Over the past couple of months, we’ve been deep in discussion with industry leaders, decision makers and practitioners from the financial services industry. While Apidays London and Gartner AIBS Summit provided a great overview of the API landscape in 2025, the Tyk Future Forum brought together customers, prospects and partners to discuss the future of APIs and AI, and how to turn opportunities into outcomes heading into 2026.
In this article, we’re shining a spotlight on the latest trends, issues and opportunities, rounding up five key insights and concerns from API leaders across the financial services industry. If you’ve not been in the room so far, now’s the time to get up to speed.
1. AI governance is the bridge between POC and production
While AI is top of mind for many people in financial services right now, it’s not a top priority. Yet. What we’re seeing is that plenty of people are running experiments and proof of concepts (POCs), some of which are succeeding. However, transitioning from POC to production is proving to be a significant challenge, as highlighted by a recent finding from MIT indicating that roughly 95% of AI initiatives fail.
One of the reasons for this failure rate is AI governance – either a total lack of it or the wrong governance practices. We saw the same thing back in the day with API management. Now, many firms are repeating those mistakes in their AI initiatives.
The solution? Going back to governance basics and taking care of things like:
- The quality and security of data going in and out
- Ensuring tools, data sources and systems are scalable, secure and AI-ready
- Adequately managing risk with proper audit trails and observability
The high AI initiative failure rate emphasizes the need to better balance the non-deterministic planning that LLMs and AI agents provide with the deterministic execution that your tools, APIs and workflows deliver. This is where AI governance comes in, to operationalize and derisk your AI initiatives at scale.
Some organizations are taking an alternative approach, with platform teams banning LLM usage outright due to the lack of established best practices. However, what we’re seeing in many of those instances is that easy availability and accessibility outside of the workplace are leading to shadow AI initiatives. As such, the better approach is to put guardrails in place through AI governance, enabling teams to innovate without risk.
2. AI readiness is directly proportional to API management maturity
Enterprises that have their API house in order – in terms of security, governance, scalability, CI/CD pipelines, documentation, and so on – are best equipped to succeed with AI. And when it comes to getting your house in order, something is better than nothing, because AI readiness isn’t binary; it’s a spectrum. This means you don’t have to do everything at once but can start with the basics and then grow your maturity over time. Those basics include:
- Standardized API design and development using OAS
- API security
- API governance
- API observability and audit trails
- API discovery and documentation
Attending to these will move you further along the AI readiness spectrum. And, while standardization, automation, and integrated solutions are the end goal here, anything at all is better than nothing.
Take observability as an example. Knowing what’s going on, what’s going wrong, how platform components are interacting on a per request basis, and who’s doing what is hugely important. Ideally, standardization through OpenTelemetry is where you want to end up but even moving towards that point will level up your AI readiness.
Of course, the changing landscape also means you’ll need to keep evolving. Documentation is a good example of this. As your API consumers evolve, with AI agents as well as humans and services now consuming APIs, you’ll need to think differently about the readability of your documentation. OAS is a great starting point, as it adds a degree of readability, but it’s an area you’ll need to evolve over time.
3. Data sovereignty and regulatory compliance are top priorities for decision makers
For decision makers, understanding data sovereignty and regulatory compliance requirements is a key area of focus. While precise requirements differ from region to region, taking care of the quality and security of data in and data out is a global need. Organizations need to be secure across the board – data at rest and data on the wire – and ensure they are in control of their own data.
This is particularly relevant in financial services, given the high sensitivity and high volumes of data being handled, meaning data ownership, security, and appropriate governance are all top priorities. Self-managed and hybrid solutions are still the favoured options to meet these challenges.
In terms of regulatory standards, decision makers have one eye on the future, as well as one on the present. The looming specter of future AI regulatory standards, including requirements regarding data, is casting a long shadow on what’s possible.
4. Managing API sprawl is the #1 challenge for platform teams
Managing API sprawl is the #1 challenge for platform teams because, as organizations scale, APIs multiply across teams, tools, and business units – often without consistent governance. This creates fragmented ecosystems where visibility, security, and version control break down. Without a unified strategy, redundant APIs emerge, documentation becomes outdated, and compliance risks grow.
Tackling API sprawl requires a governance-first approach: Centralize API discovery, enforce consistent design standards, and automate governance across the lifecycle. Add unified observability to track usage and dependencies, and assign clear ownership. This balance of visibility, control, and accountability keeps innovation flowing without losing coherence or compliance, enabling reliable integration, faster development, and trust across the organization’s digital fabric.
5. A greater impetus on API-first developer experience drives adoption
In terms of general developer experience, it’s well established that developers need great onboarding experiences and to accomplish tasks as seamlessly as possible, if you want to drive adoption. What’s new is the focus on API-first developer experience.
This is all about making CI/CD pipelines a priority and supporting APIs to access and interact with all gateway capabilities without necessarily needing to go through a dashboard or a portal. While these are still incredibly useful for overviews and discoverability, developers prefer interaction with gateway capabilities to be API-driven. Doing so reduces the risk of events in the dashboard or portal triggering changes in the gateway, levelling up overall reliability.
Direct API interactions, with APIs exposing the capabilities of applications and the API platform, also open the door for chat-based and agent-based interfaces. It’s another nod to the fact that, while AI isn’t a priority yet, it’s very much top of mind.
Bonus: Trusted partners take over from traditional client-vendor relationships
Ok, so we said we would share five learnings from API leaders in financial services, but here’s a bonus point: Traditional client-vendor relationships no longer deliver what financial services institutions need if they want to innovate, scale, and excel. Instead, trusted, proactive partnerships are at the heart of responding to the rapidly evolving landscape.
What we’re seeing here is the importance of clients and vendors taking the journey together. It’s about flexibility and agility in everything from discovery and design to development and problem solving. This is proving particularly important for organizations operating and innovating at scale, which need trusted partners who understand the landscape and are willing to co-discover its pitfalls and opportunities.
With this proactive approach in place, vendors can ensure their customers’ emerging priorities are at the forefront of their platform development. They can expand platform capabilities in line with nuanced needs, ensuring that the platforms in question serve as evolving enablers at scale, rather than limitations with spiraling development costs that end up penalizing customers for their growth and success.
Be part of the conversation
If you’re ready to deep dive into the world of APIs and AI in the financial services industry, why not join 150+ peers online at LEAPxFinance on October 16, 2025? We’ll be joined by 12 expert speakers covering a range of topics, including Open Finance, Open Banking, FDX, API monetization, governance, security, data sovereignty, observability, and more. Register for free today!
