidance and technical standards have continued to evolve. This extension provides an important opportunity to build the right foundations rather than rushing to implement short-term fixes."

However, the TMX Group believes firms should avoid viewing the revised timeline simply as extra time on the clock.

“The key question is how that time is used,” Lucas said. “Firms need to understand whether the AI systems they are adopting can ultimately support the levels of explainability, reproducibility and auditability that regulators, customers and stakeholders will increasingly expect.”

The EU AI Act introduces new obligations for high-risk systems in areas such as record-keeping, human oversight and the ability to provide meaningful explanations for decisions that affect individuals. In sectors such as banking and insurance, where automated decision-making can influence access to products and services. These requirements will increasingly shape AI governance strategies.

For banks, insurers, and fintech firms, compliance extends beyond meeting regulatory requirements. Governance frameworks increasingly need to demonstrate that AI systems operate transparently, support effective risk management, and can withstand regulatory scrutiny as automated decision-making becomes more deeply embedded in financial services.

"Compliance isn't just about documentation," Lucas added. "It will also mean organisations have to demonstrate how decisions were reached, and provide evidence that appropriate controls are in place."

The TMX Group also cautions that the consequences of failing to comply should not be underestimated. Under the EU AI Act, breaches relating to prohibited AI practices can attract fines of up to €35 million or 7% of total worldwide annual turnover, whichever is higher. Other infringements of the Act, including certain obligations placed on providers and deployers of AI systems, may result in penalties of up to €15 million or 3% of global annual turnover.

For financial services and insurance firms operating across several regions, the potential financial cost is significant, yet Lucas believes the wider implications could prove equally challenging.

"Companies that cannot demonstrate compliance risk face far more than a fine," he said. "They may face restrictions or suspension of non-compliant systems, heightened regulatory scrutiny, and damage to customer and investor trust that is difficult to rebuild.

"In a sector built on confidence - the reputational cost of being unable to explain or justify an automated decision can outweigh the regulatory one. Businesses that delay preparation may find themselves unable to deploy the AI systems they have come to depend on."

The TMX Group believes organisations should use the extended implementation period to evaluate not only their policies and governance processes, but also whether the underlying technologies they deploy are capable of supporting future compliance requirements.

Technologies such as cryptographic verification and immutable audit records are increasingly being adopted to strengthen governance, improve traceability, and support regulatory reviews. These approaches help organisations demonstrate that AI systems operate within defined controls while maintaining reliable evidence for internal and external oversight.

As AI regulation continues to evolve globally, organisations that use the extended implementation period to strengthen governance, improve transparency, and establish robust oversight are likely to be better positioned to support innovation while maintaining regulatory compliance and customer trust.

“The extension changes the timeline, but it doesn’t diminish the importance of preparing effectively,” Lucas said. “The organisations that use this period to build explainable, repeatable, governable, scalable and traceable AI systems will be in the strongest position as regulatory expectations continue to evolve.”

Related Articles

More from Technology

Explore more articles in the Technology category