Proprietary fraud detection algorithms exposed to third-party services - API keys discovered in AI tool traffic logs - No audit trail for AI-generated code in regulated systems