Navigating Treasury’s New AI Governance Framework for Financial Services 

On February 19, 2026, the U.S. Department of the Treasury released two new resources to guide the responsible use of artificial intelligence (AI) in the financial sector: a Shared Artificial Intelligence Lexicon and the Financial Services AI Risk Management Framework (FS AI RMF). For financial institution executives and security leaders, understanding what these resources require and how to put them into practice is an important next step. 

Background 

As organizations across the globe increasingly rely on AI to support decision-making, customer engagement, and operational functions, inconsistent terminology and uneven risk management practices have created challenges for effective governance and oversight. In response, Treasury developed these resources through the Financial and Banking Information Infrastructure Committee and the Financial Services Sector Coordinating Council’s Artificial Intelligence Executive Oversight Group (AIEOG), as part of the Administration’s broader AI Action Plan. 

The FS AI RMF adapts the existing NIST AI Risk Management Framework to the specific operational, regulatory, and consumer protection considerations of financial services. The accompanying AI Lexicon establishes common definitions for key AI concepts, capabilities, and risk categories, enabling clearer communication across regulatory, technical, legal, and business functions. 

What Was Released 

Shared Artificial Intelligence Lexicon 

The AI Lexicon establishes common definitions for key AI concepts, capabilities, and risk categories. It enables clearer communication across regulatory, technical, legal, and business functions and supports more consistent supervision and implementation. 

Even for those beyond the financial services industry, this Lexicon can help create a shared understanding of commonly-used AI-related terms. 

Financial Services AI Risk Management Framework (FS AI RMF) 

The FS AI RMF provides practical tools and reference materials to help financial institutions evaluate AI use cases, manage risks across the AI lifecycle, and embed accountability, transparency, and resilience into AI deployment decisions. The framework is designed to be scalable and flexible, supporting adoption by institutions of varying size and complexity. Treasury noted that clear terminology and pragmatic risk management are essential to accelerating AI adoption, with these resources specifically intended to help institutions move faster by reducing uncertainty and supporting consistent, scalable implementation. 

How Financial Institutions Can Utilize the New FS AI RMF 

The FS AI RMF is designed to be practical and actionable, not just a policy document. Executives can use it as a foundation for building or strengthening their institution’s AI governance program in several key areas. 

Establish a Common Language 

One of the most immediate steps an organization can take is aligning internal terminology with the Treasury AI Lexicon. Inconsistent definitions across engineering, risk, legal, and compliance teams create gaps in oversight. Adopting a shared vocabulary improves internal coordination and positions the institution for more consistent engagement with regulators and supervisory authorities. 

Conduct an AI Use Case Inventory 

Before risk can be managed, it must be identified. Executives should ensure their institution has a clear and current inventory of all AI systems in use across business lines. This includes understanding where AI is supporting decision-making, customer interactions, fraud detection, and operational functions, as each use case carries its own risk profile. 

Embed AI Governance into Existing Risk Frameworks 

The FS AI RMF is not intended to operate in isolation. It is designed to align with existing cybersecurity and operational risk programs. Executives should look to integrate AI governance into established control environments rather than building a separate structure, ensuring AI risk is treated with the same rigor as other enterprise risks. 

Define Accountability and Oversight Structures 

The framework calls for clear ownership of AI systems and defined governance structures. Executives should ensure there are documented responsibilities for AI development and oversight, appropriate approval processes for higher-risk use cases, and visibility at the senior leadership and board level where warranted. 

Manage Risk Across the Full AI Lifecycle 

The FS AI RMF takes a lifecycle-based approach, meaning governance obligations do not end at deployment. Institutions should have processes in place covering the full arc of an AI system, from initial use case evaluation and data preparation through ongoing monitoring, performance review, and eventual decommissioning. 

What’s Next 

The AI Lexicon and FS AI RMF are part of a broader series of AIEOG deliverables addressing priority areas such as identity, fraud, explainability, and data practices. Treasury has indicated it will continue working with federal and state regulators, industry leaders, and other stakeholders to advance the AI Action Plan and reinforce the safety and stability of the U.S. financial system. Executives should monitor further guidance as these efforts develop.