HitLai Institute · Banking Vertical

Run your bank's back office — customer data protected

Your people, your systems, and AI, working as one. Self-hosted inside your network for KYC, AML, and investigation work. Audit trail ready for examiners, your largest commercial customers' vendor risk teams, and your audit committee.

Inside the bank's network. Self-hosted AI so customer data never leaves. Mapped to OCC, FDIC, Fed, SEC, and SOC 2 — and works with your core, your AML stack, and your existing controls.

Banking pilot — summer / fall 2026

The Banking track follows the July 2026 SMB pilot and the Legal workshop. Module B1 ("Governed AI for Banking — From Shadow AI to Auditable AI") opens the program, followed by B2 (KYC, AML, and invoice workflows — 120-min live build) and B3 (AI strategy for banking leadership — 60 min). Limited seats for CROs, CIOs, CCOs, BSA officers, and AI risk owners.

Apply for the banking workshop

Why a banking-specific track

"AI tools, your team, your systems — running together, safely." That's the platform's premise. The banking track is how that premise meets OCC heightened standards, SR 11-7 model risk, FFIEC and FinCEN expectations, GLBA, NYDFS Part 500, and SOC 2 — specifically banking problems with specifically banking answers.

Self-hosted by deployment

Customer NPI, KYC files, AML investigations, and sanctions reviews run on AI infrastructure inside your bank's network. Local AI via Ollama or vLLM, air-gapped if your matter requires. No public AI services on customer data, ever. Your CISO can confirm it. Your primary regulator likes it.

Mapped to the full regulatory stack

Every workflow comes with a documented mapping to OCC, FDIC, Federal Reserve, SEC, FinCEN, GLBA, NYDFS Part 500, and SOC 2. Trust ceilings on KYC dispositioning, AML clearing, SAR decisions, and credit decisions are enforced at the platform level — not by policy hope.

Examiner-ready audit log

Every prompt, output, verification, and approval logged with user attribution. Search across 90 days of activity by matter, user, or workflow in 60 seconds. Walk into your next exam with a documented governance pack — not a remediation timeline.

Taught by the team that builds it

Designed and delivered by the HitLai Institute team — the same team that ships the platform. Curriculum architect Bobby Koritala (ex-CPO Infogix/Precisely — data-integrity products used by most of the country's largest banks, insurers, retailers, and media companies; multiple AI patents) reviews every module and teaches launch workshops alongside the team.

The banking track — three modules

Take B1 alone for governance grounding. B1 + B2 to operationalize. All three for a complete board-ready posture on governed AI orchestration in your bank.

MODULE B1 · 90 MIN
Governed AI for Banking — From Shadow AI to Auditable AI
What every regional and mid-market bank using AI needs to address. Now.

The hook: A junior AML analyst pastes investigation narratives into ChatGPT. The CISO finds out from a DLP alert. Six months of board attention, a third-party legal review, and an unplanned remediation budget. Today: how to make sure that bank isn't yours.

You'll walk out with: the Banking AI Governance Readiness Assessment scored against your bank, the Regulatory Mapping Matrix walked through for one real workflow, and a 90- to 120-day remediation plan to bring to your audit or risk committee.

For: CROs, CIOs, CCOs, BSA officers, heads of internal audit · Leave-behinds: Banking AI Governance Readiness Assessment · Regulatory Mapping Matrix
MODULE B2 · 120 MIN · LIVE BUILD
Banking AI Workflows — KYC, AML, and Beyond
Hands-on: configure 2-3 flows live in your sandbox.

The hook: A KYC analyst at a $6B bank dispositions a corporate refresh package in 12 minutes that used to take 90. Same quality, supervisor signed off, customer data never left the bank's network. Today we set up the same flow in your bank.

You'll walk out with: 2-3 workflows configured (KYC document extraction, vendor invoice processing, plus one of AML alert summarization / customer service drafts / reconciliation triage), a deployment-architecture decision, the documentation pack started, and a 90-day rollout plan.

For: heads of KYC/AML/Sanctions, BSA officers, heads of Operations, IT delegates · Leave-behinds: Banking Workflow Catalog · Banking Workflow Compliance Documentation
MODULE B3 · 60 MIN
AI Strategy for Banking Leadership
How to make the board / risk-committee case and answer the questions that follow.

The hook: Your bank's AI strategy is one of four answers — build, buy, embedded, or do nothing. Today: how to choose, what the math looks like, and how to defend the choice to your board.

You'll walk out with: the three legs of ROI grounded in your bank's footprint, the AI Orchestration Vendor Evaluation Scorecard for your shortlist, the four hardest board questions with defensible answers, and a draft year-1 budget ask.

For: CIOs, CTOs, CROs, CCOs, AI risk owners, tech / risk committee board members · Leave-behinds: Banking AI Business Case Template · AI Orchestration Vendor Evaluation Scorecard

The trust journey — with banking ceilings on high-risk activities

The four trust settings apply to banking work, but with explicit ceilings. There is no scenario where AI dispositions a KYC refresh, clears an AML alert, files a SAR, makes a credit decision, releases a payment, or sends a regulator communication on its own.

AI watches
AI shows insights. Your team does the work. Default for any new tool or new use case.
AI suggests
AI recommends. Default for any operational AI work touching customer, credit, AML, or payments data.
AI acts, you approve
AI executes; team signs off. Administrative work with monetary impact (e.g., invoice intake), low-risk internal routing, low-risk customer messaging.
AI handles routine
AI runs the pattern. Limited to internal information routing, paperwork triage, and similar non-customer-impact tasks.
Ceiling, by design: KYC dispositioning, AML alert clearing, SAR filing decisions, sanctions clearance, credit decisions, payment release, and regulator communications are NEVER on "AI handles routine." Your team's verification step is non-negotiable. The framework is the floor; your supervision protocol is how you stay above it.

Free leave-behinds — banking track

Six worksheets and templates from B1, B2, and B3. Useful for your next audit / risk-committee meeting, examiner pre-meeting, or vendor risk review — even before you attend a session.

Module B1 · PDF
Banking AI Governance Readiness Assessment
14 items every regional and mid-market bank using AI needs to address — mapped to OCC, FDIC, Fed, SEC, FinCEN, GLBA, NYDFS, and SOC 2. Use for audit committee agendas and exam preparation.
Module B1 · PDF
Banking AI Regulatory Mapping Matrix
Every AI use case in your bank mapped to OCC, FDIC, Fed, SEC, FinCEN, GLBA, NYDFS Part 500, SOC 2, and state banking regulators. With three worked sample mappings (KYC, customer service, AML).
Module B2 · PDF
Banking Workflow Catalog — 12 Flows
Ranked by hours-recovered-per-risk: KYC, AML, sanctions, lending, payments, customer service, and back-office paperwork. Each with starting trust setting, supervision protocol, and regulatory considerations.
Module B2 · PDF
Banking Workflow Compliance Documentation
The audit-ready documentation pack every AI workflow needs before it goes live. Twelve sections covering identification, scope, data handling, regulatory mapping, model risk, supervision, audit log, training, vendor, risks, incident response, and approvals.
Module B3 · PDF
Banking AI Business Case Template
The board-ready and risk-committee-ready business case for governed AI orchestration. Executive summary, problem/opportunity, approach, ROI worksheet (three legs), risks, timeline, decision request.
Module B3 · PDF
AI Orchestration Vendor Evaluation Scorecard
Eight categories, fifty-plus criteria, calibrated weights. Bring to vendor demos, third-party-risk reviews, and the build-vs.-buy conversation. Includes the red flags that override the score.

Join the banking workshop

Tell us your role and we'll route the right invitation. The HitLai Institute team will follow up with session dates, deployment-architecture options for your bank's asset size and regulator, and a short pre-work email.

Questions banks ask

What about OCC or Fed examiners?

That's the point. Banks that walk into 2026-2027 exams with a documented AI posture get a different conversation. The track is designed around the SR 11-7 / OCC / FFIEC / FinCEN / GLBA / NYDFS / SOC 2 stack so the documentation pack is examiner-ready by the time you ship the first workflow.

We already have Microsoft Copilot. Isn't that enough?

Copilot is one model, one vendor. Governed AI orchestration sits above any model — Copilot, ChatGPT Enterprise, Claude for Work, self-hosted Llama — and gives the bank one audit log, one set of trust ceilings, and one supervision rhythm across the whole footprint. They're complementary, not competitive.

Can the platform run inside our network?

Yes, including air-gapped for the most sensitive workloads — local AI via Ollama or vLLM running open-weight models inside your data center or private VPC. No outbound dependencies. Customer NPI never leaves the bank's network.

Will AI clear our AML alerts? We're drowning.

No. AI summarizes; your analysts disposition. That ceiling is FinCEN / OCC / Fed expectation and we will not help you cross it. The win is that analysts spend 80% of their time on the harder cases — a 3-4x throughput improvement without crossing a line.

What protocols does the platform speak?

Three public agent protocols natively: Google A2A v0.2.5, MCP (client and server), and OpenClaw Runtime Gateway. Plus native connectors to most major cores, AML platforms, KYC vendors, loan origination, case management, and payment systems. Anything we don't have a connector for, the platform builds automatically — reviewed by your IT before it goes live.

What does year-1 cost look like?

Depends on bank size, deployment choice (self-hosted, private-tenant, hybrid), and number of workflows. For a $3-15B regional bank deploying 3-5 workflows on a hybrid architecture, year-1 TCO is usually a fraction of one avoided MRA remediation event. The B3 module walks the math for your bank specifically.

Where is the track running?

Banking workshops run summer / fall 2026, following the July SMB pilot and the Legal workshop. Initial sessions in Chicago; online live and recorded modules available everywhere. Private bank-specific workshops available for larger banks — contact enterprise@bodaty.com.

What about my third-party risk team?

Send them. The Vendor Evaluation Scorecard (B3-02) was written for third-party risk reviewers. The track produces the documentation pack your TPR team expects: SOC 2 references, no-training clauses, sub-processor lists, incident response SLAs, audit-rights language, and exit assistance.

Note: The HitLai Institute Banking Track is an operational and educational program. The materials and modules are not legal, regulatory, audit, or investment advice. Regulatory mapping and governance frameworks (OCC, FDIC, Federal Reserve, SEC, FinCEN, GLBA, NYDFS Part 500, SOC 2, and state banking regulators) are intended for bank-internal planning under the supervision of the bank's compliance, audit, risk, and legal functions, and in coordination with the bank's primary federal and state regulators. References to specific regulations are illustrative; consult your own counsel and primary regulator for jurisdiction-specific guidance.