Joint Comment Letter on RFI re Financial Institutions’ Use of Artificial Intelligence, Including Machine Learning

Ladies and Gentleman:

The Consumer Bankers Association (“CBA”) appreciates the opportunity to respond and comment on the Request for Information (“RFI”) issued by the Board of Governors of the Federal Reserve System, Bureau of Consumer Financial Protection, Federal Deposit Insurance Corporation, National Credit Union Administration and the Office of the Comptroller of the Currency (collectively “the Agencies”). Artificial intelligence (“AI”) and machine learning (“ML”) models provide efficient, accurate, and predictive decisioning, which in turn expands access to financial services for all consumers. The banking industry is constantly innovating to meet the expectations of their customers. We have witnessed the benefits AI and ML have provided the banking industry, and we look forward to new ways to thoughtfully incorporate technology in our products, services and operations in the future. Though the benefits of AI and ML  are many, CBA supports the Agencies’ desire to ensure continued responsible innovation.

While AI and ML models may present different risks than traditional models, banks are already subject to a thorough regulatory framework designed to mitigate any increased risks and they are constantly improving these processes. Non-banks do not face similar regulation. Understanding the conceptual soundness of any model, tool, application or system aids in managing its risks, including those related to lack of explainability. The importance of conceptual soundness is described in existing agency guidance and is well established in industry practice. In turn, AI and ML models provide more efficient, accurate, and predictive decisioning, which ultimately expands access to financial services for all consumers.

CBA believes consumers need equal and consistent protections, regardless of where they secure credit. Consistent Model Risk Management (MRM) standards are needed among all financial regulators. A lack of consistent standards between regulators and across institutions leaves some consumers at risk, especially from entities providing financial services outside the well-regulated banking industry, by not affording equal protections to all consumers.

This letter details the intersection of AI and ML with: explainability; data quality and processing; overfitting and dynamic updating; and cyber security risk and third-party oversight. Specific examples from CBA member banks are incorporated throughout to demonstrate how banks continue to manage this powerful, ever-evolving technology.


Banks are Thoughtfully Integrating AI and ML in their Banking Organizations

Banks have substantial experience identifying and mitigating those risks which may present themselves more frequently when using AI and ML by leveraging their existing risk management frameworks and with the involvement of multiple functions throughout the model development lifecycle, including independent model risk management teams, legal, risk and compliance, among others. By applying the same principles of model governance to AI models that banks use with traditional models, banks ensure risks related to these models are appropriately managed. In addition, explainability risks are not limited to AI and ML models. Humans frequently are unable to explain their decisions accurately, especially when they rely on subjective reasoning and judgement. Bankers have discovered AI techniques provide the most value when exposed to large amounts of data, both traditional and alternative. As a result, AI techniques can extract useful, subtle and predictable information from variables or factors which may not have been possible from traditional models.