Your people, your systems, and AI, working as one. Self-hosted inside your network for KYC, AML, and investigation work. Audit trail ready for examiners, your largest commercial customers' vendor risk teams, and your audit committee.
Inside the bank's network. Self-hosted AI so customer data never leaves. Mapped to OCC, FDIC, Fed, SEC, and SOC 2 — and works with your core, your AML stack, and your existing controls.
The Banking track follows the July 2026 SMB pilot and the Legal workshop. Module B1 ("Governed AI for Banking — From Shadow AI to Auditable AI") opens the program, followed by B2 (KYC, AML, and invoice workflows — 120-min live build) and B3 (AI strategy for banking leadership — 60 min). Limited seats for CROs, CIOs, CCOs, BSA officers, and AI risk owners.
Apply for the banking workshop"AI tools, your team, your systems — running together, safely." That's the platform's premise. The banking track is how that premise meets OCC heightened standards, SR 11-7 model risk, FFIEC and FinCEN expectations, GLBA, NYDFS Part 500, and SOC 2 — specifically banking problems with specifically banking answers.
Customer NPI, KYC files, AML investigations, and sanctions reviews run on AI infrastructure inside your bank's network. Local AI via Ollama or vLLM, air-gapped if your matter requires. No public AI services on customer data, ever. Your CISO can confirm it. Your primary regulator likes it.
Every workflow comes with a documented mapping to OCC, FDIC, Federal Reserve, SEC, FinCEN, GLBA, NYDFS Part 500, and SOC 2. Trust ceilings on KYC dispositioning, AML clearing, SAR decisions, and credit decisions are enforced at the platform level — not by policy hope.
Every prompt, output, verification, and approval logged with user attribution. Search across 90 days of activity by matter, user, or workflow in 60 seconds. Walk into your next exam with a documented governance pack — not a remediation timeline.
Designed and delivered by the HitLai Institute team — the same team that ships the platform. Curriculum architect Bobby Koritala (ex-CPO Infogix/Precisely — data-integrity products used by most of the country's largest banks, insurers, retailers, and media companies; multiple AI patents) reviews every module and teaches launch workshops alongside the team.
Take B1 alone for governance grounding. B1 + B2 to operationalize. All three for a complete board-ready posture on governed AI orchestration in your bank.
The hook: A junior AML analyst pastes investigation narratives into ChatGPT. The CISO finds out from a DLP alert. Six months of board attention, a third-party legal review, and an unplanned remediation budget. Today: how to make sure that bank isn't yours.
You'll walk out with: the Banking AI Governance Readiness Assessment scored against your bank, the Regulatory Mapping Matrix walked through for one real workflow, and a 90- to 120-day remediation plan to bring to your audit or risk committee.
The hook: A KYC analyst at a $6B bank dispositions a corporate refresh package in 12 minutes that used to take 90. Same quality, supervisor signed off, customer data never left the bank's network. Today we set up the same flow in your bank.
You'll walk out with: 2-3 workflows configured (KYC document extraction, vendor invoice processing, plus one of AML alert summarization / customer service drafts / reconciliation triage), a deployment-architecture decision, the documentation pack started, and a 90-day rollout plan.
The hook: Your bank's AI strategy is one of four answers — build, buy, embedded, or do nothing. Today: how to choose, what the math looks like, and how to defend the choice to your board.
You'll walk out with: the three legs of ROI grounded in your bank's footprint, the AI Orchestration Vendor Evaluation Scorecard for your shortlist, the four hardest board questions with defensible answers, and a draft year-1 budget ask.
The four trust settings apply to banking work, but with explicit ceilings. There is no scenario where AI dispositions a KYC refresh, clears an AML alert, files a SAR, makes a credit decision, releases a payment, or sends a regulator communication on its own.
Six worksheets and templates from B1, B2, and B3. Useful for your next audit / risk-committee meeting, examiner pre-meeting, or vendor risk review — even before you attend a session.
Tell us your role and we'll route the right invitation. The HitLai Institute team will follow up with session dates, deployment-architecture options for your bank's asset size and regulator, and a short pre-work email.
That's the point. Banks that walk into 2026-2027 exams with a documented AI posture get a different conversation. The track is designed around the SR 11-7 / OCC / FFIEC / FinCEN / GLBA / NYDFS / SOC 2 stack so the documentation pack is examiner-ready by the time you ship the first workflow.
Copilot is one model, one vendor. Governed AI orchestration sits above any model — Copilot, ChatGPT Enterprise, Claude for Work, self-hosted Llama — and gives the bank one audit log, one set of trust ceilings, and one supervision rhythm across the whole footprint. They're complementary, not competitive.
Yes, including air-gapped for the most sensitive workloads — local AI via Ollama or vLLM running open-weight models inside your data center or private VPC. No outbound dependencies. Customer NPI never leaves the bank's network.
No. AI summarizes; your analysts disposition. That ceiling is FinCEN / OCC / Fed expectation and we will not help you cross it. The win is that analysts spend 80% of their time on the harder cases — a 3-4x throughput improvement without crossing a line.
Three public agent protocols natively: Google A2A v0.2.5, MCP (client and server), and OpenClaw Runtime Gateway. Plus native connectors to most major cores, AML platforms, KYC vendors, loan origination, case management, and payment systems. Anything we don't have a connector for, the platform builds automatically — reviewed by your IT before it goes live.
Depends on bank size, deployment choice (self-hosted, private-tenant, hybrid), and number of workflows. For a $3-15B regional bank deploying 3-5 workflows on a hybrid architecture, year-1 TCO is usually a fraction of one avoided MRA remediation event. The B3 module walks the math for your bank specifically.
Banking workshops run summer / fall 2026, following the July SMB pilot and the Legal workshop. Initial sessions in Chicago; online live and recorded modules available everywhere. Private bank-specific workshops available for larger banks — contact enterprise@bodaty.com.
Send them. The Vendor Evaluation Scorecard (B3-02) was written for third-party risk reviewers. The track produces the documentation pack your TPR team expects: SOC 2 references, no-training clauses, sub-processor lists, incident response SLAs, audit-rights language, and exit assistance.