September 18, 2021

Volume XI, Number 261


September 17, 2021

Subscribe to Latest Legal News and Analysis

September 16, 2021

Subscribe to Latest Legal News and Analysis

Federal Financial Agencies Seek Comments on Use of Artificial Intelligence

Artificial intelligence continues to remain a focus in 2021, as we predicted at the start of the year. From the FTC, to the EU, to others, regulators of all kinds are paying attention to companies’ use of these tools. In the latest, five US federal agencies are seeking input on how financial institutions are using AI tools. Comments from stakeholders are due by June 1, 2021.

These financial agencies recognize and acknowledge the benefits of AI, noting that AI tools have the potential to augment business decision-making and enhance services available to consumers and businesses. These tools, they note, are used by financial services firms for things like flagging suspicious transactions and personalizing customer services. While there are certainly benefits, the agencies recognize that use of AI tools are not without risks, including operational vulnerabilities, cyber threats, heightened consumer protection issues, and privacy concerns.

The agencies are seeking input from the industry on a variety of topics to provide them with a more complete picture of current AI. This is part of their efforts to determine the appropriate levels and types of governance, risk management, and controls over those tools. Areas of input sought include:

  • Explainability

  • Data quality and data processing

  • Overfitting (i.e. when an algorithm “learns” from idiosyncratic patterns in the training data that are not representative of the population as a whole)

  • Cybersecurity

  • Dynamic updating

  • AI use by community institutions

  • Use of AI developed or provided by third parties

  • Fair lending

While signaling that they may create more guidance, the agencies point out that there are currently many regulations that govern use of AI tools. These include the Fair Credit Reporting Act, Section 5 of the FTC Act, Sections 501 and 505(b) of the Gramm-Leach-Bliley Act, and more. Similarly, there are several general guidance documents that have been issued that can give direction on the use of AI tools.

Putting it Into PracticeThis request for comment gives financial institutions an opportunity to bring the benefits and challenges from the use of AI to regulators’ attention. Comments are due by June 1, 2021. Instructions on how to submit comments to each of the agencies is found at the beginning of the request for comment.

Copyright © 2021, Sheppard Mullin Richter & Hampton LLP.National Law Review, Volume XI, Number 95

About this Author

Julia Kadish is an attorney in the Intellectual Property Practice Group in the firm's Chicago office.

Areas of Practice

Julia's practice focuses on data breach response and preparedness, reviewing clients' products and services for privacy implications, drafting online terms and conditions and privacy policies, and advising clients on cross-border data transfers and compliance with US and international privacy regulations and standards. She also workes on drafting and negotiating software licenses, data security exhibits, big data licenses, professional...

Liisa Thomas, Sheppard Mullin Law Firm, Chicago, Cybersecurity Law Attorney

Liisa Thomas, a partner based in the firm’s Chicago and London offices, is Co-Chair of the Privacy and Cybersecurity Practice. Her clients rely on her ability to create clarity in a sea of confusing legal requirements and describe her as “extremely responsive, while providing thoughtful legal analysis combined with real world practical advice.” Liisa is the author of the definitive treatise on data breach, Thomas on Data Breach: A Practical Guide to Handling Worldwide Data Breach Notification, which has been described as “a no-nonsense roadmap for in-house and...