AI stands to empower financial institutions like never before, ($340 billion worth, according to McKinsey!) with tools that can improve workflow efficiencies, enhance the management of risks, cut operational costs, speed services such as onboarding and lending with a more refined consumer experience, and most importantly, grow revenue. However, with the capabilities (and complexities) of the “new” GenAI largely a gray area, and what is currently an extremely flimsy regulatory framework, significant risks are posed to financial institutions and their customers if it is not implemented diligently.
As the American Banking Journal points out in AI Compliance and Regulation, “the banking industry is not completely devoid of AI regulation and guidance, though existing regulations continue to shift, requiring financial institutions to be vigilant. In October 2023, President Biden issued a landmark Executive Order around AI designed to manage AI risks while also promoting innovation. The Executive Order included new standards around AI safety and security such as the announcement of new safety testing, the establishment of new standards and best practices for authenticating AI content, and the establishment of new cybersecurity programs to help fix vulnerabilities in software.” And last year, the European Union announced the EU AI Act, the world’s first regulation around AI.
While these are steps forward, the reasons for a thoughtful approach, and the relatively slow adoption of GenAI in banking are fairly obvious. Yes, banks have been utilizing “traditional” AI-powered solutions for years, in areas such as data collection, classification, and credit underwriting. S&P Global notes in AI in Banking: AI will be an Incremental Game Changer, “about 40% of financial services companies rely primarily on machine learning for both fraud detection and financial forecasting.” Leaders are still justifiably cautious, however, about expanding implementation of AI and ML beyond automating menial tasks and prediction.
The stakes are, of course, high. McKinsey & Co, in their report, The economic potential of generative AI, tells us that “on an annual basis, generative AI could add between $200 billion and $340 billion in value (9%-15% of banks’ operating profits) if the use cases are fully implemented.” Ergo, as AI regulatory requirements hopefully take a more definitive shape in the coming year, it will be more critical than ever that the compliance and risk management functions at institutions pay close attention to:
Data collection and usage
One of the primary concerns for banks, as well as their customers, is the security of sensitive customer data. AI systems gather, store, and analyze mountains of data. This makes a bank an attractive target for bad actors, and potentially puts at risk a customer’s personally identifiable information (PII), such as social security numbers, financial records, and transaction histories. As we have all seen far too often, a data breach can be costly – resulting in severe financial penalties, reputational damage, customer attrition, and in summary, lost revenue. In The legal issues presented by Generative AI, published by the MIT Sloan School in August of 2023, companies are “navigating a legal minefield” and “there are already way too many lawsuits to count centered on privacy concerns.” The solution? Encryption and multi-factor authentication around data access, regular monitoring/auditing, and employee training.
Compliance
Sustainability. Cybersecurity. Operational integrity. Banks must contend with an ever-evolving landscape of compliance issues, and data protection is chief among them. As AI automation relies upon the collection, storage, and use of data, regulations regarding data management have been the first out of the gate. The European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) in the United States, for example, impose stringent requirements on how banks collect, store, and use customer data. Not surprisingly, Implementing AI solutions that rely upon customer data raises concerns about compliance with these complex regulatory frameworks. And, of course, failure to comply can lead to hefty financial penalties.
Customer consent
Managing customer consent for the use of their proprietary information is also a stumbling block to GenAI adoption. Says Forrester in GenAI essentials for CX leaders: “Focus on communication and consent. If employee or customer personal data is part of your genAI project, define which outcomes you plan to achieve. Communicate that purpose in a clear way to the individuals whose data you are using. If you allow your organization to copy data or use it for training data, you must state this and ensure you have legal grounds to do that. Allow customers to stay in control with consent practices. Make it easy for them to withdraw consent and contact you for more information or to exercise their privacy rights. Ensure there is a human in the loop to review content ahead of publication.”
Conclusion
While AI technology solutions offer significant benefits for the banking industry, they also pose substantial challenges related to data privacy. Moving forward, in adopting GenAI technology, banks must have robust data security measures in place, ensure regulatory compliance, and obtain informed consent from customers. In doing so, they can build customer trust, avoid violation penalties, and leverage all the revenue-generating capabilities that GenAI has to offer.
To learn more about the impact of AI on the financial services industry, I invite you to sign up for our live webinar on July 31, 2024. Our guest is Eric Cook, a banking industry digital strategist, who will explore the role of AI in shaping the future of marketing within financial institutions. He'll also address the industry’s common apprehensions related to AI, such as data privacy, job security, and how AI, rather than replacing marketers, can amplify their capabilities and make them more valuable within their organizations. To register, click here to visit our sign in page.
Bank Marketing Center
Here at bankmarketingcenter.com, our goal is to help you with that topical, compelling communication with customers — developed by bank marketing professionals for bank marketing professionals — that will help you build trust, relationships, and revenue.
Our web-based platform puts our client partners in complete control of their marketing message production, as well as their enterprise-wide compliance approval processes. We’re also proud of the fact that we currently work with hundreds of financial institutions.
Want to learn more about what we can do for your community bank and your marketing efforts? You can start by visiting bankmarketingcenter.com. Then, feel free to contact me directly by phone at 678-528-6688 or via email at nreynolds@bankmarketingcenter.com. As always, I welcome your thoughts.