V3I6P93

Artificial Intelligence in Cyber Risk Management Across United States Banking: A Systematic Review and Case-Based Synthesis of Threat Intelligence, Fraud Detection, Security Operations Automation, and Cyber Resilience

Evidence on the Extent to Which Artificial Intelligence Improves Cyber Risk Detection and Incident Response in United States Financial Institutions

Ayomipo Alademehin

Abstract

Artificial intelligence has become central to how United States financial institutions detect cyber threats, prevent fraud, operate security operations centers, and pursue cyber resilience, yet the question of how much it improves cyber risk detection and incident response, as distinct from how much it is marketed as doing so, remains incompletely answered. This paper addresses that question through a systematic review and case-based synthesis of the peer-reviewed literature, the regulatory and supervisory record, the industry and vendor evidence base, and a set of documented institutional case studies, assembled and appraised according to a transparent and replicable protocol. The review is organized around four application domains identified as central to contemporary practice, namely threat intelligence, fraud detection, security operations automation, and cyber resilience, and it evaluates within each domain the evidence for the effect of artificial intelligence on the speed and accuracy of detection and on the speed and effectiveness of response.

The synthesis finds that the evidence for a substantial and favorable effect is strongest and most consistent in fraud detection, where adaptive machine-learning systems have repeatedly outperformed the static rule-based systems that preceded them on the dimensions of detection accuracy, false-positive reduction, and real-time operation, and where large institutions report meaningful and quantified loss avoidance. The evidence is strong but more qualified in security operations automation, where artificial intelligence has materially compressed the time required to detect, triage, and contain incidents and has relieved the alert-overload and skills-shortage pressures that have long degraded security operations, while introducing new dependencies and failure modes that the evidence is only beginning to characterize. The evidence in threat intelligence is favorable but harder to isolate from confounding factors, and the evidence on cyber resilience as a system-level outcome remains the least mature. Across all four domains, the synthesis identifies a consistent and consequential countercurrent, namely that the same technology improving the defense is simultaneously available to the adversary, that artificial-intelligence systems introduce their own attack surface through adversarial manipulation and data poisoning, and that the opacity of the systems complicates the validation, explanation, and governance that the regulated banking context requires. The paper concludes that artificial intelligence improves cyber risk detection and incident response in United States banking to a degree that is real, domain-dependent, and meaningful but neither uniform nor unbounded, that the improvement is conditional on the data, the governance, and the human-machine integration that surround the technology, and that the net effect on cyber resilience depends on an adversarial co-evolution whose trajectory is not yet settled. A proposed agenda for the primary empirical research that the field still lacks is set out to guide the work that the systematic synthesis shows to be necessary.

Keywords:

Artificial intelligence; machine learning; cyber risk management; threat detection; incident response; fraud detection; threat intelligence; security operations center; cyber resilience; United States banking; financial institutions; adversarial machine learning; systematic review