As a product manager, I’ve seen major shifts driven by generative AI in the risk management space. It’s a shift that is transforming everything from financial services to e-commerce and autonomous vehicles. I believe a siloed, reactive approach with a compliance-first mentality to risk management doesn’t cut it anymore. There have been multiple failures that can be attributed to this approach in the past.
In 2016 Wells Fargo “Fake Accounts” scandal, the company’s risk management approach was designed to meet compliance and regulatory checklist. This led to a toxic sales culture that encouraged opening millions of unauthorized bank accounts. The approach of satisfying compliance without focus on ethical practices resulted in billions of dollars in fines and reputation damage. In the eCommerce world, a reactive approach to fraud such as refund abuse, return abuse (when a customer requests and receives a refund for a purchase they claim was incomplete or unsatisfactory) or chargebacks (where a customer disputes a legitimate transaction, often after receiving the product) creates loopholes for fraudsters. Chargebacks are estimated to cost eCommerce ~$34B in 2025.
I’ve seen firsthand how risk management can become a strategic business driver, not a blocker, by adopting AI product principles that prioritize user-centricity and metrics-driven analytics. For example, a sensitive customer touchpoint like a First Notice of Loss (FNOL) in an insurance claims workflow is being completely reimagined. FNOL involves collection of policyholder information, accident details, coverage information and photos/videos. Instead of a complex process involving a series of data entries on the app or calling human agents, we’re seeing agentic AI take over this critical touchpoint. By streamlining the customer journey using AI and insurance carriers are making it faster and more efficient.
The Limitations of Traditional Risk Management
Throughout my career, especially in roles leading risk strategies for global e-commerce and autonomous vehicle platforms, I’ve repeatedly seen three major problems with traditional risk management:
Reactive
Traditional models only react to problems after they’ve already happened. I’ve seen how a delay in detecting fraudulent activity can have a huge impact on a company’s bottom line and erode customer trust. Let’s consider an insurance company using historical data sets homeowner policy premiums. In an unprecedented disaster (wildfires for example) the scale of claims falls outside the model’s prediction. A reactive approach to modeling for new, evolving risks such as climate change can be significant. This results in major financial loss for the company and drastically increases customer’s premiums.
Operational Silos:
Often risk management teams are isolated from the product, engineering, and operations teams. This disconnect leads to product launches that go forward without a comprehensive risk assessment, creating unexpected vulnerabilities. In my experience, a siloed operating environment in an AV company will lead to significant safety problems, reputational damage and eroded customer trust. A product manager designs an in-car UI experience for emergency maneuver with design, engineering and hardware teams. The UI experience lacks accessibility features that were missed since safety and compliance teams operated separately. A real world incident occurs and the new UI experience for emergency maneuver fails due to missed accessibility features. This failure highlights safety breakdown leading to potential injury/loss of life and financial loss.
Compliance-First Mentality
When the only focus is on checking compliance and regulatory rules, risk management can miss the bigger strategic picture. I’ve observed situations where this narrow focus allowed critical risks to evolve into serious product vulnerabilities or new fraud behavior. In a claims workflow, meeting the bare minimum for customer communication and resolution protocols can lead to customer dissatisfaction. In eCommerce, performing basic KYC (Know your customer) or KYB (Know your business) verifications for onboarding customers and sellers to the marketplace makes the platform vulnerable to fraud activities. Meeting only the compliance requirement while not really knowing the onboarded user leads to platform revenue loss and negative user experience.
My Approach: AI-driven Product Management principles
I’ve identified two core AI-driven principles that are reshaping risk management: user-centric risk assessment and metrics-driven decision-making. This is based on my experience building risk management products across different industries.
User-Centric Risk Assessment
- Effective risk management starts with a deep understanding of the user journey. Mapping detailed user journeys to identify risks whether that user is an external customer or an internal stakeholder is highly effective.
- Comprehensive user profiles for behavior prediction and anomaly detection are developed by using AI models (unsupervised learning) to analyze interaction data, device data, network data, etc.
- In eCommerce, I incorporated such holistic user profiling to proactively identify fraudulent activities (such as pirated content, transaction abuse). This helped me gain a deeper understanding of risk impact.
Metrics-Driven Decision-Making
- I’ve helped teams move towards a mindset of preemptive control by implementing ML models to proactively address fraud and strategic risks. It means defining forward-looking metrics like real-time risk scoring and risk likelihood.
- AI models that use graph analytics can evaluate hundreds of risk signals to produce a dynamic risk score for every user interaction. These metrics empower risk teams to anticipate and prioritize issues more effectively.
- A metrics-driven approach in e-commerce and insurance domains where accurate predictions directly contribute to improved operational efficiency and a competitive edge.
- I’ve integrated telematics data into behavior-based insurance models, which has led to more accurate risk assessments and personalized pricing for customers. The shift from reactive to proactive is one of the most powerful changes in the industry.
Conclusion
By integrating AI product management principles into risk management organizations to become more agile, innovative, and strategically competitive. Organizations should swiftly move away from a reactive, compliance-driven and siloed risk function to a proactive, user-centric one. Product managers can lead adoption of these best practices to significantly improve their organization’s resilience and growth in today’s AI-powered world.
