Skip to main content

Deconstructing the Cyber Risk Institute Financial Services Artificial Intelligence Risk Management Framework

From KPMG contributors to the Cyber Risk Institute Financial Services Artificial Intelligence Risk Management Framework

Download PDF
Share

The Cyber Risk Institute (CRI) officially published the Financial Services AI Risk Management Framework (FS AI RMF) – a significant milestone in advancing responsible AI across the financial services industry. The U.S. Treasury press release available here: https://home.treasury.gov/news/press-releases/sb0401

About the CRI Financial Services artificial intelligence risk management framework

The CRI FS AI RMF empowers financial organizations of all sizes with a common framework to identify, evaluate, manage, and govern the risks associated with AI. Forged by industry leaders and built upon broad industry consensus, the effort involved a diverse body of more than 100 financial institutions, trade associations, expert advisors, and tool providers. As part of this industry collaboration, KPMG served as a key contributor and author to the development of the FS AI RMF. U.S. and international agencies, most notably the National Institute of Standards and Technology (NIST), also played a pivotal role.

Alignment with existing frameworks, standards, and regulatory guidance

The CRI FS AI RMF is engineered to integrate with and enhance an organization's existing risk management functions, serving as a universal supplement – not a replacement. It is directly aligned with the National Institute of Standards and Technology (NIST) AI Risk Management Framework and other leading global standards, enabling financial institutions of all types and sizes to confidently navigate their AI journey.

Your Journey with the Framework

To gain a deeper understanding, we invite you to dive into our thinking by downloading the full "Deconstructing the Cyber Risk Institute FS AI RMF" publication. This guide details the framework's four key elements:

Component

Description

AI Adoption Stage Questionnaire

A tool to help pinpoint your organization’s current AI adoption stage and customize your approach.

Risk and Control Matrix

A robust matrix with 230 control objectives linked to risk statements and trustworthy AI principles.

Detailed User Guide

Comprehensive background information, glossary, source material, and other informative references.

Control Objective Reference Guide

Illustrative examples of controls and effective evidence to aid implementation of each control objective.

 

You can also explore the FS AI RMF and leverage its resources directly on the CRI website: http://cyberriskinstitute.org/artificial-intelligence-risk-management/

Dive into our thinking:

Deconstructing the Cyber Risk Institute FS AI RMF

Download PDF

Meet our team

As a key contributor, KPMG brings distinct insight into the framework's design and intended application. Contact us to help your organization navigate the adoption and implementation of the FS AI RMF.

Image of Matthew P. Miller
Matthew P. Miller
Principal, Advisory, Cyber Security Services, KPMG US
Read bio
Image of Breah Sandoval
Breah Sandoval
Director, Advisory, Cyber Security Services, KPMG LLP
Read bio
Image of Karolina Oseckyte
Karolina Oseckyte
Director, Cyber Security Services, KPMG US
Read bio
Image of Matthew P. Miller
Matthew P. Miller
Principal, Advisory, Cyber Security Services, KPMG US
Read bio
Image of Breah Sandoval
Breah Sandoval
Director, Advisory, Cyber Security Services, KPMG LLP
Read bio
Image of Karolina Oseckyte
Karolina Oseckyte
Director, Cyber Security Services, KPMG US
Read bio

KPMG. Make the Difference.


Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates or related entities.

The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation. KPMG LLP does not provide legal services.

The information contained herein is not intended to be “written advice concerning one or more Federal tax matters” subject to the requirements of section 10.37(a)(2) of Treasury Department Circular 230.

© 2026 KPMG LLP, a Delaware limited liability partnership, and its subsidiaries are part of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the KPMG global organization please visit https://home.kpmg/governance.

Thank you!

Thank you for contacting KPMG. We will respond to you as soon as possible.

Contact KPMG

Use this form to submit general inquiries to KPMG. We will respond to you as soon as possible.
All fields with an asterisk (*) are required.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's . Privacy Statement

An error occurred.

Job seekers

Visit our careers section or search our jobs database.

Search now!

Submit RFP

Use the RFP submission form to detail the services KPMG can help assist you with.

Submit

Office locations

View locations

International hotline

You can confidentially report concerns to the KPMG International hotline

Learn more

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.

Contact

Headline