ACPR published a discussion paper on the governance of artificial intelligence in finance. In this paper, ACPR has proposed four principles for evaluating artificial intelligence algorithms and tools—namely, data management, performance, stability, and explainability. ACPR also recommends the governance concerns that need to be taken into account, as early as the design phase of an algorithm. These concerns involve the integration of artificial intelligence into traditional business processes; the impact of this integration on internal controls; the relevance of outsourcing (partially or fully) the design or maintenance phases; and the internal and external audit functions. The comment period for this discussion paper ends on September 04, 2020.
The governance of artificial intelligence algorithms requires careful consideration of the validation of each decision-making process. The regulatory compliance and the performance objectives of these algorithms are only achievable through a certain level of explainability and traceability. In the discussion paper, ACPR recommends focus on the following aspects of governance concerns:
- Integration of artificial intelligence into business processes. This involves ascertaining whether the artificial intelligence component fulfills a critical function, by dint of its operational role or of the associated compliance risk and whether the engineering process follows a well-defined methodology throughout the machine learning lifecycle (from algorithmic design to monitoring in production), in the sense of reproducibility, quality assurance, architectural design, auditability, and automation.
- Human-algorithm interactions. Those can require a particular kind of explainability, intended either for internal operators who need to confirm or reject an algorithm’s output, or for customers who are entitled to understand the decisions impacting them or the commercial offers made to them. Besides, processes involving artificial intelligence often leave room for human intervention, which is beneficial or even necessary, but also bears new risks. Such new risks include the introduction of biases into the explanation of an 4 algorithm’s output, or a stronger feeling of engaging one’s responsibility when contradicting the algorithm than when confirming its decisions.
- Security and outsourcing. Machine learning models are exposed to new kinds of attacks. Furthermore, strategies such as development outsourcing, skills outsourcing, and external hosting should undergo careful risk assessment. More generally, third-party risks should be evaluated.
- Initial and continuous validation process. This process must often be re-examined when designing an artificial intelligence algorithm intended for augmenting or altering an existing process. For instance, the governance framework applicable to a business line may in some cases be maintained, while, in other cases, it will have to be updated before putting the artificial intelligence component into production. Continuous validation process. The continuous monitoring of machine learning algorithm, for instance, requires technical expertise and machine-learning-specific tools to ensure the aforementioned principles are followed over time (appropriate data management, predictive accuracy, stability, and availability of valid explanations).
- Audit. For internal and external audits of artificial-intelligence-based systems in finance, exploratory work led by the ACPR suggests adopting a dual approach. The first facet combines analysis of the source code and data with methods for documenting artificial intelligence algorithms, predictive, models and datasets. The second facet leverages methods providing explanation for an individual decision or for the overall behavior of the algorithm; it also relies on two techniques for testing an algorithm as a black box: challenger models (to compare against the model under test) and benchmarking datasets, both curated by the auditor.
Comment Due Date: September 04, 2020
Keywords: Europe, France, Banking, Insurance, Governance, Artificial Intelligence, Fintech, Machine Learning, Regtech, Outsourcing Arrangements, ACPR
Previous ArticleACPR Publishes Version 2.1.0 of the CREDITHAB Taxonomy
HKMA has published a circular that sets out the regulatory and reporting treatment for loans that participating authorized institutions may grant to eligible borrowers under the 100% Personal Loan Guarantee Scheme.
ECB published the results of the assessment of internal models that banks use to calculate risk-weighted assets for credit, market, and counterparty credit risks.
PRA published a statement on the regulatory treatment of retail residential mortgage loans under the Mortgage Guarantee Scheme, or MGS.
FCA is consulting, via CP21/7, on the second phase of proposed rules to introduce the UK Investment Firm Prudential Regime (IFPR).
HM Treasury and BoE announced the joint creation of a Central Bank Digital Currency (CBDC) Taskforce to coordinate the exploration of a potential central bank digital currency in UK.
EIOPA published an opinion to set out its expectations on the supervision of the integration of climate change risk scenarios by insurers in their Own Risk and Solvency Assessment (ORSA).
Bundesbank published two circulars on AnaCredit reporting requirements. Circular 27/2021 covers changes to the reporting of branches, additional attributes to be reported for investment funds from August 01, 2021, and updates to the list of international organizations.
EC published the Implementing Regulation 2021/622 that lays down implementing technical standards for reporting of the minimum requirement for own funds and eligible liabilities (MREL).
BCBS has set out the strategic work priorities, as part of its the work program for 2021-22.
PRA published the policy statement PS8/21, which contains the final supervisory statement SS3/21 on the PRA approach to supervision of the new and growing non-systemic banks in UK.