Published July 1, 2024
| Version v1
Journal article
Restricted
Decoding AI and Machine Learning in Banking
Authors/Creators
Description
Title: Decoding AI and Machine Learning in Banking
Author: Britta Bohlinger, CFE
Published: Fraud Magazine (ACFE), Online Exclusive, 1 July 2024
Format: Featured article in ACFE Fraud Magazine, access the published article
ACFE Tags: Financial Transactions and Fraud Schemes, Banking and Financial Services
Summary
How are artificial intelligence (AI) and machine learning (ML) used in banking operations, specifically in credit risk modeling, fraud detection, loan decision-making? What data governance challenges entail these technologies?
Bohlinger, with a background in investment banking risk management and compliance auditing for a government authority, discusses both the benefits and the risks of AI/ML-driven decision-making in regulated financial services.
Bohlinger, with a background in investment banking risk management and compliance auditing for a government authority, discusses both the benefits and the risks of AI/ML-driven decision-making in regulated financial services.
The article reviews the changes in credit risk modeling due to AI. It addresses issues like scorecard opacity, algorithmic bias (including documented cases of discrimination in mortgage approvals based on postal codes), and the limits of machine learning models trained on historical data when faced with new types of fraud. It highlights the "garbage in, garbage out" issue common in machine learning systems and points out the lack of transparency and explainability as main risks for compliance and oversight.
The article discusses regulatory and governance frameworks, including the Basel Committee's principles for risk data aggregation, the NIST AI Risk Management Framework, the EU AI Act (finalised April 2024), the Bank of England's guidance on model risk management, EBA ICT risk guidelines, the SM&CR, and the Monetary Authority of Singapore's Veritas FEAT principles. It also covers regulatory sandboxes in the EU, US, and UK as ways to test innovations in a controlled setting.
The article ends with suggestions for Certified Fraud Examiners about ongoing model oversight, ethical deployment standards, and the importance of anticipating changes in AI-enabled fraud rather than just reacting. The author is a CFE, Agile-certified professional, and has been an ACFE member since 2014, with contributions to the NIST AI RMF public working group mentioned in the article.
Files
Restricted
The record is publicly accessible, but files are restricted. <a href="https://zenodo.org/account/settings/login?next=https://zenodo.org/records/19682620">Log in</a> to check if you have access.
Request access
If you would like to request access to these files, please fill out the form below.
You are currently not logged in. Do you have an account? Log in here
Additional details
References
- Association of Certified Fraud Examiners. (2024). Occupational fraud 2024: A report to the nations. https://www.acfe.com/-/media/files/acfe/pdfs/rttn/2024/2024-report-to-the-nations.pdf
- Bank of England. (2022). Artificial intelligence and machine learning (Discussion Paper DP5/22). Bank of England. https://www.bankofengland.co.uk/prudential-regulation/publication/2022/october/artificial-intelligence
- Bank of England. (2023). Artificial intelligence and machine learning (Feedback Statement FS2/23). Bank of England. https://www.bankofengland.co.uk/prudential-regulation/publication/2023/october/artificial-intelligence-and-machine-learning
- Bank for International Settlements, Basel Committee on Banking Supervision. (2013). Principles for effective risk data aggregation and risk reporting. Bank for International Settlements. https://www.bis.org/publ/bcbs239.pdf
- Bank for International Settlements, Basel Committee on Banking Supervision. (2021). Principles for the sound management of operational risk. Bank for International Settlements. https://www.bis.org/fsi/fsisummaries/psmor.htm
- European Banking Authority. (2021, July 2). Guidelines on internal governance (EBA/GL/2021/05). European Banking Authority. https://www.eba.europa.eu/sites/default/files/document_library/Publications/Guidelines/2021/1016721/Final%20report%20on%20Guidelines%20on%20internal%20governance%20under%20CRD.pdf
- European Commission. (2022). European blockchain sandbox. EU Blockchain Observatory and Forum. https://blockchain-observatory.ec.europa.eu/european-blockchain-sandbox_en
- European Parliament. (2023, June 1). EU AI Act: first regulation on artificial intelligence. European Parliament. https://www.europarl.europa.eu/topics/en/article/20230601STO93804/eu-ai-act-first-regulation-on-artificial-intelligence
- European Parliament & Council of the European Union. (2024). Artificial Intelligence Act: Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence. Official Journal of the European Union. https://eur-lex.europa.eu/eli/reg/2024/1689/oj/eng
- Financial Conduct Authority. (2026, March 6). Regulatory sandbox. https://www.fca.org.uk/firms/innovation/regulatory-sandbox
- Monetary Authority of Singapore. (2023, October 26). Veritas. https://www.mas.gov.sg/schemes-and-initiatives/veritas
- National Institute of Standards and Technology. (2023). Artificial intelligence risk management framework (AI RMF 1.0) (NIST AI 100-1). https://doi.org/10.6028/NIST.AI.100-1
- National Institute of Standards and Technology. (2024). Artificial intelligence risk management framework: Generative artificial intelligence profile (NIST AI 600-1). https://doi.org/10.6028/NIST.AI.600-1