PCBB
BID Daily Newsletter
March 02, 2020

BID Daily Newsletter

March 02, 2020

Inquiry & Insight - Open Banking, Cyber, AI

Summary: Our readers asked us about opening banking, cyber-attacks and AI in credit decisions. Today, we provide our insight.
There is an interesting custom in Scotland, where you paint your door red when you have paid off your mortgage. So, the next time you see a red door in Scotland, you know you don't need to ask the owner if they are feeling pretty close to financial freedom. Today though, we were happy to get some interesting questions from our readers. We hope you enjoy the answers.
Q: We're watching the open banking trend very closely. What do we need to do if we decide to go this route?
A: Certainly open banking offers significant enough opportunities to warrant heightened consideration among community financial institutions (CFIs). However, the risks it poses to an institution's operations require even more careful deliberation. A move to open banking requires the CFI to build especially strong cyber-security defenses and requires particularly strong vetting of third-party partners through a process that must include due diligence and ongoing monitoring. Even if you have strong controls in place today, open banking ups the ante. Customer trust is paramount and in an open banking environment, proper controls are vital to ensure this goal is adequately achieved.
Q: As cyber-attacks continue to haunt our industry, we've been rethinking our current cyber insurance policy. What types of questions should we be asking when evaluating this need?
A: As with any type of insurance, the devil is in the details. Accordingly, CFIs need to be sure to ask the right questions related to their specific institution and needs. Among other things, they should look at what types of losses are covered by the policy and what the limits are -- per claim and in the aggregate. Banks should also ask how the policy responds to vendor-related issues since not all policies handle vendor-related breaches the same. Moreover, you should seek to understand the pre-claim and post-claim processes and any limitations and exceptions to your policy. Of course, price is a factor, but it shouldn't be the only driver since it's easy to be penny-wise and pound-foolish.
Q: We're considering upping our use of artificial intelligence (AI) in credit decisions. Are their specific issues we need to be aware of?
A: There's certainly value in using AI to improve the underwriting process. But, without proper implementation and monitoring, it can leave a CFI vulnerable from a risk perspective. Regulators, for instance, have expressed concern about the potential for AI to result in (unintended) discriminatory biases. This makes it incumbent upon CFIs to understand the models behind the AI and to implement appropriate monitoring and other safeguards to ensure these risks are mitigated. The risks aren't just limited to reputation; there are litigation risks as well. While at some juncture AI may be used more extensively in underwriting, many CFIs are treading cautiously due to the potential for unpredictable or inconsistent results. Implementing AI in underwriting requires expert advice on many levels, including input from trained compliance and regulatory personnel.