Machine learning & AI are coming to banks. Are you ready for the Risk?
Machine learning and AI: Mitigate that Risk
We at AML Partners see machine-learning and AI systems (ML/AI) as a double-edged sword. And because of the Risk involved for every financial institution using these technologies, we emphasize Risk analysis of ML/AI systems in our Legitimacy Lifecycle, which applies a lifecycle lens to Risk Management and mitigation.
ML/AI Risk in the Legitimacy Lifecycle
Unlike other lifecycle-management systems, AML Partners’ Legitimacy Lifecycle monitors and can mitigate Risk related to all human and human-caused activity within an institution. ML/AI systems are a prime example of what we describe as human-caused activity. And because the technologies are new, rapidly evolving, and largely opaque to end users, these AI/ML systems can pose substantial risk to financial institutions using them without informed Risk Management.
In AML Partners’ Legitimacy Lifecycle, ML/AI warrants its own Risk category because these systems can cause funds to be moved with--and without—the institution’s knowledge. Decision-makers at financial institutions can find themselves astride the razor’s edge with these new technologies.
Institutions want and need the benefits of ML/AI-driven processes. But they find themselves having to take vendors at their word regarding what exactly institutions are onboarding into their systems. Institutions can, however, mitigate the Risk of rogue ML/AI. Risk analysts can evaluate the risks of whether and how these ML/AI systems might learn how to circumvent all internal controls or create other problems not easily tracked.
Some institutions will probably choose to bar ML/AI systems from their networks in order to stamp out the Risk entirely. But that would not solve the problem for users of newer finance-related technologies targeted for other uses. Most new systems include some ML/AI aspects even if that is not their primary function. And ML/AI systems show promise for elevating accuracy and efficiency in the work of financial institutions.
For every good ML/AI system available, you can expect five bad ones. For strong Risk Management, users of these systems need to get prepared, be both wary and skeptical, and Know the Risk.
An Initial Approach to Due Diligence for ML/AI Tools
ML/AI tools clearly have allure, but risks loom. To mitigate Risk, we can think deeply about how due-diligence choices can lower Risk related to ML/AI systems at financial institutions. Following are some ideas about how to tackle due diligence in this early stage of adoption:
Sensible Isolation
Institutions should consider placing the ML/AI system on an isolated network segment and force the app to communicate via API. Most ML/AI systems want direct access to the user’s production systems. Resist at all costs connecting the ML/AI system to your production system. If your ML/AI tools cannot communicate via an API interface with flat files--and most cannot yet--you have serious risks to mitigate. I would even recommend you tell the vendor to come back when their systems pose fewer risks.
Recommended by LinkedIn
Screen Tools Like You Screen People
Each of these tech tools has a name, and we know what to do with names: We screen them. Start by screening the name just like you would a customer for adverse media, and/or do an advanced Google search. And let’s not forget about identifying the Ultimate Beneficial Owners and applying the full screening treatment for them and for any other related parties identified.
Conduct Due Diligence for Key Elements of ML/AI Applications
The following list is likely a short list, but it’s a solid starting point. An institution that applies Risk Management analysis to these elements will have a good start on due diligence of their ML/AI systems.
Leverage Powerful ML/AI—But Mitigate the Risk
Clearly, machine learning and artificial intelligence will enable major leaps in our understanding of financial crimes, and they will help us do more good work faster than ever before. But these advancements will usher in completely different Risk Management challenges than we have seen before. The arrival of rogue ML/AI systems could be devastating--unless you develop internal controls to mitigate their risk.
For every good ML/AI system available, you can expect five bad ones. For strong Risk Management, users of these systems need to get prepared, be both wary and skeptical, and Know the Risk.
eKYC Golden Record and Perpetual KYC--Just the start of what a RegTech platform can achieve
AML Partners has been working with financial institutions on how platform technologies can leverage AML/KYC solutions to meet needs specific to each institution.
We are excited about capabilities for end-to-end AML/CTF, KYC-CDD, and various GRC needs. And our customers are using the RegTechONE platform in powerful new ways.
Perpetual KYC and eKYC Golden Record are two prime examples. If you'd like to learn more about how RegTechONE might transform the accuracy and efficiency in Your Institution, please reach out to Jonathan C. Almeida .
ICC Certified Trade Finance Professional and SBP Certified Sanctions from IBP and FX specialist from NIBAF
1yIndeed it would bring improvement in existing procedures and processes ... Great update!!
Team Leader in Sanctions and PEP, KYC Project in Fin Tech Company
1yHelpful! This will