FCA chief Nikhil Rathi has called on banks to increase their spending to address the growing threats posed by AI and ‘deep fake’ fraud.
In a forthcoming speech, Rathi will underscore the productivity advantages of AI in the financial sector while also warning about the inherent risks associated with automated trading robots and biased datasets. He emphasizes that while AI can enhance market efficiency, it can also create imbalances affecting market integrity, price discovery, transparency, and fairness if not managed properly. He cautions that firms will be held accountable for decisions made by AI systems.
Rathi points to the dangers posed by AI’s ability to replicate language, audio, and video, referencing a ‘deepfake’ video of trusted finance advocate Martin Lewis purportedly promoting speculative investments. “With the increasing adoption of AI, there must be a parallel acceleration in investments aimed at fraud prevention, operational resilience, and cybersecurity,” he states, affirming that the FCA will support beneficial innovation while also enforcing appropriate safeguards.
He also announced a call for further feedback on the influence of Big Tech companies as data gatekeepers and the resulting data-sharing imbalances between these firms and financial services. Rathi expressed concerns about the potential risks that Big Tech could pose to operational resilience in payments and retail services, as well as the manipulation of consumer behavioral biases.
He raised questions about the implications for competition if Big Tech firms possess access to unique and comprehensive data sets, which might include browsing data, biometrics, and social media activity. He warned that this data, when combined with anonymized financial transaction data, could create an unparalleled longitudinal dataset that financial services firms may struggle to compete against.
Additionally, Rathi highlighted the FCA’s collaborative efforts with the Bank of England and the Prudential Regulatory Authority to establish standards for service provision by third-party providers, particularly focusing on cloud service providers. He noted that as of 2020, nearly two-thirds of UK firms utilized a limited number of cloud providers. He stressed the importance of clearly defining responsibilities when issues arise, stating that while the outsourcing firm will primarily bear responsibility, it is crucial to mitigate potential systemic risks associated with critical third parties.