Incidents like the mass computer outage caused by Microsoft's third-party provider, CrowdStrike, have prompted a rethink about the increasing use of artificial intelligence (AI) and cloud computing in the financial world, central bankers and executives said at a conference in Hong Kong.

Such grand-scale outages have served as a wake-up call to the financial services industry, which needs to pay greater attention to operational resilience and risk management, these people said at the joint conference by the Hong Kong Monetary Authority (HKMA) and Bank for International Settlements on Thursday.

Eddie Yue Wai-man, the HKMA's CEO, said a major risk that has been identified is the use of third-party service providers. He said that firms depend heavily on big technology companies for computing power and the ability to deal with large data sets related to AI. If these major operators experience glitches, catastrophic results could radiate outward.

Do you have questions about the biggest topics and trends from around the world? Get the answers with SCMP Knowledge, our new platform of curated content with explainers, FAQs, analyses and infographics brought to you by our award-winning team.

"If any of these few service providers suffer from IT failures or cyberattacks, the outcome could be very difficult to handle," he said. "It's like CrowdStrike 10 times bigger."

In July, a botched software update by US cybersecurity firm CrowdStrike affected 8.5 million Windows-based devices worldwide, creating a major disruption for the airports, banks and healthcare providers that relied on its cloud computing services.

"CrowdStrike is a wake-up call to say, all these security software and network monitoring tools that have a high level of privilege and access across our estate and to some extent, automatic software updates - how comfortable are we with that," said Balbir Bakhshi, chief risk officer at the London Stock Exchange Group.

"There is an opportunity to do something different in this space through a more collaborative approach."

Greater regulation of third parties and increasing public-private partnerships would be helpful, he said. He added that a lot of time and effort would be freed up when there is a set of regulator-approved control standards for the industry.

Yue said banks are required to conduct risk assessments of AI service providers to strengthen their operational resilience and must have in place contingency plans to address potential service disruptions caused by third parties.