The National Financial Regulatory Administration has rolled out a set of guidelines aimed at ensuring the secure development and deployment of artificial intelligence (AI) within the banking and insurance industries. These guidelines underscore the importance of fortifying supply chain risk management and open-source technology governance. Financial institutions are mandated to institute a robust supply chain security and compliance management framework for AI-driven computing power, models, and data. This framework is designed to guarantee independence and control, thereby mitigating concentration risks. Concurrently, institutions are urged to refine their standards for open-source technology utilization, maintain comprehensive management ledgers, conduct thorough reviews and evaluations of external open-source components, intensify code audits, vulnerability scans, and security testing, and proactively identify and rectify potential risks to thwart supply chain contamination.