Member Article

 

This article is part of our EU AI Act series which explores the effect of the AI Act across various industries and sectors. 

Investment legislation can be split into two broad categories: investment funds and investment services. The former principally relates to UCITS, AIFMD and local laws which regulate asset management and their service providers. The latter relates to regulating financial instruments and the investment markets thereof.

The interplay of AI with investment funds was discussed by our Firm in a series of six insights last year titled “AI and Funds” which can be read here.  Hence, in this article in the ongoing cross-sectoral AI series we will solely focus on investment services as regulated by the EU’s Markets in Financial Instruments Directive II (MiFID II).

At the outset, one needs to point out that the EU’s Artificial Intelligence Act (“the Act”), officially Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence, is largely inapplicable for MIFID-licensed investment firms as these firms do not offer services which fall within the classifications of the Act which trigger enforcement of the Act’s provisions. Our first article (see link below) in this series delved into the applicability of the Act in more detail.

Nevertheless, in May 2024, the European Securities and Markets Authority (“ESMA”), acting in its capacity as the European Union’s regulator and supervisor for financial markets, issued a formal statement titled “Public Statement On the use of Artificial Intelligence (AI) in the provision of retail investment services” (the “AI MIFID Statement”). The AI MIFID Statement offers preliminary guidance to firms implementing AI technologies in the provision of investment services to retail clients.

ESMA underscores the necessity for investment firms to align their use of AI with key investment regulatory provisions, including obligations related to organisational structure, conduct of business, and the overarching duty to act in the best interests of clients. The statement highlighted the importance of investment firms’ internal governance frameworks being robust enough to integrate AI in a manner compliant with existing MiFID II requirements.

The Malta Financial Services Authority (“MFSA”) made reference to ESMA’s statement in the following circular titled ‘The European Securities and Markets Authority (“ESMA”) Issues Initial Guidance Emanating from MIFID II Requirements to Firms using Artificial Intelligence Technologies when Offering Retail Investment Services’ which concluded that as a national competent authority, the MFSA will keep monitoring the evolution of AI and of the relevant EU legal framework on AI to determine if further action is needed in this area.

Potential Use of AI in Investment Services

ESMA’s AI MIFID Statement opines that AI is being adopted heterogeneously across firms and EU Member States, with applications ranging from customer service to portfolio management and compliance (paragraph 3, p.2 of the AI MIFID Statement).

Some key areas where AI could be transformative include:

• Customer Service: AI-powered chatbots and virtual assistants can efficiently handle client queries, improving client interaction and response times (paragraph 3a, p.2 of the AI MIFID Statement).
• Investment Advice and Portfolio Management: AI tools can analyse vast amounts of client information and market data to provide personalised investment advice, manage portfolios, and identify potential investment opportunities. These tools can help firms ensure that portfolios align with clients’ risk tolerance and investment objectives (paragraph 3b, p.2 of the AI MIFID Statement).
• Risk Management: AI can assist in the detection of non-compliant behaviour, summarise regulations, and help manage risk across client portfolios by identifying emerging risks and monitoring exposure (paragraphs 3c and d, p.2 of the AI MIFID Statement).
• Fraud Detection and Operational Efficiency: AI-driven systems can detect fraudulent activities by identifying unusual patterns in transactional data, while automation improves operational efficiency by reducing manual tasks such as data entry (paragraph 3e and f, p.3 of the AI MIFID Statement).

Risks and Challenges

In the AI MIFID Statement, ESMA also raised critical concerns surrounding the deployment of such technologies.  Among the risks identified were the possibility of algorithmic biases affecting decision-making processes, data quality issues that could compromise outputs, and the inherent opacity in AI-driven decisions which might make it difficult for firm staff to fully understand or audit these decisions. Further risks included over-reliance on AI systems by firms and clients, which might diminish human oversight, and privacy or security vulnerabilities stemming from the extensive data handling required by AI tools.

Thus, despite the benefits, ESMA highlighted the following risks, particularly concerning investor protection:

• Lack of Accountability: Investment firms and clients may over-rely on AI for decision-making, potentially neglecting human oversight, which is crucial in unpredictable financial markets (paragraph 5a, p.3 of the AI MIFID Statement).
• Lack of Transparency and Explainability: Many AI systems operate as “black boxes”, meaning their decision-making processes can be difficult for firms to understand. This lack of transparency can hinder adjustments to underperforming strategies and may affect service quality (paragraph 5b, p.3 of the AI MIFID Statement).
• Algorithmic Bias: AI systems, if trained on biased data, can perpetuate or even amplify discriminatory outcomes, posing a risk to fair treatment across client demographics (paragraph 5d, p.4 of the AI MIFID Statement).
• Data Privacy and Security: AI systems rely on vast amounts of data, raising concerns about data privacy and the protection of sensitive client information (paragraph 5c, p.4 of the AI MIFID Statement).

MiFID II and AI: Key Compliance Considerations

To ensure the safe integration of AI, ESMA emphasises that investment firms must comply with the core principles of MiFID II, including acting in the best interests of their clients and ensuring transparency. The use of AI does not absolve firms of these responsibilities, and several key areas require close attention:

• Client Best Interest: Firms must maintain a focus on client interests, ensuring that AI-driven services provide accurate, fair, and non-misleading information. Transparency regarding the role of AI in decision-making processes is essential, with clients needing to be informed when AI is being used to influence investment decisions (paragraphs 7-9, pp.5-6 of the AI MIFID Statement).
• Governance and Risk Management: AI implementation requires robust governance frameworks that ensure oversight by management bodies. Senior management must have a thorough understanding of how AI systems work and their implications for the firm’s overall strategy. Risk management frameworks specific to AI should include ongoing testing and monitoring to mitigate risks such as algorithmic biases and data inaccuracies (paragraphs 10-14, pp.5-6 of the AI MIFID Statement).
• Staff Training and Competence: Staff must be sufficiently trained to understand the risks, operational aspects, and ethical implications of AI. Firms are encouraged to provide ongoing training on AI technologies, ensuring that relevant personnel can manage and interpret AI outputs effectively (paragraphs 17-18, p.6 of the AI MIFID Statement).
• Suitability and Product Governance: When using AI in investment advice or portfolio management, firms must ensure that AI systems align the distribution of products with the client’s profile, financial objectives, and risk tolerance. ESMA expects firms to implement quality assurance processes for AI tools and conduct stress testing to ensure reliability under extreme market conditions (paragraphs 19-21, pp.6-7 of the AI MIFID Statement).

Conduct of Business Requirements

ESMA also underscores the importance of maintaining rigorous conduct of business requirements and organisational controls when utilising AI. These controls must ensure that AI systems are effectively governed, with continuous monitoring to prevent the dissemination of misleading or inaccurate information to investors (see paragraphs 16-22, p.6-7 of the AI MIFID Statement).

Moreover, investment firms were reminded by ESMA that they must still comply with MiFID II’s record-keeping requirements, maintaining detailed records of AI usage, including decision-making processes, data sources, and any modifications to AI algorithms over time. This transparency is important in ensuring accountability and mitigating risks (see paragraph 23-24, p.7 of the AI MIFID Statement).

Way Forward

ESMA’s AI MIFID Statement indicated several specific applications of AI in investment services which would be subject to the relevant provisions of MiFID II. These include the use of AI in customer support, fraud detection, risk management, and compliance activities, as well as in the provision of investment advice and portfolio management services. In these contexts, ESMA expects that AI technologies will be used in a manner that ensures transparent and fair outcomes for clients, with proper measures in place to mitigate the risks of automated decision-making systems. The European financial regulator stressed that firms need to maintain adequate oversight of AI systems to ensure that they uphold the fiduciary responsibilities imposed by MiFID II.

As a forward-looking measure, ESMA, in cooperation with national competent authorities, committed itself to continuing its monitoring of AI usage within the investment services sector. The EU regulator will assess the effectiveness of the existing EU legal framework in addressing the challenges posed by AI technologies and determine whether additional regulatory measures will be required to safeguard client interests and ensure market integrity. ESMA’s ongoing supervision is expected to guide further policy developments in this area, as the financial sector increasingly integrates AI into its operational and client-facing processes.

This is the fourth in a series of articles exploring the effect of the AI Act across various sectors and industries.

 

Click here for the first article in this series

 

Click here for the second article in this series

 

Click here for the third article in this series

 

 

 

This document does not purport to give legal, financial or tax advice. Should you require further information or legal assistance, please do not hesitate to contact [email protected]

The post AI in Investment Services: MIFID Considerations appeared first on Mamo TCV.

 

Link to article