Six gates that every AI workflow inside a bank must clear before it touches money, why each one exists, and how we keep them cheap enough to clear in a day.

22 April 2026·6 min·Veetso engineering team, reviewed by Dr Reza Rezaey

Responsible AI is a list of gates, not a brand statement.

Most "responsible AI" pages we have read describe values rather than controls. Values are easy to write down and hard to enforce. We prefer to talk about gates: the checks an AI-touching workflow has to pass before it is allowed near a regulated process.

This post explains the six gates we apply at Veetso, why each exists, and how we keep them cheap enough that engineering teams actually clear them.

The six gates we apply to every AI workflow

Every AI feature inside the bank passes the same six checks before it ships. None is optional, and none is paperwork for its own sake. Each one is documented, has a named owner, and is verifiable from the audit log.

01. Use-case registration

Before a single line of model code runs, the use case is described and registered: what question the model answers, who consumes the answer, what data it sees, and what decision (if any) flows from the answer. The register is the index of every place AI touches the bank.

02. Data classification

Every dataset the model can see is classified by sensitivity, ownership, retention, and AI eligibility. A document that has not been classified cannot be retrieved by the Brain, full stop. This is the input gate.

03. Access scoping

Permissions on the AI surface match the permissions on the underlying systems. If a user cannot read the document directly, the model cannot retrieve it on their behalf. AI does not become a backdoor.

04. Source attribution

Every internal answer carries a citation back to the document, the revision, and the paragraph. External drafting is marked as drafting. Nothing is presented as fact without a chain back to it. See the attribution post for the implementation detail.

05. Human oversight

A named human approves any decision the model contributes to. The reviewer's identity is recorded on every approval, alongside the model's recommendation and the source it cited.

06. Vendor due diligence

Every model provider and infrastructure supplier passes a documented review covering security, residency, retention, incident response, and a no-training contractual basis. Reviews are renewed annually or when the vendor changes their terms.

Why "values" pages do not work

Most responsible-AI pages we have seen are written for the launch and never consulted again. They describe what the company wants to be true rather than what it actually checks. When a developer sits down to ship a feature, the values page is not in the loop. The result is a system that publishes a polished posture and ships unaudited models behind it.

Our gates work in the opposite direction. The developer cannot ship without clearing them, and the audit log proves that they did. The values page describes the same thing, but if the page disappeared tomorrow, the gates would still be there.

The cost of gates that are too expensive

We learned this the hard way at previous places: every gate has to be cheap enough that engineering teams clear it without resistance. If the path to a small AI feature is three weeks of paperwork, you get a culture of shadow models. People ship AI inside the codebase and pretend it is "a heuristic" or "a lookup table" to dodge the review.

So we tuned our gates to a day each, with templates. The use-case registration is a one-page form. Data classification has defaults the system applies automatically and asks you to confirm. Vendor due diligence is a checklist that gets updated, not rewritten, when something changes.

The result is that we can say yes to far more AI than a typical bank can, because each yes is bounded. That is the deal: tight controls, large surface area.

What we tell engineering teams

Three sentences. Repeated every time we onboard someone new.

Anything that touches money, customer data, or a compliance decision goes through the six gates. The gates are quick if you start with them and slow if you bolt them on at the end. If a gate is in your way for a reason you can articulate, write the reason down and tell the steering committee.

The last sentence is the important one. The gates are a default, not a religion. When a real case argues for change, the change goes through governance like any other proposal. That is how a controls system stays alive instead of turning into a museum.

FAQ

Questions readers ask

What is responsible AI in banking?

Responsible AI in banking is a set of controls, not a values statement, that every AI workflow inside the bank must clear before it touches a regulated process. At Veetso, those controls are six gates: use-case registration, data classification, access scoping, source attribution, human oversight, and vendor due diligence. Each is documented, owned by a named person, and verifiable from the audit log.

Why don't values pages prevent AI risks?

Values pages describe what a company wants to be true, not what it actually checks. They are written for the launch and rarely consulted again when an engineer ships a feature. Controls (gates) work the opposite way: the developer cannot ship without clearing them, and the audit log proves they did.

How long does it take to clear an AI gate?

At Veetso, each of the six gates is tuned to about one day's work. Use-case registration is a one-page form, data classification has defaults the system applies automatically, vendor due diligence is a maintained checklist. If a gate becomes a multi-week process, engineering teams build shadow models to avoid it, so cheap gates are the whole point.

Who is accountable when an AI-assisted decision goes wrong?

A named human, never the model. The bank's decision authority always sits with a person whose identity is recorded in the customer file and the audit log. AI accelerates the work; it does not absorb the accountability.

Do these gates apply to internal-only AI as well?

Yes. Internal knowledge retrieval through Veetso Brain clears all six gates the same way a customer-facing workflow would. Internal use cases are lower-risk but not zero-risk: leakage, drift, and over-reliance are all things the gates exist to catch.