How is AI changing South Africa's financial sector?

But along with gains in efficiency has also come a rise in new risks, from deepfake fraud and synthetic identities to increased liability associated with automated decision making.

As adoption accelerates, regulators and industry bodies are moving to establish clear governance frameworks and accountability standards. With insurers moving towards more explicit AI-related cover, businesses must balance innovation with compliance, ensuring they are protected in an increasingly complex and rapidly evolving digital risk landscape.

However, this rapid uptake is already translating into measurable risk.

Legal risk increasing due to AI system

The rapid adoption of AI is leading to a growing list of developments across industries. For example, Stanford University 2025 AI index The report said AI-related “incidents” recorded worldwide in 2024 are expected to increase by 56.4% compared to the previous year.

It is safe to say that any organization using AI faces potential risks. In March 2026, California jury found media platform meta And youtube Liable for $3 million in damage claims related to its algorithm.

We've also seen Tesla held liable for a fatal vehicle accident involving its Autopilot system, and Air Canada forced by a tribunal to honor a waiver accidentally granted by its chatbot. In the United Kingdom, an AI facial-recognition system misidentified a woman as a shoplifter, leading to a baseless search and emotional trauma.

Closer to home, the Financial Sector Conduct Authority (FSCA) has raised concerns about deepfake videos of prominent figures endorsing fraudulent schemes, a trend that has already been linked to the eventual liquidation of at least one financial services provider. Meanwhile, generic AI developers are facing massive intellectual property lawsuits over their training datasets.

Globally, lawmakers are struggling to catch up. The European Union has adopted its own comprehensive AI Act, and Denmark is considering copyright protection for personal likenesses against deepfakes. Here in South Africa, a draft of the National AI Policy Framework was published in 2024 and is expected to be gazetted soon for a formal 60-day public consultation process, but it is expected to be finalized only during the 2026/2027 financial year.

Source:Supplied. Jared Shorkend, associate at Weber Wentzel.

Regulatory changes in financial services

In the absence of clear legislative or policy guidelines, South African regulators and industry bodies are taking steps to set the rules of the game, particularly in the insurance sector. In November 2025, the FSCA and the Prudential Authority (PA) jointly published a landmark, first-of-its-kind report titled Artificial intelligence in the South African financial sector.

This joint report provides a clear picture of where the industry stands: While banks lead the way in AI adoption at 52%, the insurance sector has taken a more cautious approach, adopting AI at only 8%.

However, insurers are planning to significantly expand the use of AI in underwriting and claims management. To manage this effectively, the FSCA and the PA are urging financial institutions to adopt strong governance frameworks, ensure board-level oversight, and implement recognized 'explanatory methods' so that AI-driven decisions are transparent and auditable.

They also mandate that institutions clearly disclose whether AI influences consumer-related decisions, such as credit evaluation or insurance pricing.

Furthermore, AI is fundamentally changing the fraud landscape. Criminals are now using AI to create “artificial identities” – combining stolen real IDs with fake names and AI-generated images to bypass insurers’ onboarding verifications.

From title deeds to kidnapping: The threat of property fraud is on the rise in South Africa

In response to these sophisticated threats, leading industry bodies such as the Association for Savings and Investments South Africa (ASISA) and the South African Insurance Association (SAIA) are taking a collaborative approach. Asisa and Saaya have jointly established a Computer Security Incident Response Team to monitor emerging cyber threats, report on attack patterns and share intelligence across the region.

Outside the direct insurance sector, we are also seeing bodies such as the Independent Regulatory Board for Auditors, the South African Institute of Chartered Accountants and the Association of Arbitrators issuing important guidance on using AI responsibly.

These guidelines will likely inform how courts apply the classic Kruger v Coetzee test for negligence, i.e. asking whether a reasonable professional would have anticipated the loss and taken steps to prevent it.

Ultimately, any data-processing or privacy issues associated with AI systems will also require strict alignment with the information regulator under the Protection of Personal Information Act (POPIA). In this context, the information regulator has raised concerns that the number of data breaches occurring in South Africa has increased dramatically, with the number of security compromise incidents increasing by 40% in 2025 compared to the previous year.

Insurance Feedback: Silent vs Affirmative Cover

In view of these profound changes in the way businesses operate, the risk landscape has fundamentally changed, making adequate insurance coverage essential. Right now, most policies cover AI risks through “silent cover”, meaning that AI is not mentioned explicitly, but the risks are covered under general policy wordings.

In contrast, “positive cover” would explicitly target AI risks. As AI claims inevitably increase and coverage disputes develop, we can expect the insurance industry to move increasingly toward clear, positive AI policies.

For businesses adopting AI, it is important to prioritize comprehensive AI coverage, as well as ensure strong governance frameworks, POPIA compliance and ongoing monitoring of regulatory developments.