Singapore's MAS Consortium Releases Executive Handbook on AI Risk Management for Financial Institutions

Singapore issues comprehensive AI Risk Management Executive Handbook for financial institutions

16 January 2026 | 3 minute read

The MindForge consortium has released the AI Risk Management: Executive Handbook to help financial institutions scale AI with trust across the enterprise. It's built to work alongside the proposed MAS Guidelines on AI Risk Management and gives leaders a clear path to govern traditional AI, Generative AI, and emerging agentic systems without slowing delivery.

Why this matters for finance leaders

Regulatory expectations on AI are rising. Boards, CEOs, CROs, CIOs, and Heads of Model Risk need a single operating model that aligns policies, risk appetite, third-party controls, and day-to-day decisions. This Handbook turns that into a practical playbook you can implement based on your current maturity.

Background in brief

MAS set the foundation with the 2018 FEAT Principles for responsible AI in financial services. See MAS' FEAT announcement here: FEAT Principles.

MAS and industry then created the Veritas Initiative (2020-2023) to operationalise those principles via a methodology and toolkit. Project MindForge Phase 1 (May 2024) focused on GenAI risks and opportunities for banks. Phase 2 expands to governance for modern AI systems across banks, insurers, and capital markets firms-translating years of collaboration into actionable guidance.

What's inside the Executive Handbook

The Executive Handbook sits within a three-part set:

• Executive Handbook: Governance considerations and implementation practices for senior leaders.
• Operationalisation Handbook (to be released): Detailed how-to on executing the practices, with examples, appendices, and tools.
• Implementation Examples (to be released): Case studies from individual institutions.

The 17 considerations you'll be measured on

• Define responsibilities for AI oversight via a clear governance operating model with Board and senior management accountability.
• Ensure effective AI-related policies, procedures, and standards that define key AI concepts, processes, and responsibilities.
• Integrate AI-specific risks into the enterprise risk framework and risk appetite.
• Strengthen third-party AI risk management through enhanced procurement, vendor assessment, and contracting.
• Manage use case-level risk with materiality assessments, proportionate controls, and pre-/post-deployment reviews.
• Maintain an AI inventory that records core information on all AI use cases.
• Assess use case context and design for alignment with ethical, regulatory, and organisational standards.
• Evaluate whether intended data use is compatible with ethical, regulatory, and organisational standards.
• Adopt data management practices that address risks and limitations when processing data for AI use cases.
• Evaluate incremental AI-specific risks when onboarding third-party AI products and services within a use case.
• Build use cases with appropriate guardrails and metrics for performance and risk management.
• Conduct thorough testing and review before deployment to assess AI-specific risks and confirm guardrails, controls, and governance.
• Set monitoring and contingency plans before deployment, and consider risk-informed deployment options.
• Monitor AI use cases on an ongoing basis to keep them fit for purpose over time.
• Capture changes through effective change management to maintain traceability and ensure proper review.
• Equip employees with AI governance skills, knowledge, and the right culture.
• Support AI deployment to ensure it is fit for purpose.

Proportionality is the rule

Controls should scale with risk. Materiality, business model, AI footprint, and risk appetite drive the level of rigor. No one-size-fits-all-just consistent, risk-based choices that you can evidence.

What to do next

• Run a quick maturity check against the 17 considerations; prioritise high-materiality use cases.
• Stand up your AI governance model: accountable executives, clear forums, and reporting to the Board.
• Embed AI risks into ERM and refresh risk appetite statements with measurable limits and thresholds.
• Update the policy suite: model risk, data, cyber, third-party, and change-plus AI-specific standards.
• Tighten third-party onboarding for AI: due diligence, testing rights, SLAs on model changes, and kill-switch terms.
• Define pre-deployment testing gates and go/no-go criteria; document model cards and decision records.
• Set monitoring telemetry, incident playbooks, rollback plans, and human-in-the-loop triggers.
• Upskill teams across lines of defence. For role-based learning paths, see Courses by job.

Regulatory watch

The Executive Handbook is intended to support implementation of MAS' proposed AI Risk Management Guidelines. Expect supervisors to ask how your governance maps to these practices. Align early, document decisions, and show consistent application across business lines.

For broader MAS AI resources, see: MAS: AI in Finance.

Bottom line

This Handbook gives executives a clear, enterprise-wide way to govern AI without losing speed. Start with inventory and accountability, tie controls to materiality, and make your choices measurable. Do this well and you'll scale AI with confidence-and pass the scrutiny that follows.