Canada's financial regulator wants insurers to keep their controls in step with AI systems that can now reason and act on their own.
The Office of the Superintendent of Financial Institutions released a bulletin in July 2026 on generative and agentic artificial intelligence, setting out sound practices to help federally regulated institutions - insurers among them - manage the technology's effect on their operations. Generative AI creates content, OSFI notes, while agentic AI adds autonomous reasoning and execution. Both can lift productivity, but they also speed up and scale up cyber and operational risks in ways that test existing risk management frameworks.
The bulletin builds on OSFI's earlier work on frontier AI models, and its practices line up with three existing guidelines: B-13 on technology and cyber risk, E-21 on operational risk and resilience, and B-10 on third-party risk.
OSFI's first concern is governance. AI adoption can move faster than the frameworks meant to oversee it, and systems can operate with little human supervision while leaning heavily on third-party models, data, and application programming interfaces. When senior managers do not fully grasp the technology, OSFI warns, they can lean too hard on vendor assessments. The regulator suggests strengthening management literacy, tying AI strategy to risk appetite, folding AI risk into enterprise risk management, and setting clear limits on how much autonomy a system is given.
Accuracy is a second theme. Generative AI can produce hallucinated outputs - inaccurate or misleading results - and agentic AI can act on them, triggering downstream actions and data leakage. OSFI advises treating AI outputs as inputs to a decision rather than the decision itself, and keeping a human accountable for material calls.
The bulletin also turns to software. Generative AI can write code quickly but may reproduce insecure patterns, and an agent can push flawed code into production on its own. OSFI suggests validating AI-generated code before deployment and enforcing approval checkpoints for high-risk actions.
On access, the regulator flags the danger of over-privileged AI agents and shared credentials, pointing to multi-step risks such as data exfiltration through tools or APIs. It recommends unique non-human identities, least-privilege and scoped permissions, and short-lived, just-in-time credentials.
AI cuts both ways in security, OSFI says. It fuels automated phishing and malicious code, but institutions can also use it to detect and contain threats faster. Finally, the bulletin urges insurers to map their AI dependencies, test outage scenarios, keep manual fallbacks, and require third parties to disclose how they use AI - since a failure in one AI service can ripple across institutions.
The full text of the bulletin is available at https://www.osfi-bsif.gc.ca/en/risks/technology-cyber-risk-management/technology-risk-bulletin/generative-agentic-artificial-intelligence-implications-technology-cyber-security-operational.