The “move fast and break things” mantra, once the loudest guest at tech events in Silicon Valley in California to Dublin’s Silicon Docks is ever closer to being shown the exit. It would seem that EU regulators are relishing their role as the polite but stern doorman.
The EU is on a roll these last few years and has been dialling up the regulatory pressure on tech companies of all shapes and sizes. We’ve had updated medical device legislation, the Digital Services Act and the Digital Markets Act, to name a few. Next up is the prominent and far-reaching AI Act which will likely be enshrined in law at some stage in 2023. It will regulate the intended use of artificial intelligence systems placed on the market in the EU, and Fintech AI is firmly in its sights.
The AI Act will likely be a poster child for Europe’s “Digital Decade” but will be greeted more like a sullen and demanding relative by those pushing the boundaries of service offerings in Fintech. Although it’s easy to grumble, there’s no arguing with the EU’s goal for the AI Act to deliver trustworthy AI to all citizens of the EU. The more people that trust the technology, the higher the adoption rates, and ultimately all players in the AI ecosystem will prosper…..that’s the plan at least.
Implications for fintechs
Fintech companies delivering AI systems intended to be used to evaluate the creditworthiness of natural persons or establish their credit score will fall into the category called “high-risk” AI systems. These will be subject to a significant conformity assessment regime based on seven separate requirements.
Scope for conformity assessment
These requirements include:
- Incepting and maintaining a risk management system for the regulated AI system
- Data governance and management practices involving bias monitoring
- Creating and maintaining appropriate technical documentation for assessment by notified bodies, and
- Creating and maintaining appropriate documentation for users.
The nature of the proposed conformity regime bears some comparison to the EU CE marking system. Some of the obligations are even as detailed as one might expect to see in the regulation of medical devices.
Benefits for all?
There will be exemptions for SMEs using this type of tech for their own use, but otherwise compliance is a must. Credit scoring technology is not new, but it is becoming more sophisticated and to an extent, if managed appropriately, can have significant benefits for all parties in the credit market. Providers can crunch the numbers in a more efficient and reliable manner. With superior technology they can deliver more nuanced solutions to the market, which can improve the chances of consumers accessing lines of credit appropriate to them.
The EU is sensitive to the public’s misgivings regarding the use of AI technology for the purposes of assessing creditworthiness and determining credit scores. To soothe this trepidation, it will soon deploy far reaching laws that will compel Fintech AI providers to subject their products to conformity testing and compliance akin to CE marking. This will be a massive step change for providers of that technology. Now is the time to learn about your potential exposure to these changes and invest time and resources to understand what you will need to do to update your product processes for compliance in due course.
The content of this article is provided for information purposes only and does not constitute legal or other advice.