This article was first published in Law360 on 27 November 2024 here.
Artificial intelligence (AI) is rapidly transforming the financial services industry. From personalised customer support to improving risk assessment and compliance, AI is reshaping how financial institutions, consumers and markets operate.[1] On 31 October 2024, Sarah Breeden, the Deputy Governor of the Bank of England, announced that an upcoming survey found that 75% of firms now use some form of AI in their operations.[2]
Whilst the technology is still evolving, the potential for AI in financial services is wide spanning and will enable the industry to become much more efficient, transparent and autonomous.
This article will explore the predicted trends in AI within the financial services sector, highlight the regulatory risks and consider what we can expect over the next year.
Key trends and opportunities
AI is increasingly being harnessed by financial institutions to streamline operations, enhance customer experiences and mitigate risks. Examples of where AI is used include:
Customer service chatbots
AI-powered chatbots and virtual assistants provide instant, 24/7 responses to customer queries and rely on algorithms to build personalised portfolios for clients, as well as directing complaints to the appropriate customer service teams.[3]
Financial crime prevention
Another early area of adoption, firms are using machine learning for purposes ranging from blocking suspicious payments and fraud to helping firms with initial and ongoing customer due diligence (know your customer).
Personalisation
With data collection and machine learning models becoming more complex, one key predicted trend is that financial institutions will be able to explore the personalisation of their products.
Such institutions are already experimenting with personalised financial advice (robo-advice), but the use of AI could revolutionise this. It could tailor products specifically to a consumer's life stage, spending patterns, and future goals. In the future, AI could create personalised investment portfolios based on real-time market data, individual risk profiles and long-term financial goals.
Fraud detection
In relation to cybersecurity, financial institutions are often some of the biggest targets and the regulators expect high levels of cybersecurity measures to be built into operational resilience strategies. Protecting data and financial assets is critical, and AI is already playing a key role in fraud detection. Large banks are able to use machine learning models to detect fraud by identifying dark patterns in transactions.
Dark patterns are ultimately user interfaces designed to 'trick', 'encourage' or 'compel' users into taking certain actions, potentially against users' wishes.[4] In the future, AI systems will be better at distinguishing genuine anomalies from harmless transactions.
Risk management and compliance
Risk management has always been a manual, time-intensive task in the financial services industry, but AI is revolutionising the field. Algorithms can now assess creditworthiness, credit risk assessment, predict potential loan defaults and monitor market volatility.
These AI models could provide a new level of predictive insight, giving financial institutions an edge in preparing for potential crises. For example, AI-driven simulations might allow banks to stress-test their portfolios against a wider array of scenarios than traditional methods permit. AI could also simplify compliance, which is a major cost centre for banks and other financial institutions.
Natural language processing (NLP) is already being used to sift through massive volumes of regulatory documents. In the future, AI may be able to interpret complex legal changes and update compliance protocols automatically, reducing the burden on human compliance officers and minimising costly errors.
Investment and trading
Most large financial institutions already rely on algorithmic trading systems, but these are often based on pre-programmed rules and limited datasets. Next-generation AI could create trading algorithms that learn from every market fluctuation, adapting trading strategies in real-time to optimise profits.
The growing use of AI in environmental, social, and governance (ESG) investing is also a key predicted trend; a recent Energy Transition Outlook Survey Report[5] found that respondents have significant optimism for enabling decarbonization technologies, including hydrogen, carbon capture, biofuels, utility-scale storage, and electric vehicles.
Capital management
Currently few firms use AI for capital management purposes, but this is a projected area of growth.
As investors increasingly seek ethical investment opportunities, analysing a company’s environmental, social and governance performance is challenging due to inconsistent datasets. By using AI firms are able to process news articles, social media posts and reports to give a more nuanced view of a company’s ESG standing, allowing for more informed investment decisions.
Regulatory agenda
UK
The UK's regulatory landscape for the use of AI in financial services is centred around a 'pro-innovation' approach which is currently based on sector-specific guidance and in the main takes a tech-agnostic approach.
The implementation of AI has marked a definitive transition in the UK financial services sector, with predictive AI already making significant strides particularly in financial crime prevention and detection. Generative AI also holds great promise and is gaining attention for its potential to revolutionise process automation and customer service functions.[6]
The regulators themselves are also hopping on the bandwagon – the Financial Conduct Authority (FCA) announced last year that it is using AI-based models to help tackle fraud. However, despite some tangible benefits, the financial services industry is still exercising caution when it comes to AI.
Key guidance from the FCA is in line with the UK government’s pro-innovation strategy for AI regulation, which underscores the significance of safe and responsible integration of AI technologies alongside fostering innovation:
- Safety and security: ensuring that AI systems are robust, secure and resilient against potential threats.
- Transparency and explainability: mandating that AI models are transparent and their decision-making processes understandable.
- Fairness: advocating for the fair application of AI to protect consumers and maintain market integrity.
We are expecting new legislation in the UK specifically targeted at regulating AI and anticipate that this new legislation will be much more detailed than the current sector-specific guidance approach. It may even adopt a similar risk-based approach to the EU's AI Act. According to the King’s Speech in July, new legislation to 'ensure the safe development and use of AI models' is likely to be welcomed by financial institutions.[7] Alternatively, the UK's new legislation may be a mix of the guidance we have seen from various regulatory bodies. In a press release dated 6 November 2024, the UK government stated that 'trustworthy AI systems' will unlock more than £6.5 billion by 2035[8], which shows that this is a priority of the Labour government.
From the UK regulators' perspective, alongside the interest in the increasing uses to which regulated firms can put AI, there are challenges at both macro- and micro-prudential level. At the macro-level the Bank of England is alert to the risks of the financial system becoming more dependent on shared AI technology and infrastructure systems and the overall impact on financial stability – albeit it does not yet see any reason to change its current approach. On the micro level, it is clearly imperative that from a governance perspective firms understand and manage their AI models, however from a conduct perspective, firms – especially those in the retail markets – will be constantly aware of their obligations under the FCA's Consumer Duty to deliver good outcomes to retail customers. In Sarah Breeden's October speech[9], she highlighted three of the Bank of England's challenges which are relevant to this risk, particularly in respect of generative AI:
- Dynamic model behaviour misalignment
- Lack of explainability
- Autonomous decision-making without senior management involvement.
Other evolving areas of tech-agnostic supervision will also affect how firms get their AI capabilities, with the upcoming implementation of the "Critical Third Parties" regime, which will introduce oversight of critical third parties currently outside the regulatory perimeter by requiring them to provide specified information to regulators particularly in relation to their operational resilience and controls. The regulators have not yet decided which third parties will be subject to the regime but it is likely to include key players in the AI markets.
The FCA meanwhile has launched its AI Lab and one of its 2025 priorities will be to analyse the responses to its current call for views on the use of AI in financial services and testing firms' AI use in controlled settings.
EU
The European Union Artificial Intelligence Act is the first-ever legal framework specifically targeted at regulating AI.[10] This Act establishes different risk categories for different use cases of AI. These include prohibited, high, limited and minimal. The risk category then determines what level of compliance organisations need to adopt.
There has been much speculation over whether the UK will adopt a similar approach to the EU AI Act. Critics have said it is too prescriptive, imposes too much of a regulatory burden and may stifle innovation in the EU.
US
The United States leads in AI innovation, with numerous fintech startups and established financial institutions which heavily invest in AI research and development. In 2023, the financial services industry invested an estimated $35 billion in AI, with banking accounting for around $21 billion.[11] The regulatory environment is also evolving, with agencies like the Federal Trade Commission providing guidance on the use of AI.
International cooperation
Most recently, the UK, EU and US signed the Council of Europe Framework Convention on Artificial Intelligence and Human Rights, Democracy and the Rule of Law[12], the world's first international treaty governing the safe use of AI. This legally-binding treaty is aimed at protecting:
- Human rights
- Democracy by ensuring countries take steps to prevent public institutions
- The rule of law through regulation, preventing harm and ensuring safe use.
This is a positive step forward for the development of global standards and approaches to regulating AI.
Practical steps and preparing for the future
The future of AI in financial services will likely depend on striking a balance between automation and human oversight. In the next decade, financial services are likely to evolve into a hybrid model where AI handles routine tasks and humans focus on higher-level strategy and nuanced decision-making. Banks and other financial institutions must also work closely with regulators to establish ethical standards, protect consumer rights and meet regulatory expectations without stifling innovation.
Contracts with AI providers should include detailed provisions for data protection, intellectual property rights, and compliance with relevant regulations. It will also be key to include clear liability clauses in contracts to address potential risks associated with AI systems, such as data breaches or algorithmic errors.
In all cases, AI technologies should not be relied upon as a source of truth and contractual protections alone will be insufficient to mitigate the potential risks. Financial institutions should look to implement policies around the reliance on any AI technologies, to ensure underlying sources are identified and outputs are properly interrogated. Financial institutions should also build in safeguards when AI technologies does not perform as intended and/or cause customer harm.
It is essential for businesses to understand the tech and the rationale for decisions which are made by a firm. This is not necessarily the same as understanding all of the nuts and bolts of how the tech works, it is about understanding the context and the skills firms need to ensure the tech works appropriately. Although the financial regulators have not yet assigned AI responsibility to a specific senior manager, it's clear that, as AI technology becomes increasingly integral to a firm's business, it will be relevant to their assessment of the firm's key governance, operational and conduct strategies.
Sources:
[1] https://www.turing.ac.uk/news/publications/ai-financial-services.
[7] https://researchbriefings.files.parliament.uk/documents/LLN-2024-0040/LLN-2024-0040.pdf.
[8] https://www.gov.uk/government/news/ensuring-trust-in-ai-to-unlock-65-billion-over-next-decade.
[10] https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-ai.
[11] https://www.statista.com/topics/7083/artificial-intelligence-ai-in-finance.
This article is for general information only and reflects the position at the date of publication. It does not constitute legal advice.