“Artificial intelligence is redefining cybersecurity and fraud in the financial services sector, and the Biden administration is committed to working with financial institutions to utilize emerging technologies while safeguarding against threats to operational resiliency and financial stability,” Nellie Liang, the department’s undersecretary for domestic finance, said in a March 27 news release.
While “financial institutions appear to be moving slowly” in their adoption of AI technologies, firms must be aware of the increased risks that come with AI, the report contends.
“Applying appropriate risk management principles to AI development is critical from a cybersecurity perspective, as data poisoning, data leakage, and data integrity attacks can take place at any stage of the AI development and supply chain,” the report said. “AI systems are more vulnerable to these concerns than traditional software systems because of the dependency of an AI system on the data used to train and test it.”
When it comes to managing the threat of AI cyber attacks, “financial institutions should expand and strengthen their risk management and cybersecurity practices to account for AI systems’ advanced and novel capabilities, consider greater integration of AI solutions into their cybersecurity practices, and enhance collaboration, particularly threat information sharing,” the Treasury Department said.
Based on in-depth interviews with 42 financial services and technology companies, the report outlines a number of “next steps” to address the risks posed by AI-related cybersecurity and fraud.
One of those steps is to ensure that regulators are working collaboratively, as some financial firms “expressed concern about the possibility of regulatory fragmentation as different financial sector regulators at both the state and federal level consider regulations around AI,” the report said.
The Treasury Department said it will work with the Financial and Banking Information Infrastructure Committee, an organization tasked with improving coordination and communication among financial regulators, and the industry-led Financial Services Sector Coordinating Council to explore AI’s regulatory regimes and potentially enhance coordination.
In addition, the department said it will work to expand opportunities for smaller firms to access AI’s capabilities, as they noted there’s a “widening capability gap” between small and large institutions developing AI systems in-house.