The Board of the International Organization of Securities Commissions (IOSCO) published the report that sets out final guidance to help its members regulate and supervise the use of artificial intelligence and machine learning by market intermediaries and asset managers. IOSCO had proposed the guidance in June 2020. The guidance consists of six measures that seek to ensure that market intermediaries and asset managers have appropriate governance, controls, and oversight frameworks over the development, testing, use, and performance monitoring of artificial intelligence and machine learning.
The guidance consists of the following six measures:
- Regulators should consider requiring firms to have designated senior management responsible for the oversight of the development, testing, deployment, monitoring, and controls of artificial intelligence and machine learning. This includes a documented internal governance framework, with clear lines of accountability.
- Regulators should require firms to adequately test and monitor the algorithms to validate the results of an artificial intelligence and machine learning technique on a continuous basis. The testing should be conducted in an environment that is segregated from the live environment prior to deployment.
- Regulators should require firms to have adequate skills, expertise, and experience to develop, test, deploy, monitor, and oversee the controls over artificial intelligence and machine learning that the firm utilizes. Compliance and risk management functions should be able to understand and challenge the algorithms that are produced and conduct due diligence on any third-party provider, including on the level of knowledge, expertise, and experience present.
- Regulators should require firms to understand their reliance and manage their relationship with third-party providers, including monitoring their performance and conducting oversight. To ensure adequate accountability, firms should have a clear service-level agreement and contract in place clarifying the scope of the outsourced functions and the responsibility of the service provider.
- Regulators should consider the level of disclosure of the use of artificial intelligence and machine learning that is required by firms. Regulators should consider requiring firms to disclose meaningful information to customers and clients—about their use of artificial intelligence and machine learning—that impact client outcomes. Regulators should consider what type of information they may require from firms using artificial intelligence and machine learning to ensure that they can have appropriate oversight of those firms.
- Regulators should consider requiring firms to have appropriate controls in place to ensure that the data that the performance of the artificial intelligence and machine learning is dependent on is of sufficient quality to prevent biases and sufficiently broad for a well-founded application of artificial intelligence and machine learning.
Annexes to the report describe how regulators are addressing the challenges created by artificial intelligence and machine learning and the guidance issued by supranational bodies in this area. IOSCO members are encouraged to consider these measures carefully in the context of their legal and regulatory framework. The use of artificial intelligence and machine learning will likely increase as the technology advances, with the regulatory framework evolving in tandem to address the associated emerging risks. Going forward, IOSCO may review the report, including its definitions and guidance, to ensure that it remains up-to-date.
Keywords: International, Banking, Securities, Artificial Intelligence, Machine Learning, Fintech, Regtech, Governance, ESG, Big Data, Disclosures, IOSCO
Previous ArticleAPRA Survey Reveals Some Entities Find Regulatory Burden Too High
In a letter addressed to the industry, the Australian Prudential Regulation Authority (APRA) set out an updated schedule of policy priorities for the banking, insurance, and superannuation industries.
The European Commission (EC) adopted a comprehensive review package of Solvency II rules in the European Union.
The Office of the Comptroller of the Currency (OCC) issued Versions 1.0 of the "Earnings" and "Regulatory Reporting" booklets of the Comptroller's Handbook.
The European Central Bank (ECB) published results of its economy-wide climate stress test, which aimed to assess the resilience of non-financial corporates and euro area banks to climate risks.
The European Banking Authority (EBA) published a report on the use of digital platforms in the banking and payments sector in European Union.
The Hong Kong Monetary Authority (HKMA) published updates on the policy measures that were announced in context of the ongoing pandemic.
The International Swaps and Derivatives Association (ISDA), along with several other associations, submitted a joint response to the Basel Committee on Banking Supervision (BCBS) consultation on preliminary proposals for the prudential treatment of cryptoasset exposures.
BIS published the September issue of the Quarterly Review, which contains special features that analyze the rapid rise in equity funding for financial technology firms, the effectiveness of policy measures in response to pandemic, and the evolution of international banking.
The Basel Committee for Banking Supervision (BCBS) met in September 2021 and reviewed climate-related financial risks, discussed impact of digitalization, and welcomed efforts by the International Financial Reporting Standards (IFRS) Foundation to develop a common set of sustainability reporting standards
The Office of the Comptroller of the Currency (OCC) issued a Cease and Desist Order against MUFG Union Bank for deficiencies in technology and operational risk governance.