{"id":41176,"date":"2026-05-18T09:43:11","date_gmt":"2026-05-18T07:43:11","guid":{"rendered":"https:\/\/smartfense.com\/?p=41176"},"modified":"2026-05-18T15:16:05","modified_gmt":"2026-05-18T13:16:05","slug":"ai-financial-sector-human-factor-bafin","status":"publish","type":"post","link":"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/","title":{"rendered":"AI risks in the financial sector: why regulation is late to the human side"},"content":{"rendered":"<p>On May 12, 2026, at its annual press conference, <a href=\"https:\/\/www.bafin.de\/SharedDocs\/Veroeffentlichungen\/EN\/Reden\/re_260512_jahrespressekonferenz2026_en.html\">BaFin<\/a> joined the international financial regulators that have begun to formally warn about the risks that advanced artificial intelligence models pose to the financial sector. The line from its president, Mark Branson, says a lot in a few words. \u201cThese new AI models can identify many vulnerabilities in both new and existing IT systems with remarkable speed. They will be able to exploit the vulnerabilities they find ever more rapidly.\u201d<\/p>\n<p>What that paragraph says, soberly, in regulatory language, is that the clock has changed. Where vulnerability response time used to be measured in months, it is now measured in hours. That forces a rethink of where we put our attention when we talk about banking cybersecurity.<\/p>\n<h2>What did Germany say and why does it matter to the rest of Europe?<\/h2>\n<p>The German authority announced two things at once. One was predictable and already known; cyber risks are \u201cgrowing and consistent.\u201d The other is more interesting. It will create a new division dedicated to shorter, more frequent technical inspections on specific financial institutions. It calls them \u201cIT spotlight.\u201d<\/p>\n<p>The reasoning behind it is straightforward. If attackers can find and exploit flaws within hours, annual or quarterly audits arrive late. Branson said it bluntly. \u201cIn the past, patch management cycles could be measured in months. In the future, they will have to be completed within a few days, if not hours.\u201d An inspection that takes six months to close its report no longer inspects the present. It inspects a past that the market has already moved on from.<\/p>\n<p>That same logic is moving across the rest of Europe. The industry expects the UK\u2019s FCA and PRA to publish a coordinated framework on AI-driven cyber risk in finance in the coming months, modeled largely on BaFin. Italy and Spain, already subject to DORA and to the <a href=\"https:\/\/smartfense.com\/blog\/que-es-la-nis2-y-como-smartfense-puede-ayudarte-a-cumplir-con-la-normativa-europea\/\">NIS2 Directive<\/a>, will see similar pressure from Banca d\u2019Italia and Banco de Espa\u00f1a. Latin America, with the BCRA in Argentina and CNBV in Mexico as benchmarks, doesn\u2019t live on another planet. European parent companies and cross-audit processes will push the same requirement.<\/p>\n<h2>What \u201cIT spotlight\u201d inspections solve and what they leave out<\/h2>\n<p>An \u201cIT spotlight\u201d inspection is a technical review narrow in scope, designed to close in weeks rather than months. It does not replace traditional audits; it complements them with a more reactive layer. The idea is to respond better to what is happening right now.<\/p>\n<p>It\u2019s a step in the right direction. It\u2019s also a partial step.<\/p>\n<p>The reach of an inspection stays within what can be measured from outside the user. A technical review checks configurations, patches, network segmentation, identity management, cryptographic controls. It can confirm that the entire technical perimeter is up to date. It cannot confirm that the employee who will receive a phishing email on Tuesday at 11:10 knows how to recognize it, hesitate, report it, not click.<\/p>\n<p>The \u201cspotlight\u201d metaphor is telling without meaning to. The spotlight lights up one part of the stage very brightly. Whatever falls outside the beam stays dark.<\/p>\n<h2>Where regulators look and where attackers strike<\/h2>\n<p>The <a href=\"https:\/\/www.verizon.com\/business\/resources\/reports\/2025-dbir-data-breach-investigations-report.pdf\">Verizon Data Breach Investigations Report 2025<\/a> keeps reporting the same figure, year after year, with minor variations. Around 60% of confirmed breaches involve a human element: error, social engineering, internal misuse. The number doesn\u2019t change much because the vector hasn\u2019t changed. What changes is the sophistication with which each attempt is executed.<\/p>\n<p>That\u2019s what generative AI adds. Until two years ago, a phishing email targeted at a specific employee required research time, careful spelling, and knowledge of the company\u2019s context. Today a language model produces that email in seconds, with the right tone for the industry, the correct title for the recipient, referencing a real meeting visible on LinkedIn, in the exact internal communication format the entity uses.<\/p>\n<p>The employee receives an email that looks like it was written for them. If they have never practiced deciding under pressure in a realistic scenario, the firewalls behind them won\u2019t save them from the click. The door opens from the inside, without anyone needing to break it.<\/p>\n<p>A while ago we wrote on this blog about <a href=\"https:\/\/smartfense.com\/en\/blog\/cybersecurity-awareness-why-ai-cannot-replace-human-guidance\/\">why AI cannot replace human guidance in awareness programs<\/a>, and also about <a href=\"https:\/\/smartfense.com\/en\/blog\/what-your-siem-doesnt-see\/\">how to integrate human behavior into detection strategies<\/a>. What we flagged then accelerates with every new model. SIEMs don\u2019t see what happens in the employee\u2019s head in the seconds before the click.<\/p>\n<p><img decoding=\"async\" alt=\"Wide shot of a corporate office at end of day with darkened monitors in the background and, in a defocused foreground, a mail envelope and cup next to a keyboard on an empty desk\" src=\"https:\/\/smartfense.com\/file\/2026\/05\/apoyo-perimetro-vs-bandeja-1778938290.jpg\" \/><\/p>\n<h2>What can financial institutions in Italy, Spain and Latin America do today?<\/h2>\n<p>The answer is to build a program that trains people with the same frequency and specificity with which attackers target them. Doubling the technical budget is not enough.<\/p>\n<p>For each market\u2019s regulatory reality, practical steps vary. The principle is the same.<\/p>\n<p>In Italy, where Banca d\u2019Italia and IVASS supervise DORA compliance along with European Central Bank guidance on operational risk, the human factor is already named in the regulatory texts. It\u2019s named as one more data point, not as the core. Building a measurable awareness program, segmented by critical roles and connected to the risk management framework, is what closes the loop between audit and actual operations.<\/p>\n<p>In Spain, where Banco de Espa\u00f1a and the CNMV replicate the DORA framework with their own inspections, recurring findings point to three repeated gaps. Internal simulations exist but they are annual, reports exist but stay at aggregate level, and higher-risk segments are identified too late. A realistic simulation layer, distributed across time, translates those findings into metrics a supervisor can actually read.<\/p>\n<p>In Latin America, where the BCRA in Argentina and the CNBV in Mexico maintain specific requirements for financial institutions, the logic is the same with less prior infrastructure. The space to build a modern human-risk defense program from scratch is more open than in Europe.<\/p>\n<p>At SMARTFENSE we support financial institutions across Latin America, Spain and Italy with simulations contextualized by sector, training modules in the local language and reports that connect campaign results to individual risk profiles. <a href=\"https:\/\/smartfense.com\/en\/platform-2\/\">The platform<\/a> was designed so that a security team can keep pace with the cadence that an attentive regulator is starting to require.<\/p>\n<h2>The new rule. Measure human resilience at the speed of AI<\/h2>\n<p>Branson closed with a line that will be quoted often. In the past, patch cycles were measured in months; in the future, in hours. All the media attention goes to the speed of the technical response, and rightly so.<\/p>\n<p>There\u2019s a corollary that gets less airtime. If the patch cycle went from months to hours, the cycle for measuring the human factor has to move in the same direction. An annual phishing simulation works as an isolated event. It arrives late to the very risk it claims to control.<\/p>\n<p>What changes, then, goes beyond what regulators do. It changes the clock against which security teams measure their own people. Regulation is the external signal. The internal question is different. How often can you tell your CEO how much each team\u2019s resilience went up or down against the latest generation of attacks, instead of showing a half-yearly figure?<\/p>\n<p>That question has been around for a while. The difference is that the answer matters more now, and the technology to answer it is available. Active defense against human risk works as a concrete operational surface. It\u2019s where a well-designed program can produce visible improvement between one inspection and the next.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Germany launched IT spotlight inspections over AI risks in the financial sector. Regulation looks at the system. Attackers look at the people.<\/p>\n","protected":false},"author":31,"featured_media":41190,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[3,686],"tags":[2180,1362,456,2011,1216,849,2063,448],"class_list":{"0":"post-41176","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","6":"hentry","7":"category-blog","9":"tag-artificial-intelligence","10":"tag-cumplimiento-normativo-en","11":"tag-cyber-security","12":"tag-dora-en","13":"tag-ingenieria-social-en","14":"tag-phishing-en","15":"tag-riesgo-humano","16":"tag-security-awareness"},"acf":[],"yoast_head":" \n<title>Why AI regulation in finance is late on the human side<\/title>\n<meta name=\"description\" content=\"Germany launched IT spotlight inspections over AI risks in the financial sector. Regulation looks at the system. Attackers look at the people.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Why AI regulation in finance is late on the human side\" \/>\n<meta property=\"og:description\" content=\"Germany launched IT spotlight inspections over AI risks in the financial sector. Regulation looks at the system. Attackers look at the people.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/\" \/>\n<meta property=\"og:site_name\" content=\"SMARTFENSE\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-18T07:43:11+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-05-18T13:16:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/smartfense.com\/file\/2026\/05\/hero-3.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1376\" \/>\n\t<meta property=\"og:image:height\" content=\"768\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Andrea Sona\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Andrea Sona\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/ai-financial-sector-human-factor-bafin\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/ai-financial-sector-human-factor-bafin\\\/\"},\"author\":{\"name\":\"Andrea Sona\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/person\\\/3d5d7dc2e569f5c1af2daef92f35de00\"},\"headline\":\"AI risks in the financial sector: why regulation is late to the human side\",\"datePublished\":\"2026-05-18T07:43:11+00:00\",\"dateModified\":\"2026-05-18T13:16:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/ai-financial-sector-human-factor-bafin\\\/\"},\"wordCount\":1258,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/ai-financial-sector-human-factor-bafin\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/hero-3.jpg\",\"keywords\":[\"artificial intelligence\",\"Cumplimiento Normativo\",\"cyber security\",\"Dora\",\"ingenier\u00eda social\",\"phishing\",\"riesgo humano\",\"security awareness\"],\"articleSection\":[\"Blog\",\"Blog\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/ai-financial-sector-human-factor-bafin\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/ai-financial-sector-human-factor-bafin\\\/\",\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/ai-financial-sector-human-factor-bafin\\\/\",\"name\":\"Why AI regulation in finance is late on the human side\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/ai-financial-sector-human-factor-bafin\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/ai-financial-sector-human-factor-bafin\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/hero-3.jpg\",\"datePublished\":\"2026-05-18T07:43:11+00:00\",\"dateModified\":\"2026-05-18T13:16:05+00:00\",\"description\":\"Germany launched IT spotlight inspections over AI risks in the financial sector. Regulation looks at the system. Attackers look at the people.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/ai-financial-sector-human-factor-bafin\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/ai-financial-sector-human-factor-bafin\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/ai-financial-sector-human-factor-bafin\\\/#primaryimage\",\"url\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/hero-3.jpg\",\"contentUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/hero-3.jpg\",\"width\":1376,\"height\":768,\"caption\":\"Fachada sobria de un edificio bancario corporativo europeo al atardecer, l\u00edneas arquitect\u00f3nicas geom\u00e9tricas y ventanas iluminadas en secuencia r\u00edtmica, sin texto ni figuras humanas identificables\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/ai-financial-sector-human-factor-bafin\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"https:\\\/\\\/smartfense.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"AI risks in the financial sector: why regulation is late to the human side\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/\",\"name\":\"SMARTFENSE - Concienciaci\u00f3n en Ciberseguridad\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/smartfense.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#organization\",\"name\":\"SMARTFENSE\",\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-smartfense-240x40-1.png\",\"contentUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-smartfense-240x40-1.png\",\"width\":241,\"height\":40,\"caption\":\"SMARTFENSE\"},\"image\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/person\\\/3d5d7dc2e569f5c1af2daef92f35de00\",\"name\":\"Andrea Sona\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/andrea-sona-avatar-150x150.png\",\"url\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/andrea-sona-avatar-150x150.png\",\"contentUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/andrea-sona-avatar-150x150.png\",\"caption\":\"Andrea Sona\"},\"description\":\"Da anni nel settore informatico, Analista Informatica di professione, negli ultimi anni specializzata in cybersecurity awareness e formazione digitale, attualmente collaborando in SMARTFENSE. Con esperienza nel supportare aziende e organizzazioni nella diffusione della cultura della sicurezza informatica. Appassionata di innovazione e comunicazione tecnologica, contribuisce attivamente al dibattito sulla sicurezza digitale attraverso contenuti divulgativi.\",\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/in\\\/andrea-sona-58238b83\\\/\"],\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/author\\\/andrea-sona\\\/\"}]}<\/script>\n ","yoast_head_json":{"title":"Why AI regulation in finance is late on the human side","description":"Germany launched IT spotlight inspections over AI risks in the financial sector. Regulation looks at the system. Attackers look at the people.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/","og_locale":"en_US","og_type":"article","og_title":"Why AI regulation in finance is late on the human side","og_description":"Germany launched IT spotlight inspections over AI risks in the financial sector. Regulation looks at the system. Attackers look at the people.","og_url":"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/","og_site_name":"SMARTFENSE","article_published_time":"2026-05-18T07:43:11+00:00","article_modified_time":"2026-05-18T13:16:05+00:00","og_image":[{"width":1376,"height":768,"url":"https:\/\/smartfense.com\/file\/2026\/05\/hero-3.jpg","type":"image\/jpeg"}],"author":"Andrea Sona","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Andrea Sona","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/#article","isPartOf":{"@id":"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/"},"author":{"name":"Andrea Sona","@id":"https:\/\/smartfense.com\/en\/#\/schema\/person\/3d5d7dc2e569f5c1af2daef92f35de00"},"headline":"AI risks in the financial sector: why regulation is late to the human side","datePublished":"2026-05-18T07:43:11+00:00","dateModified":"2026-05-18T13:16:05+00:00","mainEntityOfPage":{"@id":"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/"},"wordCount":1258,"commentCount":0,"publisher":{"@id":"https:\/\/smartfense.com\/en\/#organization"},"image":{"@id":"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/#primaryimage"},"thumbnailUrl":"https:\/\/smartfense.com\/file\/2026\/05\/hero-3.jpg","keywords":["artificial intelligence","Cumplimiento Normativo","cyber security","Dora","ingenier\u00eda social","phishing","riesgo humano","security awareness"],"articleSection":["Blog","Blog"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/","url":"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/","name":"Why AI regulation in finance is late on the human side","isPartOf":{"@id":"https:\/\/smartfense.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/#primaryimage"},"image":{"@id":"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/#primaryimage"},"thumbnailUrl":"https:\/\/smartfense.com\/file\/2026\/05\/hero-3.jpg","datePublished":"2026-05-18T07:43:11+00:00","dateModified":"2026-05-18T13:16:05+00:00","description":"Germany launched IT spotlight inspections over AI risks in the financial sector. Regulation looks at the system. Attackers look at the people.","breadcrumb":{"@id":"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/#primaryimage","url":"https:\/\/smartfense.com\/file\/2026\/05\/hero-3.jpg","contentUrl":"https:\/\/smartfense.com\/file\/2026\/05\/hero-3.jpg","width":1376,"height":768,"caption":"Fachada sobria de un edificio bancario corporativo europeo al atardecer, l\u00edneas arquitect\u00f3nicas geom\u00e9tricas y ventanas iluminadas en secuencia r\u00edtmica, sin texto ni figuras humanas identificables"},{"@type":"BreadcrumbList","@id":"https:\/\/smartfense.com\/en\/blog\/ai-financial-sector-human-factor-bafin\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"https:\/\/smartfense.com\/en\/"},{"@type":"ListItem","position":2,"name":"AI risks in the financial sector: why regulation is late to the human side"}]},{"@type":"WebSite","@id":"https:\/\/smartfense.com\/en\/#website","url":"https:\/\/smartfense.com\/en\/","name":"SMARTFENSE - Concienciaci\u00f3n en Ciberseguridad","description":"","publisher":{"@id":"https:\/\/smartfense.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/smartfense.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/smartfense.com\/en\/#organization","name":"SMARTFENSE","url":"https:\/\/smartfense.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/smartfense.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/smartfense.com\/file\/2023\/08\/logo-smartfense-240x40-1.png","contentUrl":"https:\/\/smartfense.com\/file\/2023\/08\/logo-smartfense-240x40-1.png","width":241,"height":40,"caption":"SMARTFENSE"},"image":{"@id":"https:\/\/smartfense.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/smartfense.com\/en\/#\/schema\/person\/3d5d7dc2e569f5c1af2daef92f35de00","name":"Andrea Sona","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/smartfense.com\/file\/2026\/05\/andrea-sona-avatar-150x150.png","url":"https:\/\/smartfense.com\/file\/2026\/05\/andrea-sona-avatar-150x150.png","contentUrl":"https:\/\/smartfense.com\/file\/2026\/05\/andrea-sona-avatar-150x150.png","caption":"Andrea Sona"},"description":"Da anni nel settore informatico, Analista Informatica di professione, negli ultimi anni specializzata in cybersecurity awareness e formazione digitale, attualmente collaborando in SMARTFENSE. Con esperienza nel supportare aziende e organizzazioni nella diffusione della cultura della sicurezza informatica. Appassionata di innovazione e comunicazione tecnologica, contribuisce attivamente al dibattito sulla sicurezza digitale attraverso contenuti divulgativi.","sameAs":["https:\/\/www.linkedin.com\/in\/andrea-sona-58238b83\/"],"url":"https:\/\/smartfense.com\/en\/author\/andrea-sona\/"}]}},"_links":{"self":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts\/41176","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/comments?post=41176"}],"version-history":[{"count":3,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts\/41176\/revisions"}],"predecessor-version":[{"id":41234,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts\/41176\/revisions\/41234"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/media\/41190"}],"wp:attachment":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/media?parent=41176"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/categories?post=41176"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/tags?post=41176"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}