ACPR published a discussion paper on the governance of artificial intelligence in finance. In this paper, ACPR has proposed four principles for evaluating artificial intelligence algorithms and tools—namely, data management, performance, stability, and explainability. ACPR also recommends the governance concerns that need to be taken into account, as early as the design phase of an algorithm. These concerns involve the integration of artificial intelligence into traditional business processes; the impact of this integration on internal controls; the relevance of outsourcing (partially or fully) the design or maintenance phases; and the internal and external audit functions. The comment period for this discussion paper ends on September 04, 2020.
The governance of artificial intelligence algorithms requires careful consideration of the validation of each decision-making process. The regulatory compliance and the performance objectives of these algorithms are only achievable through a certain level of explainability and traceability. In the discussion paper, ACPR recommends focus on the following aspects of governance concerns:
- Integration of artificial intelligence into business processes. This involves ascertaining whether the artificial intelligence component fulfills a critical function, by dint of its operational role or of the associated compliance risk and whether the engineering process follows a well-defined methodology throughout the machine learning lifecycle (from algorithmic design to monitoring in production), in the sense of reproducibility, quality assurance, architectural design, auditability, and automation.
- Human-algorithm interactions. Those can require a particular kind of explainability, intended either for internal operators who need to confirm or reject an algorithm’s output, or for customers who are entitled to understand the decisions impacting them or the commercial offers made to them. Besides, processes involving artificial intelligence often leave room for human intervention, which is beneficial or even necessary, but also bears new risks. Such new risks include the introduction of biases into the explanation of an 4 algorithm’s output, or a stronger feeling of engaging one’s responsibility when contradicting the algorithm than when confirming its decisions.
- Security and outsourcing. Machine learning models are exposed to new kinds of attacks. Furthermore, strategies such as development outsourcing, skills outsourcing, and external hosting should undergo careful risk assessment. More generally, third-party risks should be evaluated.
- Initial and continuous validation process. This process must often be re-examined when designing an artificial intelligence algorithm intended for augmenting or altering an existing process. For instance, the governance framework applicable to a business line may in some cases be maintained, while, in other cases, it will have to be updated before putting the artificial intelligence component into production. Continuous validation process. The continuous monitoring of machine learning algorithm, for instance, requires technical expertise and machine-learning-specific tools to ensure the aforementioned principles are followed over time (appropriate data management, predictive accuracy, stability, and availability of valid explanations).
- Audit. For internal and external audits of artificial-intelligence-based systems in finance, exploratory work led by the ACPR suggests adopting a dual approach. The first facet combines analysis of the source code and data with methods for documenting artificial intelligence algorithms, predictive, models and datasets. The second facet leverages methods providing explanation for an individual decision or for the overall behavior of the algorithm; it also relies on two techniques for testing an algorithm as a black box: challenger models (to compare against the model under test) and benchmarking datasets, both curated by the auditor.
Comment Due Date: September 04, 2020
Keywords: Europe, France, Banking, Insurance, Governance, Artificial Intelligence, Fintech, Machine Learning, Regtech, Outsourcing Arrangements, ACPR
Previous ArticleACPR Publishes Version 2.1.0 of the CREDITHAB Taxonomy
In a recent Market Notice, the Bank of England (BoE) confirmed that green gilts will have equivalent eligibility to existing gilts in its market operations.
The Financial Conduct Authority (FCA) published the policy statement PS21/9 on implementation of the Investment Firms Prudential Regime.
The European Banking Authority (EBA) proposed regulatory technical standards that set out criteria for identifying shadow banking entities for the purpose of reporting large exposures.
The Board of the International Organization of Securities Commissions (IOSCO) proposed a set of recommendations on the environmental, social, and governance (ESG) ratings and data providers.
The European Commission (EC) announced plans to defer the application of 13 regulatory technical standards under the Sustainable Finance Disclosure Regulation (2019/2088) by six months, from January 01, 2022 to July 01, 2022.
The Bank of England (BoE) published a consultation paper on approach to setting minimum requirement for own funds and eligible liabilities (MREL), an operational guide on executing bail-in, and a statement from the Deputy Governor Dave Ramsden.
The European Banking Authority (EBA) is seeking preliminary input on standardization of the proportionality assessment methodology for credit institutions and investment firms.
Certain regulatory authorities in the US are extending period for completion of the review of certain residential mortgage provisions and for publication of notice disclosing the determination of this review until December 20, 2021.
The Prudential Regulation Authority (PRA) published the policy statement PS18/21, which introduces an amendment in the definition of "higher paid material risk taker" in the Remuneration Part of the PRA Rulebook.
The European Banking Authority (EBA) published its annual report on asset encumbrance in banking sector.