Artificial intelligence: decisions should be understandable
Voice assistants like Siri or Alexa can take commands, interpret and answer you. Digital bank advisers recognise from a conversation the age, gender, income, marital status and occupation of the customer and put it into context. While the customers are online at home, their loan application can be processed using software robots. Artificial intelligence also estimates the risks, such as the likelihood of default. AI thus ensures greater security and considerable information gain in risk control.
However, regulatory requirements play an important role in the use of AI. They create the framework conditions for the proper handling of intelligent systems. A tricky task will be to reconcile the AI solutions with the standards of banking supervision. This will require completely new and specific regulations for the use of artificial intelligence.
AI decisions must remain traceable
When using AI, banks should always be able to trace how and why they come to their conclusions. With systems increasingly more automated and intelligent, there is a growing opportunity for AI solutions to make decisions or make recommendations that are difficult or impossible to understand. For instance, in the case of credit risk control, credit advisers should work with the coordinators of AI solutions to develop a decision- control reporting-system. Doing so will avoid the need for explanation.
Apply process documentation to AI solutions
In order to avoid such scenarios in the banking industry, banking supervision makes regulatory demands. For banks, these demands often seem like annoying obligations they have to meet. However, particularly in the case of AI, these requirements should not been seen as obstacles but rather as self-protective measures from individual institutes, the banking industry, and the entire national economy.
The duty to process documentation is an important requirement that will help contain the risks associated with AI. It ensures that banks and their decision-makers have all the information necessary for risk management available to them in full and exact form. The entire documentation process should be an integral part of risk management. All essential formulas, parameters, methods, procedures, actions, determinations and decisions should be documented. Documentation should be written according to the requirements of traceability, verifiability, completeness and correctness, to be read in MaRisk and GoBD. It also provides a framework for reviewing risk management by banking supervision.
In order to do justice to banking supervision, it makes sense to document the functioning of AI applications completely and comprehensively. Artificial intelligence also works by defining formulas, parameters, variables and computational algorithms.
AI-Documentation in principle is not difficult to write. In risk management, time intervals, default probabilities and confidence levels can be documented. Artificial intelligence also has interpretation capacities. This can lead to difficulties in meeting regulatory requirements if they are used unchecked. Therefore, institutions should review results through scenario analysis and backtesting in order to log calculation results, such as risk correlations; default and loss probabilities; and default and loss levels.
Regulation of AI applications is under discussion
The project to make AI applications more transparent and comprehensible is already known today under the term Explainable AI (XAI). The process documentation alone is not sufficient to explain AI applications. Regulatory requirements are still incomplete today. New regulations specifically for AI applications are already being discussed by the BaFin (Federal Financial Supervisory Authority), as can be seen in recent publications on Big Data and Artificial Intelligence. It is, therefore, an advantage for banking institutions to incorporate systematically mechanisms in their upcoming AI expansion stages in order to keep track of what their systems are doing.
The regulation of AI applications for banking supervisors and auditors will therefore become a separate topic block in order to keep the risks in the banking industry under control even in the age of the AI. Documenting the objectives and approach of artificial intelligence and logging the data that AI uses to derive correlations will be a beginning. More complex approaches, including AI controlling AI, are already in progress.