What happened
The Bangko Sentral ng Pilipinas (BSP) issued a memorandum urging all BSP-supervised financial institutions (BSFIs) to establish tailored AI governance policies and risk-management frameworks by June 30, 2026, following the BSP's published AI governance principles guidance paper. The framework addresses data-privacy breaches, algorithmic bias, and operational risks. Separately, the BSP set a June 30 deadline for banks to phase out SMS OTPs and adopt phishing-resistant authentication methods (biometrics, security keys, behavioural analytics).
Why it matters
The BSP guidance directly affects all Philippine banks and non-bank financial institutions using AI in operations, credit decisions, or customer interactions. The June 30 hard deadline for both AI governance frameworks and OTP phase-out creates an immediate compliance crunch for the Philippine financial sector — one of the most AI-active in Southeast Asia.
Action needed
Philippine financial institutions must finalise and document their AI governance policies and risk-management frameworks by June 30, 2026. Compliance teams should map existing AI use cases to the BSP's published governance principles and address any gaps immediately.