You are using an outdated browser. Please upgrade your browser to improve your experience.
Select a jurisdiction in our regulatory heatmap to see a snapshot of the regulatory landscape.
In this section we address the reality of how artificial intelligence is being used in the finance sector. While AI is transforming the industry, it is also raising critical questions about the relationship between machine learning and automated decision making. As AI is increasingly deployed in various areas, notable legal and regulatory challenges arise, including managing third-party risks. AI has moved centre stage as a boardroom issue, demanding C-suite attention to navigate the opportunities for integrating this novel and exciting technology while addressing legal and ethical concerns.
Regulators are responding with various approaches to address the challenges posed by AI, and different countries have taken their own paths. In this section, we summarise the approach of more prescriptive regimes, such as those proposed by the EU and already being adopted in Mainland China; the complex patchwork of law and guidance arising in the U.S. and the more flexible guidance-based approaches being adopted in the UK, Hong Kong and Singapore. Our heat map and timeline illustrate at a glance how these different approaches are playing out.
Given that financial services is a highly regulated industry, we examine how existing regulatory considerations apply when deploying AI models in finance, including looking at general compliance, oversight and validation, outsourcing, supply chain and third-party liability, consumer protection and algorithmic trading. We cover the particular challenges presented by AI in financial services, focusing on resilience and how to approach ethical deployment focusing on accountability and transparency. We also summarise the financial services specific approach to regulating AI in the six key jurisdictions covered by this report.
Given data is fundamental to AI, we discuss the central role that the GDPR has taken in its regulation of emerging technology. The interaction between AI and data protection legislation is complex and still not fully resolved with additional challenges being posed by GenAI. We also explore how other key jurisdictions are tackling the issue by considering the impact of new data protection regimes in Asia and the U.S., .
AI has the ability to facilitate greater simplicity for consumers, more effective identification and control of investment opportunities and risks, and innovative opportunities to invest, for example through cryptocurrency. However, antitrust regulators are increasingly mindful of the potential antitrust risks posed by AI applications. We examine antitrust regulatory and enforcement approaches in Europe, Asia and the U.S., and look specifically at algorithmic collusion, hub and spoke arrangements, tacit collusion and broader harms,
It is uncertain if, how, and when, a global standard for AI risk management will emerge (as it did with GDPR for data protection). Various approaches are being tested with some focusing on individual rights and others on overall AI safety. As a result, global financial firms implementing AI must develop a compliance and risk management strategy balancing local specificity and global consistency while adapting to evolving international rules and regulations. This is increasingly important as enforcement of existing regimes is also being adapted to focus on the specific risks of AI. We set out a 10 step plan to help financial firms develop an effective AI risk management framework.