Skip to main content
Rehmann
Pay Bill
Rehmann
Solutions
Audit and AssuranceConsultingFinance and AccountingTaxTechnology ServicesWealth Management View all solutions
No matter the organizational need, our experienced and focused team is ready and eager to help. We invite you to put our expertise to work.
Navigating Your Tax Strategy: 2025 Wrap-up and 2026 Outlook
Webinar
Navigating Your Tax Strategy: 2025 Wrap-up and 2026 Outlook
Understanding OBBB’s R&D Tax Credits and Section 174 Updates 
Article
Understanding OBBB’s R&D Tax Credits and Section 174 Updates 
Industries
ConstructionDealershipsFinancial ServicesHealthcareManufacturingPrivate Client AdvisoryPrivate EquityPublic Sector View industries we serve
We understand where you’re coming from. Rehmann professionals provide expertise in a wide range of industries to help you address challenges and seize opportunities.
Resources
ArticlesGuidesPodcastsWebinarsOne Big Beautiful Bill View all resources
Our team is focused on helping clients through consultation and connection. We’re also dedicated to sharing our knowledge and insights. Feel free to browse our wealth of information.
Navigating Your Tax Strategy: 2025 Wrap-up and 2026 Outlook
Webinar
Navigating Your Tax Strategy: 2025 Wrap-up and 2026 Outlook
Resilience Redefined: A Cybersecurity Masterclass
Webinar
Resilience Redefined: A Cybersecurity Masterclass
About Us
Who We AreLocationsNewsThe Rehmann TeamEventsThe Rehmann FoundationHLB
Our mission is to bring energy, focus, and integrity to every interaction — relentlessly pursuing expertise to accelerate our clients’ and associates’ goals. Take a look at the world of Rehmann.
Resources  >  Articles

AI, Cybersecurity, and Audit Committee Oversight

Related Solutions: Cybersecurity Solutions, Risk Advisory Services, Audits, Reviews, and Compilations

February 9, 2026

Contributors: Jessica R. Dore, CISA, Elizabeth N. Ziesmer, CPA

It’s important for audit committee members, in their oversight role to understand how Artificial Intelligence (AI) impacts their institution’s day-to-day operations. For example, AI could be used in financial reporting, enterprise-wide risk management, fraud risk mitigation, and data privacy and security. 

To ensure their effectiveness, adaptive AI models rely on data quality, accuracy, reliability, and integrity. As such, audit committees should focus on and understand data management related to the following:  

  • Data governance to ensure data privacy and access controls are established and implemented with supportive employee education and training.
  • Data security to ensure sensitive or confidential information fed into AI models is protected, especially if the data leaves financial institutions’ secure IT systems.
  • Transparency to help regulators understand how the selected AI models operate, respond, and provide conclusions and reporting that informs decisions about policies, operations, and strategic planning.
  • Human oversight procedures to ensure people review, evaluate, and are accountable for AI outcomes to avoid overreliance and reduce risk.  

Cybersecurity First

Because the use of AI integrates systems and data, which is often shared outside financial institutions’ networks, it can increase the risk of cyberattacks. Ongoing investment in thorough monitoring and oversight of cybersecurity measures is critical to protect confidential data and marketplace reputation. Aligning processes to recognized frameworks like those recommended by the National Institute of Standards and Technology (NIST), International Standard for Organization (ISO), or Cybersecurity and Infrastructure Security Agency Industrial Control Systems (CISA ICS) provides an oversight structure to track effective, secure, and compliant AI use and data collection. 

How AI Can Address OBBB Reporting Requirements 

The One Big Beautiful Bill Act of 2025 (OBBB) includes new reporting requirements with tax benefits for banks, credit unions, and their borrowers.  AI solutions can help ensure accurate and secure collection and reporting of data not only to comply with OBBB requirements, but also to realize financial benefits, such as: 

Agricultural Loans: Qualified lenders can deduct up to 25 percent of interest income received for loans 
originated after Jul. 4, 2025. The loans must be secured by real property that is located in the U.S. or a U.S. territory and produces agricultural products, supports a fishing or seafood processing businesses, or operates an aquaculture facility. When accurately tracked and accounted for, this new deduction provides financial incentive to grow this segment of the loan portfolio in certain regions. 

Auto Loans: For tax years 2025 through 2028, individual taxpayers who purchase qualifying new vehicles for personal use are entitled to an annual deduction of up to $10,000 of interest paid on loans originated after Dec. 31, 2024. 

On Dec. 31, 2025, the IRS proposed regulations to clarify lenders’ auto loan reporting requirements, including: Lenders receiving $600 or more in interest on a qualifying auto loan would be required to report. 

  • Lenders required to report must provide to the IRS and taxpayers: the name, address, and taxpayer identification number of the payor of record and the interest recipient; the amount of interest received for the calendar year; the outstanding loan principal as of the beginning of the calendar year; date of loan origination; year, make, model, and VIN of the vehicle that secures the loan; and date the vehicle was acquired.  

What Audit Committees Need to Know About Their Institution’s Use of AI 

Realizing the full potential of AI means audit committees must fully understand the risks and opportunities the tool poses to ensure management has defined and implemented policies, processes, and controls that govern the acceptable use of AI. Audit committee members should ask management questions about AI responsible use and cybersecurity protections, such as: 

  • How are you using AI? What are your competitors doing, and how are you maximizing opportunities?
  • What are your procedures to test AI models for accuracy, reliability, data bias, and other risks? How is human review verifying these outcomes and for ongoing monitoring of AI post-implementation?
  • Are you using AI models you consider to be higher risk? Why and what are the benefits? 
  • How is data used, protected, and secured against risks of cybercrime and data breaches?
  • How are employees educated and trained on the importance of cybersecurity practices? How are you documenting that leadership provides clear guidance to employees about their responsible use of AI to support data security?
  • What’s your business continuity plan for a data breach resulting from a cyberattack or AI failure? 

By prioritizing cybersecurity and leveraging proven principles regarding the acceptable use of AI, your financial institution can not only strengthen its data management and reporting but also upgrade digital defenses with strategies that protect systems, drive innovation, deliver on customer expectations, and reduce unnecessary risk. Contact your Rehmann advisor or Liz Ziesmer, CPA, at [email protected] or 616.975.4100 or Jessica Dore, CISA, at [email protected] or 989.799.9580 for a personal consultation.