5 Jun 2026

Google shipping Gemma 4 12B to run agentic workflows on laptops sounds like a developer convenience story. For anyone running regulated financial services in the UK, it is actually a governance crisis waiting to happen.

The appeal is obvious. Lower latency, no cloud egress costs, works offline. For a loan origination team running decisioning workflows, the idea of cutting round-trip API calls is genuinely attractive. But the moment an AI agent is executing multi-step tasks locally on an endpoint, you have lost the centralised audit trail that the FCA expects you to maintain.

Consumer credit is not a domain where you can have ambiguity about what a system did, when, and on what data. The Consumer Duty requires firms to demonstrate that outcomes are being monitored and that decisions affecting customers are explainable. A locally-running agent that processes applicant data on a laptop, with no centralised logging, fails that test before it has even started.

The harder problem is that the endpoint security assumptions here are completely different from cloud-hosted models:

• Model weights sitting on a laptop are an exfiltration risk if the device is lost or compromised
• Local execution means no organisation-level controls on what data the agent can access or act on
• Audit logs become the responsibility of device management, which most financial services firms are not set up to treat as a compliance system of record

None of this means local AI has no place in financial services. There are narrow, low-risk use cases where it makes sense. Internal tooling, document summarisation where no customer data is involved, developer productivity. But the framing of local agents as a straightforward cost or privacy win glosses over the fact that moving compute to the endpoint moves compliance risk there too.

Technology leaders in regulated firms need to get ahead of this before individual teams start experimenting with local agent workflows and treating it as equivalent to using a SaaS tool. The question worth asking now is whether your AI governance framework even contemplates where the model is running, or whether it assumes the answer is always a controlled cloud environment.