Across the BFSI sector, artificial intelligence is rapidly moving beyond experimentation. Yet for many organisations, the challenge no longer lies in developing AI use cases, it lies in deploying them responsibly within highly regulated environments. As enterprises begin adopting agentic AI, the focus is shifting from building individual applications to creating scalable platforms, governance frameworks and operational controls that allow AI to move confidently into production.
Kotak Securities is approaching this transition through a homegrown agentic AI platform designed to support multiple enterprise and customer-facing use cases while maintaining the governance expected in financial services.
In this exclusive interaction with Express Computer, Ashish Naik, Senior EVP – IT, Kotak Neo, discusses why the company has built its own AI platform, how it is creating reusable AI agents instead of isolated applications, the challenges of deploying AI in a regulated environment, and why governance, rather than technology that will define the next phase of enterprise AI adoption.
Building an AI platform instead of isolated use cases
While many organisations continue to build standalone AI applications, Kotak Neo has chosen to create a reusable AI foundation.
Naik explains that the organisation has developed NeoCortex, a completely homegrown agentic AI platform that allows different AI models and service providers to work within a common architecture. “This is the agentic AI platform where you can use any LLM, any service provider. The framework has a bunch of agents created as services, connecting to different service providers and the LLM best suited for that particular use case. We have envisaged an architecture where we create standard agents such as a document agent, vision agent and risk agent. You can keep adding these agents and build use cases over that framework, which can then be exposed to customers,” he explains.
Rather than developing AI independently for each business problem, the objective is to establish reusable building blocks that accelerate future development while maintaining consistency across applications.
AI is moving closer to the customer
Kotak Neo has already deployed several AI capabilities internally, particularly across software development, marketing and operational workflows. The next phase is to extend those capabilities directly to customers.
Among the customer-facing initiatives is Hey Neo, a conversational assistant integrated into the trading application. “We have got something equivalent to ‘Hey Siri’. We call it ‘Hey Neo’, which is inbuilt into our app. It is more like a conversational interface. While this is production ready, we have still not gone live because of the compliance angle, and we are working through that.”
The organisation has also developed DocuSense, an AI-powered document intelligence engine that goes significantly beyond conventional OCR by extracting information from highly complex financial documents. “Any kind of document is converted into digital. While it is similar to OCR, it is much more than OCR. Even agreements with multiple stamps and complex layouts can be read with an accuracy well above 95 to 98 per cent. This agent is already available internally and can be used across the organisation,” adds Naik.
Another application combines computer vision with market intelligence. Through what Kotak Neo calls Stock Capture, users simply photograph a product to identify the underlying listed company. “Suppose you click on an iPhone or even medicine strips. The system identifies the company, checks whether that company is listed, and immediately shows the relevant stock information.”
Although several of these capabilities are already operational internally, Naik says customer rollout depends on completing regulatory and compliance approvals.
The biggest challenge is not AI but it’s governance
For Naik, building AI applications is relatively straightforward. Deploying them responsibly within a regulated financial institution is considerably more complex.
Every AI deployment must pass through extensive information security reviews, compliance validation and governance checks before reaching production. “We can develop any use case within two or three weeks. To actually go live still takes two to three months because we need to undergo various checks and balances from InfoSec and internal compliance. Another important factor is how to govern the entire agentic AI model. That is something we are still working to define.”
The learning curve extends beyond technology teams. Since agentic AI introduces entirely new operating models, governance functions are evolving alongside engineering teams. “The know-how of these agentic systems is still limited across organisations. When I go to InfoSec, it is a learning for them. For the compliance team, it is completely new, and regulations are not black and white. We need to justify why we are doing it and what checks and balances exist before getting permission to go live,” he points out.
Naik recalls a similar experience during the rollout of GitHub Copilot for developers, where internal approvals took several months despite the technical implementation already being complete.
Rather than viewing compliance as an obstacle, however, he considers these discussions essential for maintaining trust within financial services. “I appreciate the viewpoint of InfoSec and compliance because if anything goes wrong, they are responsible, and as an organisation our name is at stake. That struggle is still enjoyable.”
From DevOps to AIOps
Looking ahead, Naik believes enterprises need to focus less on creating AI pilots and more on operating AI systems at scale.
His priority over the next year is establishing an AIOps framework that brings governance, monitoring and lifecycle management to agentic AI.
“My focus is primarily to set up AIOps, which is the governance model. Similar to the way DevOps transformed software delivery, we want governance for AI operations.”
That includes continuously monitoring how AI agents perform, controlling infrastructure costs, managing model performance and reducing operational risks. “We need to know how the agents are functioning, what cost they are consuming, whether they are crossing thresholds and whether they are hallucinating. If a particular model is discontinued, how do we seamlessly switch to another model without compromising performance or accuracy? Unless this is solved, taking a proof of concept into production will continue to take considerable time. That is where our focus lies over the next six to twelve months.”
For Naik, the next phase of enterprise AI will be defined by whether organisations can establish the governance, operational controls and confidence required to deploy AI reliably at enterprise scale and not LLMs or faster development cycles. In highly regulated sectors such as financial services, that foundation may ultimately become the biggest differentiator between experimentation and long-term business value.