The future of Artificial Intelligence regulation and its impact on banking

Introduction and opportunities of artificial intelligence

Inevitably, as in other industries, the banking industry is no stranger to the acceleration in the adoption of generative artificial intelligence in recent years. This technology brings with it great promises of opportunities to be taken advantage of, one of them being the potential benefits to be applied to customer service, where three main points stand out:

• Cost efficiency and scalability
• Innovation and acceleration of digital transformation processes
• Service Level Improvement, Customer Retention, and Transactions

‍

Artificial intelligence as a tool and methodology as a differential

Over time, the solutions that offer this type of service have evolved, adopting different forms of work and achieving greater or lesser success in dealing with different cases.

For example, the Delto approach, with its “Skill Growth Strategy” methodology, based on achieving limiting control over what generative AI that seeks to build from less to more can (and cannot) solve, shines when it comes to dealing with complex cases or sensitive information. Likewise, there are other solutions, which are based on fewer restrictions that are more suitable for cases where more freedom can be given (or even this is a requirement) so that AI can interact, create or make mistakes without major consequences.

Therefore, as we can deduce, in different industries there are different complexities, different margins of error and different consequences, which must be addressed differently even if the same tool is used.

The regulation on artificial intelligence is being updated

Recapitulating the previous paragraphs, we initially found a tool that opened up a world of possibilities, and secondly, we understood that this tool has to be adapted conscientiously depending on the characteristics of the problem to be solved. Third, adapting to this technological disruption in its time, comes the regulation and laws that will set the guidelines and requirements for the coming years in the use of this type of solution.

Nowadays, the reference worldwide, or at least for the Western world, in relation to government regulation is AI Act prepared by the European Commission of the European Union, which was approved in July 2024 and will be implemented in its entirety throughout 2025. Although in the United States there is also a Announcement with recommendations from 2023 And a executive order issued by the White House, are much more limited and primitive than the one developed by the European Union.

In short, the AI Act will possibly be the source of inspiration and reference for regulations in all Latin American countries and the United States in the coming years.

To summarize, the AI Act takes an approach to regulating systems with AI components based on the risk that interacting with it means for the end user. This classification is comprised of the following levels:

• Unacceptable risk
• High risk
• Low risk
• Minimal risk

‍

The classification criteria for the scale are detailed in the document and we do not go into them in depth in this note, we will leave additional resources later. The important thing in relation to this article is to understand that in addition to the risk classification, this involves a lot of work surrounding the system, which increases in its complexity as the risk obviously increases.

This is important because of the nature of the information and interactions that form part of banking activity, some of which can be considered potentially high-risk.

It is key to understand that the high risk classification is not a classification that seeks to limit the use of AI systems for what you want to do (that is what the unacceptable category is for) but that it must surround the system with certain requirements, standards and protocols that support the system in an appropriate way for the current one, minimizing potential risk.

As a reference in the IA Act, at the regulatory level for high-risk cases, the following are highlighted as requirements:

• Establish a risk management and mitigation system for failures
• Carry out data governance, ensuring that training, validation and test data sets are relevant, sufficiently representative and, to the extent possible, error-free and complete in accordance with their intended purpose.
• Prepare technical documentation to demonstrate good functioning and provide authorities with the necessary information to evaluate the system.
• Design the system so that it has a record of user activity and can track interactions if necessary.
• Provide instructions for use to implementers to allow for compliance by implementers.
• Design the system so that people can carry out monitoring activities and execute mitigation protocols.
• Design and test the system to achieve appropriate levels of accuracy, robustness and cybersecurity.
• Establish a quality management system to ensure that all of the above are met.

‍

In the case of the European Union, all this is audited by the authorities to verify that it is actually complied with.

Conclusion: How can this impact the banking industry in the future?

Like everything related to regulations and laws, these movements in different countries are slow, but we can certainly think that it is only a matter of time before similar laws are applied in LATAM and the USA. Due to the nature of the banking industry, it would be prudent to adapt the solutions that are implemented to meet these requirements, in addition to the fact that they are also practices that bring us closer to providing a better solution to end customers and taking better care of the experience.

For our part, at Delto, we are combining all these requirements with our work methodology to meet these types of initial requirements, seeking to provide the best possible service and also to anticipate these regulations. In this way, in addition to ensuring that we have a robust solution, we save ourselves the possibility that in the future we will have to replace, cancel or make a solution from scratch due to a regulatory update on the horizon.

We strongly recommend analyzing this aspect in detail when choosing to embark on a project to incorporate generative artificial intelligence for customer service. These are questions that, if we ask ourselves today, are likely to save us a lot of pain and money in the near future.

If you want to know more about Delto and our solution, you can schedule a meeting with us by doing click here

‍