Policy for AI in finance
The finance addendum to company AI policy: data classes with teeth, the approved-tool list, configuration change control, and vendor-model management.
If your company has an AI acceptable-use policy (the strategy course's one-pager), finance needs an addendum, not a rival policy — four sections that exist because finance's stakes and rules are stricter than the company baseline:
- Data classes, finance edition. The company policy's classes get finance-specific instances with zero ambiguity: unreleased financial results (material non-public — approved enterprise tools only, need-to-know even there), vendor banking details and payroll data (never in prompts, masked in all lab-style work — a leaked bank-change process is a diversion kit), transaction-level ledger data (approved tools with data-processing agreements), published statements and public rates (open season). The test of a good class list: a tired analyst at month-end can classify any paste in five seconds.
- The approved-tool list, with owners. Which AI tools may touch which class, who approved each pairing, and the review date. New tool requests route through the company intake (if one exists) plus a finance sign-off — because 'the marketing team's approved tool' and 'approved for ledger data' are different claims. Shadow-tool amnesty applies here too: better to know.
- Configuration change control. Prompts, thresholds, matching rules, and detection logic in production finance workflows change via: proposed change + reason → test against the suite → second-person review → dated changelog entry. It's the journal-entry discipline applied to configuration — and it's the section auditors will be most pleasantly surprised to find.
- Vendor & model management. Contracts require notification of material model changes; the team re-runs test suites on notification (and quarterly regardless — silent drift is real); each critical vendor dependency has a documented degradation plan ('if the extraction service dies during close, we key manually per the old SOP, which lives here'). Continuity planning for AI dependencies is ordinary vendor risk management — finance has done it for banks and payroll providers forever; the muscle transfers.
Keeping it alive (the part most policies skip)
The addendum gets a named owner, a semi-annual review date, and — the strategy-course trick — calibration metrics: if exception requests pile up against one rule, the rule is miscalibrated; if the approved-tool list hasn't changed in a year while the team's usage has, the list is fiction. A policy that measures its own fit stays a tool; one that doesn't becomes a document people route around, and routed-around policies are worse than none because they look like coverage. One page of addendum, honestly maintained, beats twelve pages of aspiration.
This lesson is deliberately the floor-level version. The full apparatus — risk taxonomies, control matrices mapped to frameworks, incident runbooks, regulatory horizon-scanning — is the AI Governance, Risk & Compliance course, and if you're the person who ends up owning finance's AI controls, take it next; your Module 5 artifacts here slot directly into its templates. The strategy course's governance charter is the executive wrapper both plug into.