How Treasury Can Confront the AI Trust Gap

Treasury professionals are wired to focus on risk mitigation and control when approaching new processes and technologies. For people who succeed in managing financial operations, that’s part of their DNA. This naturally creates skepticism toward technologies that seem to work like black boxes—in other words, those that are difficult for laypeople to understand.

Add in the highly sensitive nature of financial data and the strict regulatory environment treasury teams work in, and their skepticism grows much stronger. As governments and industry groups develop new standards for AI governance and usage, treasury leaders have to navigate an increasingly complex compliance environment in order to capture AI’s benefits, adding more friction to decisions around whether to adopt these tools.

But the biggest sticking point may be data quality. Treasury operations depend on accurate, timely financial information. Any process or system that could compromise data integrity is simply unacceptable. Before deploying an AI system, organizations must understand how it handles sensitive financial information, whether it actually maintains data privacy, and how staff members can make sure its AI-generated insights are both accurate and explainable.

Security and Privacy: the Non-Negotiables

Financial data is obviously incredibly sensitive, and the fallout from a cybersecurity breach of a treasury system would be serious. Any treasury AI strategy must be built on a strong, purpose-fit security foundation—and the footings underlying that foundation must include a data-security strategy.

In most companies, the treasury group either co-manages its AI data-security strategy with the organization’s information security team or receives data policies from InfoSec. Either way, the treasury team needs precise policies that spell out what types of data AI applications can use, what measures treasury needs to take to protect that data, and what guardrails the company requires around model training and data sharing. In particular, it’s crucial for treasury to ensure that no one ever uses sensitive corporate financial data to train public AI models or hands off data to third parties without airtight controls.

AI data-security policies must govern several different approaches to incorporating AI into treasury processes. They should address the use of AI models embedded within treasury applications. They must also set forth data-security requirements for AI models that vendors support outside the treasury system, particularly when their controls are not covered within the vendor’s SOC 2 Type II reports. Policies must also cover the transfer of data to and from internally approved and IT-supported AI tools, which may include integration with a data warehouse like Snowflake or an analytics platform like Databricks.

Each of these scenarios necessitates a different level of oversight and control over private treasury data. Either treasury or the information security team, or both, should ask vendors detailed questions about how they embed or integrate AI models into treasury systems. For example, the InfoSec group needs to understand whether a vendor whose treasury system includes AI functionality offers a private large language model (LLM). A private LLM is tailored to one specific company and offers greatly enhanced capabilities to keep that company’s data internal. By contrast, public LLMs, such as those used by the public version of ChatGPT and similar tools, are designed to make information available to the general public for tasks like text summarization and data analysis. It’s also helpful to know whether the solution provides “explainable AI” so that non-experts can comprehend the model’s reasoning and potential biases.

What makes security requirements around AI different for treasury than for other departments is the sensitivity of both the information feeding AI models and the outputs being produced. For this reason, treasury teams can only have AI models that use internal company information. This could be to support cash forecasting, hedging recommendations, or even automating a daily cash positioning process.

Similarly, the AI output must be visible exclusively within the organization—not shared across multiple customers of the AI vendor. Additionally, even when outputs are available only within the organization, it is essential to verify that an AI-based solution offers separation of duties. For instance, the tool should prohibit cash managers from accessing information that they are not explicitly authorized to receive, restricting access by job function as well as geographic responsibility.

Data Quality: Get It Right, or AI Will Get It Wrong

In addition to their AI data-security policies, treasury organizations need to put solid data-governance frameworks in place to ensure the accuracy, completeness, and consistency of data across all systems that will feed information into treasury’s AI-enabled applications. That’s because trustworthy AI starts with trustworthy data. Without high-quality, accurate data, even the most sophisticated AI systems will produce unreliable results that undermine decision-making.

These challenges are on full display in the realm of cash forecasting. For AI to be effective in projecting future cash flows, a company’s AI models must be trained using fully reconciled bank transactions and cash positions—over a long time horizon. Identifying prior forecast patterns and exceptions is where AI can outperform more traditional forecasting methods, so AI solutions require a great deal of data to be able to identify and learn from patterns.

Many forecast models struggled in the years following the pandemic, as payment and receivables data during 2020 skewed the results drawn from this time period. AI, on the other hand, is designed to identify patterns and exceptions, which effectively trains the model to learn “around” the data, enabling it to outperform more rigid linear regression and extrapolation techniques. In the same vein, AI can consume new data inputs and provide accurate forecasts for new business scenarios, such as predicting the impacts of a changing tariff landscape on cash and working capital.

Especially with forecasting, treasury teams can compare and contrast forecast scenarios with and without AI to understand which forecast model was better over a 6- or 13-week period, for example. Such a forecast variance analysis can help shape a treasury team’s decisions on when and where to most effectively use AI for responsibilities such as cash forecasting.

Solidifying the technical details of AI models and implementing an effective data strategy to harness the power of AI for treasury are crucial to AI success, but they are not the end of the project. Once the treasury and InfoSec teams have the technology and safeguards sorted out, they must undertake what might be the largest challenge of all: creating a culture shift so that AI can be effectively integrated into treasury operations.

For details on how to facilitate this shift, see the second article in this series.