On March 1, the U.S. Department of the Treasury released two documents that every CFO and treasury leader should read: an Artificial Intelligence Lexicon and the Financial Services AI Risk Management Framework (FS AI RMF). Together, they represent the most concrete federal guidance yet on how AI should be governed, evaluated, and deployed inside financial institutions.

The FS AI RMF is not a policy statement. It is an operational framework, built specifically for financial services, that includes a matrix of 230 control objectives mapped across the full AI lifecycle. It adapts the NIST AI Risk Management Framework to the realities of treasury, payments, fraud detection, and risk management. If your organization is using AI in any part of its finance function, this framework is now the reference point against which your governance will be measured.

For treasury teams evaluating AI-powered platforms, the question is 'can we demonstrate it works within an auditable and explainable framework?' The Treasury Department just defined what that looks like.

What You'll Learn

• What the Treasury released on March 1 and why it is the most operationally significant AI guidance financial services has ever seen
• Why the FS AI RMF's 230 control objectives matter specifically for treasury teams, not just banks
• Five questions to ask any AI-powered treasury vendor to test their governance posture
• How GSmart AI was built to satisfy the framework's requirements for auditability, explainability, and lifecycle accountability
• What your team should do right now to assess your current AI governance posture against the FS AI RMF

Actions You Can Take Today

• Inventory every AI-powered tool your treasury function currently uses
• Use the FS AI RMF adoption stage questionnaire to assess your organization's current AI maturity level
• Ask your current or prospective TMS vendors the five governance questions in this post
• Download the Ripple Treasury FS AI RMF Compliance Guide to see how GSmart AI maps to the framework's 230 control objectives: [link]
• Share this post with your IT, security, and compliance teams so they have the language to evaluate your AI vendors against the FS AI RMF

What Did the Treasury Release on March 1?

The two documents are the first deliverables in a broader six-part initiative developed by the Artificial Intelligence Executive Oversight Group (AIEOG), a public-private partnership led by the Treasury Department in coordination with the Financial Services Sector Coordinating Council and the Financial and Banking Information Infrastructure Committee.

The AI Lexicon establishes a shared vocabulary for AI concepts, capabilities, and risk categories across regulatory and business functions. When your compliance team and your technology vendor define model explainability differently, governance breaks down. The Lexicon is designed to fix that at the root.

The Financial Services AI Risk Management Framework (FS AI RMF) is the more operationally significant of the two. It consists of four components: an AI adoption stage questionnaire, a risk and control matrix with 230 control objectives, a user guidebook, and a control objective reference guide. Unlike the underlying NIST framework, which is intentionally generic across industries, the FS AI RMF is tailored to the specific regulatory and operational context of financial services.

The remaining four resources in the series will cover governance and accountability, data integrity and security, fraud and digital identity, and operational resilience. The direction of travel is clear: AI governance in financial services is moving toward structured, lifecycle-based oversight with documented controls.

Why Does the FS AI RMF Matter for Corporate Treasury?

Treasury sits at the intersection of every risk this framework is designed to address. Cash positioning, FX exposure management, cash forecasting, payment controls, and risk analytics all involve AI-assisted or AI-automated decisions with material financial consequences.

The FS AI RMF makes explicit what many treasury leaders have already sensed: using AI does not transfer accountability. It concentrates it. The framework's 230 control objectives span model risk, data integrity, explainability, bias, and operational resilience. Every one of those dimensions applies directly to how AI-powered treasury platforms process insights.

This also fundamentally reframes vendor conversations. When your team evaluates an AI-powered treasury platform, you now have a federally backed AI risk management framework to evaluate against.

What Should Treasury Teams Ask Their AI Vendors?

Based on the FS AI RMF's emphasis on lifecycle controls and transparency, here are five questions every treasury leader should put to any AI-powered platform they are currently using or actively evaluating:

• Is the AI trained on your data, or does it operate on your data? The distinction matters for data integrity and model accountability under the FS AI RMF.
• Can you explain, at a level your CFO and audit committee would accept, how the model reached a specific forecast or risk signal?
• How does the platform handle model drift, validation, and monitoring after deployment, not just at implementation?
• Is there a documented control framework tied to AI outputs, or are insights presented as a black box?
• How does the vendor support your own internal governance documentation and external audit requirements related to AI?

How Does GSmart AI Align with the FS AI RMF?

A lot of AI-powered treasury tools are built to impress in a demo. Fewer are built to hold up under the kind of lifecycle scrutiny the FS AI RMF now codifies. Ripple Treasury's GSmart AI capabilities were designed from the ground up around auditability and transparent outputs because those are the standards treasury teams actually operate under.

GSmart Risk Insights surfaces exposure risk with traceable logic your team can act on with confidence. You can see what drove a signal, understand the underlying data, and defend the output to your CFO or audit committee without reaching for a vendor support ticket.

GSmart Forecast Insights produces cash forecasts that are transparent in their inputs and variance, giving treasury leaders the context they need to stand behind their numbers in front of leadership and auditors. The FS AI RMF is not an external pressure we are reacting to. It is a description of what responsible AI in treasury has always required.

The framework asks whether your AI is documented and explainable at every stage of its lifecycle. Those are exactly the questions GSmart AI was built to answer. And as the remaining four AIEOG resources roll out, we will map GSmart AI's capabilities against each dimension explicitly.

We have published a dedicated FS AI RMF compliance guide that walks through how GSmart AI addresses the framework's 230 control objectives in practice. If you are evaluating AI-powered treasury solutions and want a structured, framework-aligned way to assess what responsible AI governance actually looks like in a TMS context, that guide is for you.

In the meantime, learn more about how GSmart Risk Insights and GSmart Forecast Insights were built with auditability and transparency at their core: Learn more about GSmart AI.

Frequently Asked Questions

What is the Financial Services AI Risk Management Framework (FS AI RMF)?

The FS AI RMF is a sector-specific AI governance framework released by the U.S. Department of the Treasury on March 1, 2026. It adapts the NIST AI Risk Management Framework for financial institutions, providing 230 control objectives mapped across the AI lifecycle to help organizations evaluate, deploy, and govern AI responsibly.

Is the FS AI RMF mandatory for financial institutions?

The FS AI RMF is currently voluntary guidance rather than a binding regulation. However, it is expected to shape auditor standards as AI adoption in financial services accelerates. Organizations that align early will be better positioned when regulatory expectations harden.

How does the FS AI RMF apply to treasury management systems?

Treasury management systems that use AI for cash forecasting, FX risk management, exposure visibility, or payment controls fall directly within the scope of the FS AI RMF. The framework's control objectives around model validation, explainability, data integrity, and human oversight are all directly applicable to how AI functions inside a TMS.

What should CFOs and treasurers do in response to the FS AI RMF?

Treasury leaders should begin by inventorying all AI-powered tools in use across their function, then use the FS AI RMF's AI adoption stage questionnaire to assess their current maturity level. From there, a gap assessment against the 230 control objectives will identify where governance documentation, vendor accountability, and monitoring processes need to be strengthened.

‍