Getting smart: financial regulators seek input on AI

Introduction

On 29 March 2021 various federal agencies(1) issued a request for information (RFI) from financial institutions, trade associations, consumer groups and other stakeholders on the financial industry's use of AI. The RFI seeks insight into:

the industry's use of AI in the provision of financial services to customers; and
appropriate AI governance, risk management and controls.

In recent years regulators have highlighted financial institutions' and technology firms' growing use of AI and machine learning. However, the RFI is the federal agencies' most coordinated effort to understand AI's potential benefits and risks to date. It follows Federal Reserve Board Governor Lael Brainard's January 2021 speech, which previewed the potential for additional "supervisory clarity" in this area.

Risks and rewards

The RFI acknowledges AI's importance to the industry and its customers, including in:

the flagging of unusual transactions;
the personalisation of customer services;
credit decision making;
risk management;
textual analysis (ie, the handling of unstructured data to obtain insight or improve the efficiency of existing processes); and
cybersecurity.

The RFI also notes AI's potential safety and soundness risks, including:

operational vulnerabilities;
cyber threats;
IT lapses;
third-party risks; and
model risks.

Consumer risks are also identified – for example:

unlawful discrimination;
unfair, deceptive or abusive acts or practices; and
privacy concerns.

Further, the RFI discusses the importance of 'explainability', which refers to "how an AI approach uses inputs to produce outputs". Some AI approaches exhibit a lack of explainability for their overall functioning or how they arrive at individual outcomes, which can result in challenges in legal compliance, audits and other contexts.

Scope of RFI

The RFI seeks comments on:

explainability;
risks arising from broader or more intensive data processing and usage;
'overfitting', which occurs when an algorithm learns from idiosyncratic patterns in the training data that are unrepresentative of the entire population;
cybersecurity risks;
'dynamic updating', which refers to AI's ability to learn or evolve over time as it captures new training data;
AI use by community institutions;
oversight of third parties that have developed or provide AI; and
fair lending.

Fair lending appears poised to be the federal agencies' central supervisory concern in their evaluation of AI design and usage. The RFI poses more questions concerning fair lending than any other area. In particular, the federal agencies seek input on the following questions:

What techniques are available to facilitate or evaluate the compliance of AI-based credit determination approaches with fair lending laws or mitigate risks of non-compliance?
What are the risks that AI can be biased or result in discrimination on prohibited bases? Are there effective ways to reduce discrimination risks, whether during development, validation, revision or use? What are the barriers to or limitations of those methods?
To what extent do model risk management principles and practices aid or inhibit evaluations of AI-based credit determination approaches for compliance with fair lending laws?
What challenges, if any, do financial institutions face when applying internal model risk management principles and practices to the development, validation or use of fair lending risk assessment models based on AI?
What approaches can be used to identify the reasons for taking adverse action on a credit application when AI is employed? Do existing rules under the Equal Credit Opportunity Act provide sufficient clarity for the statement of reasons for adverse action when AI is used?

Comment

The RFI reflects the federal agencies' increasing interest in AI, particularly regarding the risks that it poses to consumers and the safety and soundness of financial institutions.

Caitlin Hutchinson Maddox, associate, assisted in the preparation of this article.

Endnotes

(1) The following federal agencies issued the RFI:

the Federal Reserve Board;
the Consumer Financial Protection Bureau;
the Federal Deposit Insurance Corporation;
the Office of the Comptroller of the Currency; and
the National Credit Union Administration.

Register now for your free, tailored, daily legal newsfeed service.

Getting smart: financial regulators seek input on AI

Filed under

Topics

Popular articles from this firm

Fifth Circuit Reverses District Court’s Dismissal Of Putative Securities Fraud Class Action Against Amusement Park Company For Lack Of Standing *

The Federal Circuit Is Amenable, Under Certain Circumstances, To Allowing A Patent Owner To Seek Foreign Damages For Domestic Infringement *

D.C. Circuit Reverses Lower Court’s Decision To “Set Aside” Civil Investigative Demand *

SEC Achieves Jury Verdict In Cryptocurrency Fraud Case *

Second Circuit Affirms District Court’s Summary Judgment Dismissal Of Securities Fraud Class Action Against Pharmaceutical Company *

Related practical resources PRO

Related research hubs