Finastra Establishes AI Security & Governance

Finastra, one of the world's largest financial services technology companies, serves more than 2,000 global customers with a workforce of 10,000 employees. Its platforms power mission-critical financial services across retail banking, transaction banking, lending, and treasury capital markets. Finastra recognized the power of the Databricks AI platform as a foundation for its AI innovation, leveraging its robust, unified data and AI services. In order to accelerate adoption of AI applications and agents, while meeting its responsible AI mandates, Finastra also deployed the PointGuard AI platform to maintain the rigorous security and compliance standards demanded in financial services.

➡️ Download the Case Study

Even with a secure foundation on Databricks—including the Databricks AI Security Framework—the rapid, decentralized growth of AI initiatives introduced new risk and complexity:

• Complex AI environments: Multiple ML platforms, third-party models, SaaS services, and clouds fragmented governance and made consistent enforcement difficult.
• Visibility gaps: Disparate teams launched projects without centralized oversight of applications, agents, data flows, and model endpoints.
• Integrating security into workflows: While Databricks provided a strong foundation, embedding consistent policies across development and deployment was manual, creating friction and inefficiency at scale.
• Evolving AI threats: Defending against risks like prompt injection, data exfiltration, and adversarial attacks required proactive, continuous testing.
• AI supply chain risk: Open-source and third-party models created vulnerabilities and licensing issues that were hard to track without a dedicated solution.
• Compliance with evolving AI regulations. Rapidly changing rules demanded automated governance and audit-ready reporting beyond native platform capabilities.

Finastra partnered with PointGuard AI to address these pain points with a comprehensive, end-to-end AI Trust, Risk and Security Management platform designed to complement the Databricks platform and bolster its AI security and governance.

• Unified platform: PointGuard AI consolidated discovery, risk management, and compliance across the AI supply chain, eliminating multiple tools and manual workarounds.
• Deep Databricks integration: Governance and guardrails were embedded directly into Databricks, aligned with production data and pipelines.
• Centralized discovery: Automatic inventory of services, models, datasets, and MLOps resources created real-time dashboards and auditable histories for enterprise-wide governance.
• Security guardrails: Automated policies enforced consistent security and governance across AI development and deployment.
• Data protection: Sensitive data was safeguarded through enforced access policies and monitoring against misuse or exfiltration.
• Continuous red teaming: Built-in adversarial testing simulated real-world attacks to detect risks like prompt injection, data leakage, and jailbreaks.
• Automated governance: Centralized assessments and exportable audit trails replaced manual approvals, giving legal and compliance teams faster reviews and audit readiness.

With PointGuard AI operationalizing governance on top of Databricks, Finastra accelerated secure AI innovation and achieved five key outcomes:

• Reduced complexity and tool sprawl by centralizing discovery, guardrails, and governance across the AI ecosystem.
• Proactive risk mitigation through continuous adversarial testing and automated controls.
• Streamlined, automated governance with centralized assessments and exportable audit trails.
• Improved security and compliance posture with consistent policy enforcement, data protection, and visibility.
• Faster time-to-value as audit and approval friction decreased and teams focused on high-impact work.

Summary

Finastra already had a strong AI foundation on Databricks. However, as adoption spread rapidly across business units, the organization faced new challenges—tool sprawl, uneven guardrails, adversarial threats, and growing regulatory scrutiny. The speed and breadth of this expansion required more than a secure base platform; it demanded a dedicated layer to unify governance, ensure visibility, and proactively address evolving risks.

PointGuard AI delivered that layer. By automatically discovering and governing AI assets, enforcing guardrails, protecting sensitive data, embedding continuous red teaming, and generating audit-ready evidence, PointGuard AI turned governance from a manual burden into an integrated capability. This gave Finastra confidence that every AI initiative—from pilots to production—operated securely, complied with regulations, and aligned with enterprise standards.

The outcome is faster, safer AI innovation. With PointGuard AI and Databricks together, Finastra now balances agility with accountability—accelerating the benefits of AI while maintaining the trust of regulators, customers, and partners.

➡️ Download the Case Study