The Importance of Managing Your AI Risks

Moving pictures first came onto the scene in the 1890s, with special effects working their way into films within just a few years. As films became more advanced, so too did the stunts that performers were asked to do. By 1910, with serial action movies requiring ever riskier stunts to hold the attention of audiences, Hollywood began employing stunt doubles to minimize the risk of injuries to well-known movie stars. The most famous stunt double was Dar Robinson, who broke 19 world records and performed 21 “world’s first” stunts during his career — all without ever breaking a single bone.While it is safe to say that most financial employees will never need someone to jump from a building in their stead, minimizing risks is something financial institutions should be well versed in — particularly when it comes to their use of artificial intelligence (AI).Rising UsageOver the past few years, AI has become prevalent within the financial industry, utilized for everything from analyzing customer data to gauging lending risks, personalizing product and service offerings, enhancing round-the-clock customer service online, and identifying qualified potential employees.As open banking continues to take off, the number of uses for AI will continue to rise. By 2030, Microsoft predicts that the global AI market will reach a value of $15.7T. But AI is not without its risks. A recent study from information technology services and consulting company Capgemini found that 60% of businesses that employ AI have faced legal scrutiny, with 22% having received customer backlash as a result of the decisions that their AI systems have made.Customers are questioning how their personal information is used, while some suspect that organizations are not being fully transparent about their data usage practices. As regulators step up their oversight of AI usage, community financial institutions (CFIs) need to be cognizant of the potential risks that their own AI practices could create for them.Heightened Oversight LoomsWhile regulators in the US have yet to publish AI-specific rules for the financial industry, representatives from both the Office of the Comptroller of the Currency (OCC) and the Federal Reserve have made it clear that financial institutions are expected to adhere to existing regulatory guidance for their AI use. As CFIs wait for industry-specific rules to make their way down the pipeline in the US, one way of preparing for what is likely to emerge is by looking at the guidance that has already come out overseas.In October, the UK Financial Conduct Authority (FCA), the Bank of England (BoE), and the Prudential Regulation Authority (PRA) published a paper discussing the safe usage of AI within the financial services industry. UK regulators noted that they are looking to determine whether existing legal requirements and guidance are sufficient for AI’s current use cases. As part of that effort, UK regulators are working to clarify what specifically constitutes AI; to document analytical tools for mapping it out; and to detail the benefits and risks of AI in specific categories such as consumer protection, competition, financial stability, and market integrity, among others.Gearing Up for ChangeSince avoiding AI may eventually be unfeasible for CFIs if they want to remain competitive, it is important to look at the ways it is being employed within your organization and to consider any possible risks for each use case. One area where regulators are paying particularly close attention is open banking and the possible repercussions as third-party developers access customer financial data. The same rules could soon apply to AI that requires customer data to be shared with a third-party provider.Now is the perfect time to dig into any third-party relationships your organization has from a risk compliance perspective, if the exchange of data is involved. It is important to know who is monitoring the data-sharing process, and what types of controls have been put in place to protect consumer data. Also essential is ensuring that your organization has adequate access to the skill sets and technical knowledge needed to oversee such programs. As we recently noted, being aware of existing biases within your AI programs is also important. Digging into existing regulations regarding general AI usage would also be wise, as it is almost certain that any existing rules for organizations outside the financial services realm will be enhanced.The use of AI among financial institutions will become increasingly important as CFIs try to remain competitive against the industry’s largest players. Before stepping up your own AI usage, however, assess all areas where your organization is already using or looking to add it. From there, your CFI can determine potential risks that could open up on the regulatory front and plan out the steps you can take to minimize those risks.