FAQ: Tech & Artificial Intelligence

Updated On 2026-07-09

Use cases, ethics, cybersecurity… because Artificial Intelligence (AI) is transforming banking, the way we work and our customers’ experience, we address common questions about our use of AI and technologies.

An innovative, responsible and secure approach

  • BNP Paribas uses Artificial Intelligence (AI) to enhance its services and processes, with more than 800 use cases already in place. AI is part of the Group’s ethical and responsible approach, guided by strict data governance and team training to prevent bias.

    AI enables us to:

    • Analyse vast quantities of data to anticipate client expectations and offer clients tailor-made solutions,
    • Accelerate operational efficiency by automating repetitive and time-consuming tasks, freeing up time for higher added-value missions,
    • Prevent risks by analysing millions of transactions in real time to detect abnormal behaviour and prevent fraud,
    • Contribute to responsible finance by facilitating the processing and analysis of extra-financial data.
  • With threats on the rise, BNP Paribas places cybersecurity at the heart of its digital transformation and its trust model. The Group relies on a governance structure comprising three lines of defence and a risk-based approach. This enables it to continuously assess its cyber maturity and adapt its priorities to ensure the resilience of its services and operations, as well as the security of its data and that of its customers.

    The Group has nearly 5,000 cybersecurity experts across its various business lines and functions, supported by a budget representing around 10% of the total IT budget. On this basis, a large-scale programme is being rolled out to implement all best practices in collaboration with expert stakeholders.

    Artificial intelligence is fully integrated into these cybersecurity challenges, working with a comprehensive ecosystem of service providers and partners at the forefront of these technologies, in order to anticipate and prevent risks while taking into account its potential for use by attackers. The framework is based on a mature incident response capability (CSIRT), proactive vulnerability monitoring, extensive analytical capabilities and rapid remediation of vulnerabilities.

    For BNP Paribas, cybersecurity is therefore more than just protection: it is a lever for building lasting trust, serving customers, employees and innovation.

  • For BNP Paribas, artificial intelligence is a driver of innovation that helps enhance the customer experience, improve operational efficiency and support risk management. Its development takes place within a responsible framework designed to ensure reliable, transparent practices that are aligned with the Group’s values and comply with applicable regulations, including the European AI Act.

    This approach is built around five pillars:

    • Fairness and non-discrimination
    • Transparency and explainability
    • Data protection and respect for fundamental rights
    • Human oversight of decision-making
    • Skills development

    To complement this framework, BNP Paribas is gradually introducing a sixth pillar focused on managing the environmental footprint of artificial intelligence, in line with its Sustainable IT strategy.

    At BNP Paribas, artificial intelligence is developed to support employees in their day-to-day responsibilities and enhance their expertise, while ensuring that people remain at the heart of decision-making.

    Through this approach, the Group seeks to develop useful, well-governed and responsible AI that benefits its clients, employees and society as a whole.

  • At BNP Paribas, digital sovereignty is first and foremost understood as operational resilience. It is reflected in the Group's ability to guarantee the continuity, security and control of our critical services regardless of the circumstances.

    • The solutions are selected according to a constant principle: to retain the safest, most robust technologies that are best suited to operational requirements, whether European or not.
    • The Group provides all its entities with a shared portfolio of digital solutions, with industrialized processes and standards guaranteeing safety and efficiency.
    • Our core critical infrastructure, including proprietary data centers and dedicated clouds, is operated and monitored to ensure security, resiliency, and business continuity.
    • Targeted investments in data encryption and centralized management of associated keys ensure the confidentiality, control, and security of sensitive information.
    • The uses of AI and LLM models are deployed when relevant, always in secure environments, to ensure confidentiality, compliance and performance.
    • Every technology decision takes into account, among other things, data localization and supplier risk management, in accordance with European and international frameworks.