Banks, insurers and financial-services QA organisations are confronting a familiar challenge, now amplified by AI adoption and regulatory scrutiny: traditional approaches to test data governance are no longer holding up.
As development teams embed generative AI deeper into workflows, and release cycles accelerate, the industry is facing a widening gap between experimentation and oversight.
For QA and software testing teams, the question is no longer simply whether test environments work, but whether the data flowing through them is compliant, controlled and trustworthy.
Synthetic data, once a niche tool, is increasingly being positioned as foundational infrastructure for how financial institutions test systems safely, scale automation, and meet governance expectations.
For many firms, the shift is driven by the simple reality that copying production data into test environments is no longer acceptable.
“Sometimes data cannot be copied from production, even if masking is applied,” said Wim Blommaert, explaining why ING bank has moved toward an AI-driven synthetic data strategy.
At ING, delays in provisioning compliant datasets had become a direct obstacle to delivery. Teams faced “three weeks between the time they requested the data until it was loaded to the test environment,” underscoring how test data bottlenecks can undermine velocity.
ING’s approach reflects a broader industry move away from production-derived test data toward scalable synthetic generation that supports realistic scenarios without exposing customer information.
“Synthetic data is very privacy-safe and under GDPR it is not considered personal data,” Blommaert said.
Regulators are watching
Regulatory focus is also sharpening around the governance frameworks that must surround synthetic and test data strategies.
The UK Financial Conduct Authority has highlighted synthetic data as an emerging mechanism that can support innovation while maintaining safeguards.
Officials have noted that synthetic data “offers a powerful way to unlock the value of data … all while maintaining strong privacy protections and public trust.”
The FCA has also stressed that synthetic data must not sit outside governance structures, but instead be aligned with model risk management, accountability, monitoring and ethics frameworks.
For QA teams, this reinforces that synthetic datasets are not automatically “safe” simply because they are artificial, governance still matters.
As financial services firms industrialise testing, the compliance stakes around non-production environments have become harder to ignore.
“If test data gets breached, customers would not care that it wasn’t ‘real’ production data. The headlines will read the same,” wrote Ross Millenacker in a recent analysis of test data compliance pressures.
The long-standing practice of copying production data into lower environments has left QA organisations exposed as pipelines accelerate. Even where masking exists, regulators and customers increasingly expect stronger controls.
The shift toward synthetic data is therefore being framed not just as efficiency, but as risk reduction.
Insurance sector
Synthetic data is also gaining traction in insurance, particularly in claims environments where sensitive health and personal data makes production copying especially problematic.
Artificial datasets are enabling insurers to test complex claims workflows, edge-case scenarios and performance conditions without exposing real medical or customer records.
But experts caution that realism and governance remain ongoing challenges.
“Maintaining data generators that output the right depth and realism is not straightforward,” warned Dr. Bastian Baudisch, emphasising that synthetic models must be continuously tuned to reflect evolving production realities.
The push toward stronger data governance is not limited to test environments. At Allianz, leadership has tied data discipline and AI governance directly to resilience and engineering outcomes.
“The most impactful decision was to be stubborn about the outcome, and to never waver on what good looks like,” said Philipp Kroetz, CEO of Allianz Direct.
The insurer’s emphasis on governance, consolidation and disciplined execution highlights how quality engineering is increasingly inseparable from enterprise-wide data control.
Governance struggling to keep up
The urgency behind test data governance is also being amplified by the way AI tools are entering enterprise workflows unevenly.
“What this research makes clear is that enterprise AI adoption isn’t just accelerating, it’s fragmenting,” said Nishant Doshi, CEO of Cyberhaven.
“A small set of teams is moving fast and embedding AI deeply into daily work, while security and governance are often playing catch-up,” he said.
Doshi warned that the risk is not AI itself but blind spots around data flows.
“Without visibility into which tools are in play, what data is flowing through them, and where controls need to adapt, enterprises risk widening the gap between innovation and trust,” he said.
For QA and software testing teams in banking, insurance and financial services, the direction is clear: test data governance is becoming as consequential as production governance.
Synthetic data is emerging not merely as a workaround, but as a compliance-safe foundation for scalable testing, automation and AI-era assurance, provided it is embedded in rigorous governance frameworks.
Institutions such as ING and Allianz are showing that data discipline is now central to digital resilience. And with regulators like the FCA sharpening expectations, the governance of test data is rapidly becoming a defining pillar of modern financial-services QA.
QA FINANCIAL EVENTS
Why not become a QA Financial subscriber?
It’s entirely FREE
* Receive our weekly newsletter every Wednesday * Get priority invitations to our Forum events *
REGULATION & COMPLIANCE
Looking for more news on regulations and compliance requirements driving developments in software quality engineering at financial firms? Visit our dedicated Regulation & Compliance page here.
READ MORE
- Why real-time monitoring and scenario testing are becoming core QA disciplines
- BankDhofar takes an automated approach to strengthen QA
- Banks warned AI still fails on real-world software testing tasks
- SEC’s AI emphasis drives new QA and testing imperatives for US banks
- Inside the chaos: The new reliability discipline reshaping banking QA
WATCH NOW
QA FINANCIAL PODCASTS
