Managing AI risks


Big data and data analytics is booming. The volume and variety of data are growing exponentially, making data hard to process using conventional database management tools. Artificial Intelligence (AI) is here to help. It is using the power of data to transform across a range of critical business functions such as marketing, pricing, credit decisioning, security, fraud detection and operations. To remain competitive businesses need to manage new and varied risks posed by AI.

Key forms of risk associated with AI

  • Data sourcing. It is crucial to ensure that data sourced from legitimate sources with consent to process.
  • Data bias. Biased data leads to biased models and decisioning, which could result in reputational and financial losses or even regulatory penalties.
  • Model understanding. “Black-box” models expose business to additional uncertainty, unfair customer discrimination and high velocity risk realisation scenarios.
  • Quality estimation. AI requires dedicated methodology on model testing, two types of errors unbiased estimates (false negative, false positive), overall score understanding (Gini index, K-S statistics), etc.
  • Context understanding and monitoring. Legislation is developing and “principle” based, which requires practical cases monitoring and forecasting industry trends;
  • Cloud and vendor risks. In many cases, AI depends on third-party frameworks and cloud infrastructure.

Why AI risk is a challenge

AI is a big challenge to traditional risk-management functions since it:

  • Is new and unfamiliar both for businesses and regulators;
  • Creates new business roles and responsibilities;
  • Requires specialised competences and skills;
  • Triggers ethics and social responsibility.

How to improve risk management

Despite level of AI risks complexity and variety business leaders can take a few steps to enhance risk management:

  • Articulate corporate ethical principles;
  • Establish governance and key roles;
  • Initiate awareness and training programmes;
  • Acquire and retain best talents;
  • Ensure 3 lines-of-defence (LoD) own, oversight and audit AI-associated forms of risk;
  • Involve independent professionals and auditors.