ECB Publishes Its Bug Report On The Proposed EU Artificial Intelligence Act – New Technology – Malta – Mondaq

To print this article, all you need is to be registered or login on Mondaq.com.

Grace' is a lifelike robot nurse, built withartificial intelligence to bring emotional care for patients duringthe pandemic and make them feel comfortable and at ease.

Artificial intelligence (AI), the self-didactic technology whichdetects patterns from historical data, is pervading all walks oflife, be it healthcare or the financial services industry.

The High-Level Expert Group on AI, tasked by the EuropeanCommission to draft AI ethics guidelines, defined AI assystems that display intelligent behaviour byanalysing their environment and taking actions with somedegree of autonomy to achieve specificgoals''.

In the finance world, AI has evolved substantially over therecent decades and its utility ranges from the performance datamonitoring, establishing creditworthiness and credit scoring, aswell as in combatting cybercrime and money laundering. However, theexponential use does not come without a fair amount of risksattached, in particular in machine learning applications whererisks of data bias can lead to erroneous results being generated bythe AI due to statistical errors or interference during the machinelearning process.

The paucity in AI regulation and the multiplicity in AIpractices led the European Commission to focus on this technologyin its Digital Finance Package, launched at the end of 2020 toensure that the EU financial sector remains competitive whilecatering for digital financial resilience and consumerprotection.

Towards the end of last year, the European Central Bankpublished its opinion welcoming the Artificial Intelligence Act.While noting the increased importance of AI-enabled innovation inthe banking sector, given the cross-border nature of suchtechnology, the supranational body held that the ArtificialIntelligence Act should be without prejudice to the prudentialregulatory framework to which credit institutions are subject.

The ECB acknowledged that the proposal cross-refers to theobligations under the Capital Requirements Directive (2013/36 orCRD V') including risk management and governanceobligations to ensure consistency. Yet the ECB sought clarificationon internal governance and outsourcing by banks who are users ofhigh-risk AI systems.

Raising its concerns as to its role under the new ArtificialIntelligence Act, the ECB reiterated that its powers derive fromarticle 127(6) of the Treaty on the Functioning of the EuropeanUnion (TFEU) and the Single Supervisory Mechanism regulation (EU)1024/2013 (SSM regulation), which instruments confer on the ECBspecific tasks concerning prudential supervision policies of creditinstitutions and other financial institutions.

Recital 80 of the proposal provides thatauthorities responsible for the supervision andenforcement of the financial services legislation, including whereapplicable the European Central Bank, should be designated ascompetent authorities for the purpose of supervising theimplementation of this regulation, including for marketsurveillance activities, as regards AI systems provided or used byregulated and supervised financial institutions.

The bank held that market surveillance' under theArtificial Intelligence Act would also consist in ensuring thepublic interest of individuals (including health and safety). In anutshell, the ECB informed the Commission that the ECB has nocompetence to regulate solutions like Grace the robot, but it willonly ensure the safety and soundness of credit institutions. Tothis effect, the bank suggested that (i) a relevant authority beappointed for health and safety risks related obligations; and (ii)another AI authority be set up at Union level to ensureharmonisation.

In parallel, the ECB also recommended that the ArtificialIntelligence Act be amended so as to mandate that, that in relationto credit institutions evaluating the creditworthiness of personsand credit scoring, an ex-post assessment be carried out by theprudential supervisor as part of the SREP, in addition to theex-ante internal controls that are already listed in theproposal.

Interestingly, the Bank for International Settlements, in itsnewsletter on artificial intelligence and machine learning, raisedits concerns in view of the cyber, security and confidentialityrisks, data governance challenges, risk management, biases,inaccuracies and potential unethical outcomes of AI systems,the committee believes that the rapid evolution anduse of AI/ML by banks warrant more discussions on the supervisoryimplications.

While the Artificial Intelligence Act has not been agreed uponin its final form and may be substantially changed before itsacceptance, it is safe to say that the financial sector is one inwhich the challenges relating to the use of AI need to be evaluatedwell, before and when deploying such technological solutions, inview of the risks and individual rights that are at stake.

Originally Published by Times of Malta

The content of this article is intended to provide a generalguide to the subject matter. Specialist advice should be soughtabout your specific circumstances.

Continued here:

ECB Publishes Its Bug Report On The Proposed EU Artificial Intelligence Act - New Technology - Malta - Mondaq