The nationwide "shrimp farming" craze is sweeping the internet, but the banking industry is collectively "ignoring" it; experts say: OpenClaw's high system permissions conflict inherently with financial compliance requirements.

Financial Daily Reporter | Li Yuwen Financial Daily Editor | Zhang Yiming

Recently, open-source AI (artificial intelligence) agent OpenClaw (also known as "Lobster") has become a viral sensation, attracting widespread industry attention. However, the banking sector generally remains cautious about this wave of "shrimp farming." A head office official from a joint-stock bank told the Daily Economic News that the bank recently received a risk warning from regulators regarding "Lobster."

However, before OpenClaw's popularity surged, the banking industry had already been exploring and applying intelligent agents. Many banks are actively promoting the use of agents in frontline business scenarios to improve operational efficiency.

As a risk-controlled institution, how can banks balance innovation and compliance in the face of the AI technological wave?

Multiple banks cautious about the "shrimp farming" trend

OpenClaw, named for its icon resembling a red lobster, is also colloquially called "Lobster," and deploying it is often described as "shrimp farming." Unlike purely conversational AI like ChatGPT, OpenClaw integrates communication software and large language models, enabling it to autonomously perform complex tasks such as file management, email handling, and data processing on users' local computers. It essentially acts as a "digital employee" working on behalf of users, which has attracted many to experiment with its practical applications.

As OpenClaw continues to gain popularity, security concerns have become more prominent. Recently, the Ministry of Industry and Information Technology and the National Internet Emergency Center issued risk alerts, warning users to exercise caution due to potential security risks associated with OpenClaw.

Amid this wave of "shrimp farming," the banking industry remains quite "calm." Recently, industry insiders revealed that a joint-stock bank's head office received a regulatory risk warning about "Lobster." Another official from a state-owned bank told the Daily Economic News that their bank has not yet deployed or studied OpenClaw.

Why are banks cautious about OpenClaw?

"Unlike conversational AI, OpenClaw as an agent needs access to local files, external APIs, and even system-level permissions. This end-to-end automation mechanism can easily trigger cyberattacks and lead to leakage of core transaction data, which conflicts with the bank's strict regulatory and zero-tolerance policies," said Wang Peng, deputy researcher at the Beijing Academy of Social Sciences, in an interview with the Daily Economic News on March 16.

Gao Chengfei, general manager of the IP Business Department at Zhanyou Marketing Consulting, shared a similar view: "OpenClaw's high system permissions are inherently at odds with financial compliance requirements."

Gao explained that OpenClaw defaults to access local files and API calls with elevated permissions, which can improve office efficiency. However, multiple medium- and high-risk vulnerabilities have been publicly disclosed, and its plugin functions lack effective security review mechanisms, posing risks of malicious exploitation such as stealing online banking passwords and payment keys. More critically, its autonomous execution capabilities could cause errors in financial scenarios, such as unauthorized fund transfers or purchasing investment products. Since AI technology still lacks full interpretability, responsibility for automated actions is difficult to determine. Additionally, data generated during agent operation may be transmitted to third parties, raising compliance risks when involving sensitive information like credit data and loan approval materials.

Therefore, Gao believes that in the short term, OpenClaw is more suitable for small-scale pilots in non-core business scenarios. Large-scale deployment should wait until key issues such as security, clear responsibilities, and algorithm interpretability are resolved.

Wang Peng suggests that banks are unlikely to directly adopt open-source OpenClaw but will instead incorporate its technological approach. Future implementations are likely to be "private deployment in restricted environments," meaning within internal bank networks, using self-developed or customized solutions to apply agents in non-core, high-sensitivity scenarios such as office automation and risk control support.

Banking sector's exploration of intelligent agents is already underway

It is worth noting that even before OpenClaw's rise, the banking industry had already been exploring and applying intelligent agents. Several banks are actively promoting agent-enabled frontline services to enhance operational efficiency.

For example, Nanjing Bank has partnered with Volcano Engine to explore large-scale deployment of intelligent agents in financial scenarios. They have launched a one-stop intelligent agent workstation called HiAgent, which has already implemented over 20 high-quality agents, deeply applied in areas such as office work, operations, business development, and risk management.

How effective are these practices? For instance, corporate relationship managers often spend significant time gathering pre-visit information across multiple systems and platforms. An "one-page" pre-visit intelligent agent can automatically integrate data from internal and external sources, performing crawling, cleaning, fusion, and quality checks to quickly generate a comprehensive and accurate pre-visit analysis report. This reduces preparation time from two hours to within five minutes, becoming a core tool during peak marketing periods.

KPMG recently released the "2026 Outlook for China's Banking Industry," which noted that analysis of public tender information and case studies from KPMG show a rising trend in bank large-model projects from January to November 2025, with a small peak in August. The project content from January to June mainly focused on knowledge Q&A, with agent applications being sporadic. Starting in July, the number of agent application projects surged, especially in October and November, with all project types being related to agent applications.

So, how should banks balance innovation and compliance when exploring agent applications?

On March 16, Fu Yifu, a special researcher at Su Commercial Bank, told the Daily Economic News that when promoting agent-enabled frontline services, banks need to innovate management mechanisms, test new technologies in controlled environments, and ensure risks are measurable and controllable. They should strengthen data privacy protections and algorithm audits, follow the "least privilege" principle to avoid excessive customer data collection, and maintain close communication with regulators. Participating in industry standard development can help identify compliance red lines early. Additionally, banks should establish manual review processes to double-check key decisions made by agents, preventing automation errors. Embedding compliance requirements throughout the R&D process and cultivating multidisciplinary talent will help banks safely unlock the innovative potential of intelligent agents.