We’ve all had fun with the various AI tools available online making ourselves look like Vikings, or our dogs more Scottish, while they harvest our personal data in the background. Typing in ‘trustworthy prime minister’ to one popular image generator I got a nice lady with a sensible haircut and a navy trouser suit, which suggests maybe there’s a potential career opportunity there. But the swivelling eyes of the government and regulators have been considering how they need to get involved and what their role is with all this technology. To be fair to them, they’ve been thinking about this for a while, with the FCA getting its act together in 2021, appointing a Chief Data, Information and Intelligence Officer at Executive level and bringing together all its techy, intelligence and data people into one new division. This week the FCA has published the latest version of its AI policy (or possibly a bot created in its new tech hub in Leeds has published its AI policy).
There are two aspects of the FCA policy – one is how they regulate what firms are up to, and one is how they use technology themselves to regulate. The key phrase for the former is that it intends to be a ‘technology-agnostic, principles-based and outcomes-focused regulator’. What that word salad means is that it doesn’t much care how you comply with the rules, as long as you comply with them, and achieve the desired outcomes, focusing in particular on safety, transparency, fairness, accountability and redress. And, as absolutely no one will be surprised to know, this is all underpinned by the existing rules, including consumer duty, and the senior managers and certification regime (a review of which we can expect in June, so watch this space). In practice, it means that if you replace your customer service helpline with a chatbot, for example, that’s great if it means you can answer people’s questions more quickly and point them in the right direction. But if it means that they can no longer get any answers to more complex questions, or your more vulnerable customers are completely unable to interact with you any more, then you will be held responsible for that.
It’s reassuring to know that that regulators are working together with all this, in the form of the Digital Regulation Cooperation Forum (DRCF), which also includes Ofcom, but internationally as well, technology famously not being a respecter of national boundaries. Inside the FCA itself, it’s ramping up its capability to monitor and tackle scam websites, money laundering and sanctions breaches. And excitingly there are plans to conduct research on deepfakes and simulated content.
If I’ve managed to convince you that this is being written by a human being, read on…
There’s been a shot across the bows for the FCA’s plans to take a new approach to enforcement, which almost everyone is referring to as ‘naming and shaming’, but which the regulator prefers to call ‘using transparency as a regulatory tool’. In other words, instead of waiting until an enforcement investigation is over, the FCA will publish details of the investigation while it’s still ongoing, if it considers it’s in the public interest to do so. And this could include naming names. There’s a fairly robust framework for establishing public interest, including encouraging other potential witnesses to come forward, or correcting information already in the public domain. But the point remains that the names of people who are subsequently cleared of any wrongdoing will still be associated with the investigation in future.
Which is why the House of Lords Financial Services Regulation Committee, amongst others, has written a stiffly-worded letter suggesting the FCA should go back and do some more homework, including a cost-benefit analysis, which it has so far declined to do on the grounds that it’s not actually changing any rules. I know two facts about the Chair of the Committee, Lord Forsyth. One is that he managed to annoy me once by nipping into a car wash queue ahead of me in his giant Mercedes, and the other is that he’s Chairman and non-executive Director of Secure Trust Bank, a regulated firm. You can interpret that either as making him well informed about the industry, or a conflict of interest. But the consultation has been extended for a couple of weeks, which is one indication that there may be some uncomfortable shifting of the regulatory buttocks in their seats at Stratford, so perhaps the proposals may change before they finally see the light of day.
For today’s musical link, the sun is finally shining and I’ve chosen this because it makes me think of ice cream at the seaside, so what better reason?