Financial institutions face increasing cyber risk while operating under strict regulatory oversight. To manage this risk, they rely heavily on Cyber Threat Intelligence (CTI) to inform detection, response, and strategic security decisions. Artificial intelligence (AI) is widely suggested as a means to strengthen CTI. However, evidence of trustworthy production use in finance remains limited. Adoption depends not only on predictive performance, but also on governance, integration into security workflows and analyst trust. Thus, we examine how AI is used for CTI in practice within financial institutions and what barriers prevent trustworthy deployment. We report a mixed-methods, user-centric study combining a CTI-finance-focused systematic literature review, semi-structured interviews, and an exploratory survey. Our review screened 330 publications (2019-2025) and retained 12 finance-relevant studies for analysis; we further conducted six interviews and collected 14 survey responses from banks and consultancies. Across research and practice, we identify four recurrent socio-technical failure modes that hinder trustworthy AI-driven CTI: (i) shadow use of public AI tools outside institutional controls, (ii) license-first enablement without operational integration, (iii) attacker-perception gaps that limit adversarial threat modeling, and (iv) missing security for the AI models themselves, including limited monitoring, robustness evaluation and audit-ready evidence. Survey results provide additional insights: 71.4% of respondents expect AI to become central within five years, 57.1% report infrequent current use due to interpretability and assurance concerns and 28.6% report direct encounters with adversarial risks. Based on these findings, we derive three security-oriented operational safeguards for AI-enabled CTI deployments.

翻译：金融机构在严格的监管环境下运营，同时面临日益增长的网络安全风险。为管理此类风险，机构高度依赖网络威胁情报（CTI）以支持检测、响应及战略安全决策。人工智能（AI）被广泛视为强化CTI的手段，但金融领域可信赖生产级应用的成功案例仍有限。AI的采用不仅取决于预测性能，更受治理机制、安全流程集成以及分析师信任度的影响。为此，我们研究了金融机构实践中AI在CTI中的应用方式及阻碍可信部署的障碍。本研究采用混合方法、用户导向的研究设计，结合聚焦CTI-金融领域的系统性文献综述、半结构化访谈与探索性问卷调查。文献筛选涵盖330篇出版物（2019-2025年），最终保留12篇金融相关研究；同时面向银行及咨询机构开展6次访谈并收集14份问卷反馈。通过研究与实践双重维度，我们识别出阻碍可信AI驱动CTI的四种反复出现的社会技术失效模式：（i）机构管控外的公共AI工具影子使用，（ii）缺乏运营集成的纯许可授权模式，（iii）限制对抗性威胁建模的攻击者认知鸿沟，（iv）AI模型自身安全防护缺失（包括监测不足、鲁棒性评估缺失及审计证据不完善）。调查结果进一步揭示：71.4%的受访者预期AI将在五年内成为核心工具，57.1%反映因可解释性与保障性顾虑导致当前使用频率低下，28.6%报告直接遭遇对抗性风险。基于上述发现，我们为AI赋能CTI部署提出了三项面向安全运营的防护措施。