As financial institutions accelerate their adoption of AI, automation, and cloud-native software delivery, a critical part of the enterprise technology stack may still be operating with outdated controls: database change.
Liquibase, a provider of database change governance solutions used by many leading financial services organizations, has released The Financial Services Playbook for Governed Database Change, an executive guide aimed at helping banks, insurers, payment processors, fintechs, and capital markets firms close what the company describes as one of the last major “mostly manual” control gaps in enterprise technology delivery.
The playbook is based on research conducted across hundreds of financial services engagements, including enterprise banks, regional institutions, credit unions, global insurers, payment processors, fintechs, and capital markets firms. Its central finding is direct: while application code, infrastructure provisioning, testing, and deployment have become increasingly automated, policy-driven, and auditable, database change often remains dependent on tickets, queues, manual reviews, and direct production execution.
The Database Layer Remains a Governance Gap
That gap is no longer merely an efficiency problem. In an environment shaped by expanding regulatory scrutiny and increasingly capable autonomous AI agents, manual database change has become a security, compliance, and operational resilience concern.
“Every other layer of the software delivery pipeline has been automated, policy-driven, and made auditable,” said Ryan McCurdy, Vice President at Liquibase. “But at many financial institutions, database changes are still routed through tickets, manually reviewed, and directly executed in production. In today’s regulatory environment, that is no longer simply inefficient. It is an operational and compliance exposure.”
The issue is structural. According to the playbook, the typical process still looks familiar across much of the sector: a database change is authored, submitted through a ticket or shared workflow, waits in a queue, and is later reviewed and executed by a database administrator. What is often missing are automated policy checks, reliable rollback plans, tamper-evident approval records, and complete evidence that the right controls were applied.
For years, this model may have been tolerated as a necessary compromise between stability and speed. But AI changes the risk calculation. Liquibase argues that financial institutions are entering a new threat phase in which autonomous agents can discover, chain, and exploit weaknesses across applications, infrastructure, and databases at machine speed.
Mythos-Class AI Changes the Risk Equation
McCurdy notes that “Mythos-class AI has turned autonomous agents into an attack surface that can independently scan, chain, and exploit weaknesses across applications, infrastructure, and databases at machine speed. This effectively compresses the gap between discovery and attack in global banking systems.
“Financial institutions are over-invested in model and application-layer controls while leaving the database, where AI-driven decisions are persisted and reconciled, as the least-governed and least-prepared layer for autonomous interaction.
“In this new threat model, the primary risk is not just data exfiltration but silent state corruption – schema changes, data mutations, and transaction updates that appear legitimate while undermining ledgers, risk models, and customer records.
“When AI agents can manipulate both activity paths and logging, manual tickets and ad hoc scripts are no longer sufficient to prove who changed what, when, and under which controls, putting SOX, PCI DSS, SOC 2, and DORA compliance at direct risk.”
That phrase, “silent state corruption,” is especially important. Traditional cybersecurity conversations in financial services often focus on theft, ransomware, account takeover, fraud, or disruption. Those remain serious threats. But AI-enabled database manipulation introduces a subtler and potentially more damaging category of risk. If unauthorized or poorly governed changes appear legitimate, the resulting damage may be difficult to detect, difficult to attribute, and difficult to unwind.
In financial services, the integrity of ledgers, transaction histories, risk models, customer records, and compliance evidence is foundational. A compromised application can be remediated. A misconfigured cloud resource can be corrected. But corrupted database state, especially if it propagates through downstream reporting, reconciliation, analytics, or AI systems, may create cascading operational and regulatory consequences.
Governance Built for Human-Driven Systems Is No Longer Enough
Chris Steffen, Research VP at Enterprise Management Associates, frames the threat in terms of governance models that have failed to keep up with autonomous systems.
“Financial institutions are entering a phase of AI adoption under a perilous assumption: that governance frameworks built for human-driven systems can simply be extended to autonomous agents,” said Steffen. “That assumption is now clearly outdated. Governance that ends too early is a crucial misstep, one that leaves databases exposed to a kill chain that’s now moving with unprecedented speed and lethality.”
The playbook’s findings suggest that this is not just a problem for slow adopters or less mature institutions. Manual database change execution is described as the industry baseline. Even organizations with advanced DevOps practices, mature application pipelines, and sophisticated security programs may still rely on manual database workflows that do not match the controls applied elsewhere in the software delivery lifecycle.
Compliance Pressure Is Accelerating Modernization
Compliance pressure is also accelerating the shift. SOX, PCI DSS, SOC 2, DORA, and emerging operational resilience requirements are forcing institutions to demonstrate stronger control over the systems that support financial reporting, payment security, customer data, and business continuity. When auditors flag deficiencies in database change governance, modernization budgets often appear quickly.
The DBA role is also evolving. Historically, database administrators have served as gatekeepers for production database changes. That model can protect stability, but it also creates bottlenecks, separation-of-duties concerns, and uneven audit evidence. The playbook notes that some large institutions are already issuing mandates to remove DBA involvement from routine manual changes. The better long-term model is not to eliminate DBA expertise, but to redirect it toward architecture, governance, policy design, automation, and exception handling.
The complexity of modern financial environments makes the challenge more urgent. Financial institutions rarely operate on a single database platform. Their environments may include Oracle, SQL Server, PostgreSQL, Snowflake, DynamoDB, Databricks, and other systems across hybrid cloud and multi-cloud architectures. Partial governance is not enough. If only some database platforms are covered by automated controls, institutions still face inconsistent evidence, fragmented policy enforcement, and hidden operational risk.
A Practical Path: Pilot, Platform, Enterprise
Liquibase’s playbook recommends a practical modernization path: pilot, platform, enterprise. Institutions can begin by implementing governed database change for two to five applications, then incorporate the pipeline into centralized platform engineering workflows, and finally scale across the enterprise and across database types.
The target operating model is built around embedding governance directly into delivery pipelines, moving away from ad hoc scripts, enabling automated policy-driven deployments, ensuring coverage across hybrid and multi-database environments, and turning database change into an auditable, repeatable, and resilient process.
Why Database Governance Now Matters to AI Readiness
For financial services leaders, the message is clear. AI governance cannot stop at the model layer. Security cannot stop at the application layer. Compliance cannot rely on incomplete tickets after the fact. The database is where decisions, transactions, customer records, and financial truth are ultimately persisted. If that layer remains manual and loosely governed, the institution’s broader AI and operational resilience strategies remain incomplete.
Organizations that embed governance into database delivery now may gain not only a stronger security and compliance posture but also faster delivery, cleaner audit evidence, fewer production surprises, and greater confidence in AI-enabled operations. Those who delay may find themselves forced into modernization by auditors, regulators, market pressure, or a production incident involving data loss or silent corruption.
Video Overview
Steven Bowcut is the Editor-in-Chief of Brilliance Security Magazine and host of the BSM Podcast. He has spent years covering cybersecurity and physical security, focusing on the technologies, strategies, and leadership insights that matter most to security practitioners and decision-makers. Through the magazine and podcast, Steven brings readers and listeners practical content with industry leaders, innovators, and experts shaping the future of security. Follow and connect with Steve on Instagram and LinkedIn.