How can we govern artificial intelligence - Global Banking | Finance (2024)

By Gaurav Kapoor, COO and Office of the CEO, MetricStream

Artificial intelligence (AI) has swept across almost every industry with the purpose of automating processes, increasing efficiency and improving our personal lives and businesses.

It is widely believed that AI promises to be objective and help us to avoid human bias, opinion, or ideologies. However, there have been many instances where the opposite has been true and technology has failed to behave with impartiality. One of many examples where AI has failed to be partial comes from Amazon’s AI recruiting tool which was found to be biased against hiring women as it largely only recommended male CVs and consequently, the technology had to be scrapped by Amazon to avoid any further scrutiny.

With AI rapidly evolving and taking up more room in the business landscape, it is understandable that the European Commission is eager to draft regulation to help prevent the misuse of AI, but how can we effectively govern the bots?

A challenging question for a complicated process

On 19 February during a press conference in Brussels, the European Commission set itself up for the unenviable task of trying to regulate AI as the technology is constantly changing. What may work to regulate AI one day, may fail to stretch far enough a few weeks later as AI rapidly evolves and could be completely irrelevant after only a month of being introduced.

The need to have policies in place though is not doubted among the community as a KPMG study found that 80 per cent of risk professionals are not confident about the governance in place around AI. However, what is of concern for technology leaders is the consequence of tighter regulations stifling innovation for AI and hindering the enormous potential benefits for the world.

For example, CheXnet is an AI algorithm from Stanford that can detect pneumonia among older patients through chest X-rays, but for technologies like these to work, they need creative and scientific freedom.

Although AI and its innovation holds great power to be used for good, its accelerating adoption across industries comes with numerous ethical concerns that need to be addressed in governance.

Navigate evolving AI with forward-looking risk management

While the EU works hard to try and set policies in place, organisations should take the time to consider their own governance, risk and compliance (GRC) processes to ensure they are not caught out with their use of AI when legislation does finally arrive.

One way organisations can overcome unforeseen exposure to risk from evolving AI technology, as well as the ever-changing business landscape, is by implementing a governance framework around AI within and outside organisations. Unlike model management in financial services industries where internal controls and regulators require companies to validate and ‘manage’ models on a regular basis, AI model controls are already being put in place.

This reflects the proliferation of AI usage in enterprises and the need for organisations to monitor where they are being used for business decisions and avoiding inherent biases or lack of underlying datasets for them to operate with accuracy. Regulators are not far behind demanding proof points of the right controls in place.

The other added element is to set up a forward-looking risk management program around AI. This program improves an organisation’s ability to manage both existing and emerging risks by analysing past trends, predicting future scenarios, and proactively preparing for them around the hypothesis and the impact of AI – both positive and negative and monitoring them.

Once an organisation is set up in this way, it should be better prepared for any new regulation that may be introduced to govern AI and stop its misuse or bias.

Create one information hub for all

A study by Gartner found that poor data quality, created from multiple information siloes by several business units and operations in numerous geographic locations, is responsible for an average of $15 million per year in losses.

These figures can be crippling for organisations, so it is important that restrictive siloes are abandoned and replaced with one centralised information hub. With this information management system, senior management and risk professionals can ensure that they are always aware of their risks, created by AI or otherwise, as one centralised information hub allows organisations the ability to operate with a clear vision of the bigger picture so that they can respond to any threat appropriately and efficiently.

Hold integrity and ethics at the core of the business strategy

One argument that is often presented for when AI fails to act impartially is explained by an article in the Harvard Business Review which said that AI systems learn to make decisions based on training data, which may include biased human decisions or reflect historical or social inequalities.

Although organisations may not be responsible for creating the bias in the AI technology that they purchase, organisations are responsible for their own character and reputation.

With scrutiny coming from regulators, as well as the rise of the consumer voice due to social media, organisations need to strongly protect their reputations. To avoid any bias from the use of AI, integrity and ethics should be at the core of each company’s business model and strategy besides monetary success.

After making integrity and ethics core to a brand, it is important for organisations to invest in integrated, holistic, and regularly assessed GRC programs, as well as ethical technologies that keep companies on track and can spot any lapse in impartiality from AI.

It is clear that AI is only going to take up more space in our business processes, so it is easy to see why the European Commission is working hard to address the potential risks that come with using the technology while trying to not stifle the development and innovation of AI to better our lives.

However, until a solution can be reached by the EU and adequate regulation is introduced, organisations should do their utmost to govern their own AI technologies and any potential risks with a governance model, forward-looking risk management program, a centralised information hub and by always holding integrity and ethics at the core of the business strategy.