Big Tech, AI Risk, and the Fight for Control in Finance

Event Q&A

Big Tech Power Plays and the AI Act Risk Shaping Financial Services

Onur Can Koltukcu of the Dutch Central Bank reveals how Europe’s AI Act and the unchecked power of Big Tech are colliding in the financial sector. He exposes third-party risks, skewed vendor dynamics, and why conventional due diligence no longer cuts it in the age of generative AI. From accountability gaps to regulatory uncertainty, this interview explores what regulators and institutions must confront before it's too late.

Jul 15, 2025

Onur Can Koltukcu, Policy Advisor, De Nederlandsche Bank

Tags: Vendor and Third Party Risk AI and Technology (including Fintech)

The views and opinions expressed in this content are those of the thought leader as an individual and are not attributed to CeFPro or any other organization

The AI Act may seem like a regulatory tsunami, but Onur Can Koltukcu argues it's more of a ripple—at least for now. Speaking from his role at De Nederlandsche Bank, he makes the provocative case that despite the panic, current AI deployments in finance may not be heavily impacted. But this regulatory calm belies a deeper, more systemic concern: institutions are facing third-party AI risks that go far beyond compliance checklists.

One of the biggest vulnerabilities? Market asymmetry. Leading financial institutions are grappling with the dominance of AI vendors who know they’re irreplaceable. In some cases, banks can’t even get these providers to respond, let alone negotiate contracts. This leaves firms caught between regulatory exposure and losing market competitiveness. Koltukcu challenges the sector to rethink accountability—not as a paper trail or a single name on a policy, but as a shared, contextual responsibility grounded in how services are actually delivered. It's not just the code that matters—it's the governance wrapped around it.

Onur Can Koltukcu Bio

With a multidisciplinary background in Economics, Policy, and Data Science, I have dedicated the past three years working on policies and regulations for digital technologies at De Nederlandsche Bank (the Dutch Central Bank). We contribute to financial stability by aiming to mitigate the risks of impactful technologies (such as AI) while aiming to facilitate innovation: maximize benefits and minimize harms. Additionally, I collaborate with European and international authorities to craft policy visions, monitor market developments, identify emerging or growing risks, and publish guidance.