Currently, no specific restrictions, conditions, or other concerns regulate the use of Artificial Intelligence (AI) tools by financial institutions. However, a guideline was published by the Information Technology Risk Supervision department of the Bank of Thailand (BOT) on using AI in the financial institution sector. According to the BOT guideline, the use of AI in the finance sector should take into consideration the following issues:
1) Fairness and Nondiscrimination
AI developers should consider that one of the purposes of AI tools is to lessen human bias. Therefore, AI developers are advised to prioritize using sensitive personal data or factors, such as gender or skin color, in the development or decision-making process, both direct and indirect, to prevent any discrimination in decision-making process.
2) Accountability
Financial institutions must consider accountability in the processing of AI and be responsible for the performance of the AI, and there is no ambiguity in terms of responsibility. In addition, because of the replacement of human resources by AI, financial institutions should aim to enhance skills and manage human resources to harmonize with AI. In other words, responsibility for the performance of AI cannot be waived by the operator of AI.
3) Transparency and Explain-ability
AI developers should consider the method, approach, or model to appropriately describe the usage of AI functions to end-users for transparency purposes.
4) IT Security
AI developers should emphasize data confidentiality, accuracy, and utilization of the AI system. In addition, AI developers should provide security standards and measurements such as vulnerability assessments, penetration tests, and risk management to all services offered to the end-users.
5) Reliability
AI developers should provide processes, indicators, or tools to assure the reliability of the Platform and enhance the quality of the AI tool. Furthermore, AI developers may consider utilizing external experts to re-check and re-evaluate that the system of the Platform works appropriately and maintains an acceptable level of risk.
Kindly note that the abovementioned guideline is not considered a law or regulation. Therefore, no penalty shall apply if there is any failure to comply with the above guidelines.
As no penalty applies, it asks how financial institutions comply with a non-binding policy. Naturally, based on regulatory practices, the financial sector will attempt to abide by the spirit of the guidelines to maintain good relations with the BOT. However, if the financial industry were to ignore the spirit of the guidelines, the risk to the financial sector is that the BOT would start implementing binding regulations on AI.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
