AI in the Banking Sector – a Sword, a Shield or an Achilles’ Heel?
1. Introduction
We are not only living in a digital age but also in an age where individuals and businesses increasingly depend on banks for their day-to-day activities. The convergence of these two factors is compounded with the increased use of artificial intelligence (AI) both generally and specifically in the banking sector. From a general perspective, AI start-ups in 2013 received USD 2 bn in investments globally which increased twelvefold in 2018 to USD 24 bn [1]. The European Commission is also planning to invest a total of €112 mm in AI, quantum research and innovation [2]. More specifically, recent data shows that “global AI in banking market size” was USD 19.90 bn in 2023, is currently at USD 26.23 bn and is forecast to reach USD 315.50 bn in 2033 [3]. Spending on generative AI in the banking sector is also forecast to swell to USD 84.99 bn by 2024 [4].
From a local banking perspective and following the installation of four ATMs in November 1989 at four different BOV branches of BOV, Malta has witnessed huge strides in technological developments [5]. In 1990 the first off-site ATM was installed at Bulebel Industrial Estate; in 1992 BOV ATMs began accepting international credit cards; in 2007 mobile top-ups became possible through ATMs; in 2008 ATMs were able to accept instant deposits; in 2009 chip and PIN cards were introduced; in 2011 BOV installed drive-through ATMs; in 2014 “talking ATMs” were available; and in 2017 BOV was the first to deploy contactless technology. And a 2023 study conducted by the Malta Financial Services Authority on digital transformation and FinTech adoption within the Maltese financial services sector found that in 2021 AI and Machine Learning (ML) were mostly adopted by credit institutions [6]. Owing to the rise of AI and the advent of the EU AI Act it is critical to understand the advantages posed by AI as well as its pitfalls.
2. Uses of AI in the Banking Sector
A review of the available literature indicates that AI has a range of uses in the banking sector including crime prevention, customer service, operations and regulatory compliance.
2.1 Crime prevention
Banks are high value targets owing to the amount of cash (physical or virtual) and data they hold and are therefore at perpetual risk of being targeted by fraudsters and cybercriminals. For instance, research conducted by Machine Merchant ranked Malta 5th of out 19 countries as the country most vulnerable to credit card fraud [7] . As a case in point, the cyberattack on BOV in 2019 also saw €13 mm transferred to banks in four countries (this transfer was eventually reversed) [8]. Fraud (including credit card fraud) and cyberattacks have the potential not only to cause huge victim losses but could also destroy the trust and confidence in the financial sector. Apart from fraud and cybercrime, banks are also at risk of being used by criminals to launder their illicit funds. In Malta, banks are particularly vulnerable to money laundering with the most recent National Risk Assessment assigning the overall residual risk level of money laundering in the banking sector as “medium” [9].
AI (and ML) can be used as a sword and a shield in the fight against fraud, cybercrime and money laundering. AI (and ML) have a range of applications in fraud detection and prevention [10]. AI algorithms can be employed to monitor credit card transactions in real time to identify usual spending patterns, unusual purchasing locations, rapid consequential transaction and peculiar transaction amounts, thereby immediately detecting possible fraud [11]. Evidence has shown that real-time transaction monitoring has an accuracy of 92% when identifying suspicious transactions [12] and that AI based techniques (such as random forests, support vector machines and neural networks) are more effective in terms of accuracy, speed and scalability than traditional fraud-based measures [13]. AI can also be used to prevent cyberattacks through smart detection and response, enhancing intrusion detection systems and by automating routine tedious security practices such as threat monitoring [14]. In particular and similar to AI fraud detection measures, methods such as anomaly detection algorithms, leverage advantaged algorithms, ML models and deep learning models can be deployed to prevent cybercrimes more effectively than traditional methods [15]. Indeed, a qualitative study on AI for cybersecurity in the Qatari banking sector conducted among 9 experts from the banking sector in Qatar, showed that experts perceived AI based algorithms to be more effective in preventing DDOS attacks when compared to traditional prevention methods owing to increased flexibility and robustness [16]. AI techniques (such as ML including supervised learning, unsupervised learning, semi-supervised learning, and natural language processing) also play a critical function in augmenting the effectiveness of real-time transaction monitoring thereby helping to detect and prevent money laundering. As with fraud and cybercrime AI methods, AI techniques in preventing money laundering appear to be more effective than traditional methods in terms of better detection accuracy and the reduction of false positives [17].
2.2 Customer Service and Operations
Customers of banks expect banks to be responsive and banks are also duty bound to provide good and efficient services to consumers [18]. Banks as lenders also use credit scores to determine a customer’s creditworthiness and their ability to repay a facility based on the customer’s financial data and payment history [19]. AI can assist banks with providing good customer service and in assessing a customer’s creditworthiness thereby acting as a shield against customer complaints and credit risk. Beginning with customer service, chatbots and virtual assistants powered by AI provide 24/7 support services, automate customer inquiries, reduce human error and long waiting times thereby enhancing the customer experience [20]. Turning to credit-scoring, AI can be used to collect and analyse customer data; ML models can be employed to determine the likelihood for repaying the loan; predicative learning can generate a figure that predicts a customer’s creditworthiness; and continuous learning improve the accuracy of the models [21]. ML techniques using real-time analysis of customer transactions can accurately calculate the risk of default thereby allowing banks to offer cheaper loan facilities [22].
2.3 Regulatory Compliance
Banks are often shackled with the volume and the complexity of regulatory compliance and many banks complain of overregulation [23]. This point has been contested by Sharon Donnery (Member of the Supervisory Board of the ECB and Deputy Governor of the Central Bank of Ireland) [24]. Whether or not banks are overregulated, regulation necessarily increases costs and the risk of non-compliance and, as is well-known, breaches of banking regulations are severe. AI can be used as a sword and shield to reduce compliance costs and to increase compliance. AI techniques such as deep learning models counter the difficulties associated with traditional compliance methods (such as the time and resources needed to analyse large amounts of data and the possibility of not detecting breaches) by learning from vast datasets, picking up patterns of non-compliance and dynamically evaluating transactions [25]. AI can also assist banks in complying with capital adequacy rules by making the process for calculating capital ratios easier and in performing stress testing by identifying key risk factors and developing complicated stress test models thereby increasing the reliability of capital adequacy and stress test procedures [26].
3. Pitfalls of AI
Despite these advantages, AI in banking does suffer from a number of pitfalls which could well be AI’s Achilles’ heel. In relation to crime prevention, AI can be used to launch more sophisticated DDOS cyberattacks and produce deepfakes which are responsible for high-profile cyberattacks [27]. Given that AI depends on vast datasets to work effectively (but see below) this does raise concerns about data privacy and security as well as the risk of falling foul of the GDPR and its harsh consequences [28]. Research has also shown that human service is more satisfying than digital service. Furthermore, since AI relies on huge datasets for training and decision-making, if the sourced data is biased, that can lead to unfairness, bias and discrimination in banking services thereby giving credence to the maxim “garbage in, garbage out” [29]. For example, in 2019 algorithms used by Apple to determine to whom to grant credit facilities, was accused of gender bias [30].
Research has supported the assertion that AI can lead to bias. Researchers at Stanford United found that predicative tools were 5% to 10% less reliable for lower-income families and minorities when compared to higher-income and non-minority groups [31]. The reason is not because the credit score algorithm is inherently discriminatory against economically and socially disadvantaged borrowers but because the underlying dataset does not have enough reliable data concerning low-income and minority credit histories and is therefore less accurate in predicating the creditworthiness of these disadvantaged groups [32]. In addition, AI suffers from the “black box” problem as its decision-making is extremely convoluted to the point of being opaque, making it virtually impossible to deduce why an AI arrived to a particular conclusion, thus resulting in a lack of procedural fairness [33]. It is no surprise therefore that the EU AI Act classified AI systems intended to be used to evaluate the creditworthiness of natural persons or establish their credit score as high-risk. Similarly, AI used in regulatory compliance depends on the quality of data and therefore incorrect or partial data can lead to errors in compliance which paves the way for regulatory penalties [34].
4. The Way Forward
AI is a sharp sword and strong shield for banks to prevent financial and cybercrime, to enhance customer service and to bolster regulatory compliance. Despite this, AI has at least two Achilles’ heels which can be crippling in the form of data privacy and security, discrimination and unfairness and a lack of transparency. To mitigate these pitfalls, researchers have suggested inter alia robust data governance frameworks, ethical AI development, dynamic regulatory compliance programs, partnerships with AI ethics boards, the creation and the use of diverse and representative data sets, and conducting rigorous testing and validation of AI models [35].
This is the fifth in a series of articles exploring the effect of the AI Act across various sectors and industries.
Click here for the first article in this series
Click here for the second article in this series
Click here for the third article in this series
Click here for the fourth article in this series
Footnotes:
Article title adapted from 32nd International Symposium on Economic Crime on Information – Shield, Sword and Achilles Heel in the fight against economic crime?
[1] Kaya, O (2019). Artificial intelligence in banking – A lever for profitability with limited implementation to date. Deutsche Bank, AG Deutsche Bank Research, Frankfurt am Main Germany.
[3] https://www.precedenceresearch.com/artificial-intelligence-in-banking-market
[7] https://merchantmachine.co.uk/credit-card-fraud-capitals-of-europe/
[8] https://timesofmalta.com/article/bank-of-valletta-goes-dark-after-detecting-cyber-attack.701896
[9] https://www.ncc.gov.mt/wp-content/uploads/2024/01/PublicNRA_Dec2023.pdf
[10] Zanke, P. (2023). AI-Driven fraud detection systems: a comparative study across banking, insurance, and healthcare. Advances in Deep Learning Techniques, 3(2), 1-22; https://www.tookitaki.com/compliance-hub/effective-financial-fraud-solutions-for-prevention; https://seon.io/resources/why-traditional-fraud-prevention-measures-are-not-enough/
[11] Bello, O. A., & Olufemi, K. (2024). Artificial intelligence in fraud prevention: Exploring techniques and applications challenges and opportunities. Computer Science & IT Research Journal, 5(6), 1505-1520.
[12] Kotagiri, A. (2023). Mastering Fraudulent Schemes: A Unified Framework for AI-Driven US Banking Fraud Detection and Prevention. International Transactions in Artificial Intelligence, 7(7), 1-19.
[13] Zanke, P. (2023). AI-Driven fraud detection systems: a comparative study across banking, insurance, and healthcare. Advances in Deep Learning Techniques, 3(2), 1-22.
[15] Trajkovska, E., Del Becaro, T., & Mijalkov, B. (2024, September). PREVENTION OF CYBERCRIME IN THE AGE OF ARTIFICIAL INTELLIGENCE (AI) WITHIN THE EUROPEAN UNION. In Proceedings of the International Scientific Conference” Social Changes in the Global World” (Vol. 11, No. 11, pp. 178-190).
[16] AL-Dosari, K., Fetais, N., & Kucukvar, M. (2024). Artificial intelligence and cyber defense system for banking industry: A qualitative study of AI applications and challenges. Cybernetics and systems, 55(2), 302-330.
[17] Zhang, W., & Chen, L. (2024). Real-Time Transaction Monitoring Using AI: Detecting Suspicious Activities and Money Laundering in Banking. Asian American Research Letters Journal, 1(3).
[18] https://www.independent.com.mt/articles/2023-09-17/newspaper-opinions/Navigating-towards-customer-experience-excellence-6736254883; https://mccaa.org.mt/media/7057/financial-charter-insurance-en_final-291018.pdf
[19] https://mcb.mt/credit-scoring-explained/
[20] https://nexgenbanking.com/ai-in-banking-revolutionizing-customer-service-with-ai-driven-solutions/#:~:text=AI’s%20impact%20on%20customer%20service,seamless%20and%20efficient%20customer%20interactions; https://dialzara.com/blog/5-ai-customer-service-success-stories-in-banking/
[22] https://impact.economist.com/perspectives/sites/default/files/aiinfinancialservices.pdf
[23] Muscat, M. (2020). Legitimacy of the Maltese Financial Services Regulator (Doctoral dissertation).
[25] Hassan, M., Aziz, L. A. R., & Andriansyah, Y. (2023). The role artificial intelligence in modern banking: an exploration of AI-driven approaches for enhanced fraud prevention, risk management, and regulatory compliance. Reviews of Contemporary Business Analytics, 6(1), 110-132.
[26] Nimmagadda, V. S. P. (2021). Artificial Intelligence for Compliance and Regulatory Reporting in Banking: Advanced Techniques, Models, and Real-World Applications. Journal of Bioinformatics and Artificial Intelligence, 1(1), 151-189.
[27] https://www.lexology.com/library/detail.aspx?g=889c5f77-0547-4cc4-bba9-e7edd6fc7955
[29] Calderón, A. (2020). Regulatory Compliance & Supervision in AI Regime: Banks and FinTech.
[33] Balakrishnan, A. (2024). Leveraging artificial intelligence for enhancing regulatory compliance in the financial sector. International Journal of Computer Trends and Technology.
[34] Tsapa, J. A. (2024). AI Implementation in Banking Risk Reporting. Journal of Artificial Intelligence & Cloud Computing. SRC/JAICC-283. DOI: doi. org/10.47363/JAICC/2024 (3), 266, 2-4.
[35] Tsapa, J. A. (2024). AI Implementation in Banking Risk Reporting. Journal of Artificial Intelligence & Cloud Computing. SRC/JAICC-283; DOI: doi. org/10.47363/JAICC/2024 (3), 266, 2-4. Gichoya, J. W., Thomas, K., Celi, L. A., Safdar, N., Banerjee, I., Banja, J. D., … & Purkayastha, S. (2023). AI pitfalls and what not to do: mitigating bias in AI. The British Journal of Radiology, 96(1150), 20230023.
This document does not purport to give legal, financial or tax advice. Should you require further information or legal assistance, please do not hesitate to contact Dr Matthew Muscat or [email protected]
The post AI in the Banking Sector – a Sword, a Shield or an Achilles’ Heel? appeared first on Mamo TCV.
Link to article