The AI revolution - what's next for the financial services industry?

Artificial intelligence (AI) encapsulates a broad and diverse technology within the financial services industry. From chatbots and robo-advisors to automated mortgage underwriting and identity verification biometrics, there is no doubt that AI is transforming how individuals, industries, and organisations operate [1]. Interestingly though, the rapid adoption of AI technologies in New Zealand financial organisations occurs in an unregulated environment.

As competition drives organisations to improve efficiency in the face of financial pressures, they are finding AI can provide multiple potential benefits for internal processes and oversight, including:

• Optimization of customer experiences through AI-enhanced communication interfaces.
• Enhancing regulatory compliance through easier monitoring and prompt response to applicable regulatory changes.
• Enhancing organisations' ability to leverage the large volumes of data generated in day-to-day business activities, enabling organisations to identify trends, make predictions, automate processes and minimise human error.
• Enabling real-time fraud prevention for anti-money laundering purposes by identifying and analysing regular activity patterns in contrast to suspicious trends or behaviours.
• Offering streamlined and more efficient methods for monitoring conflicts of interest, market misconduct and trade surveillance, assisting in enhancing market integrity and protecting organisations' reputation.
• Complementing existing  manual processes and procedures to improve oversight and compliance.

However, just as AI can benefit organisations, it carries significant risks that must be considered carefully. Multiple industry papers [2,3]  have raised concerns associated with the use of AI. These include:

• Confidentiality: Businesses using data containing personal and confidential information through unregulated AI tools may result in unconsented data retention or data leaks.
• Accuracy and unethical behaviours:  AI tools can produce inaccurate and fabricated answers, perpetuating bias and discrimination. As the technology evolves, identifying AI inaccuracies becomes more challenging, and the literature abounds with stories of alarming AI "hallucinations".
•  Cybersecurity and fraud: Adopting AI technology by malicious actors increases the scope for cyber threats and brings new and unique cyber risks.
• The dynamic nature of these innovations and the difficulty policymakers have in providing relevant oversight monitoring frameworks.

Currently, there are no AI-specific laws in New Zealand [3]. AI is covered under the Privacy Act (2020) regarding the collection, storage, access and use of personal information. The New Zealand Office of the Privacy Commissioner issued guidance (May 2023) to help organisations build an initial framework prior to AI implementation but "expects organisations to conduct due diligence and privacy analysis before using generative AI”[4].

Accordingly, The New Zealand Institute of Directors encourages organisations to begin fostering management discussions in their board agendas regarding strategic alignment, ethical considerations, data governance and privacy, human-AI collaboration and risk management. In addition, organisations should consider having responsive components in place such as development standards, systems governance controls and oversight, and security and resiliency [5].

In summary, despite AI's appeal and wide-ranging benefits in the financial services sector, the absence of targeted regulation in New Zealand, mandates entities and their boards to start being proactive. Even if businesses are not actively seeking to incorporate AI technologies into their daily operations “yet”, AI may still infiltrate via third parties, creating vulnerabilities and risks that may prove costly.

At Mint, we take seriously the need to adhere to best practices concerning protecting confidential information relating to our business and clients. We also understand the significance of proactively managing systems and technology risks, including prioritising investment in robust cybersecurity protocols to ensure business longevity and customer trust. In addition, as a part of our approach to managing system risks from third-party providers who retain client information, we conduct a thorough due diligence process to assess potential risks and mitigation strategies associated with their system operations.

1. El Bachir Boukherouaa  et al. Powering the Digital Economy: Opportunities and Risks of Artificial Intelligence in Finance. IMF Departmental Papers. Volume 2021: Issue 024.
2. AI: Compliance in Control. Financial services regulatory challenges. KPMG.com
3. Office of the Prime Minister’s Chief Science Advisor,  July 2023
4. Cuthbert, S. Responsible AI Integration: guidance from the Privacy Commissioner. IOD.org May 2023
5. A Primer on Artificial Intelligence in Financial Markets, CFTC