To counter cybersecurity risks posed by artificial intelligence, financial institutions should expand and strengthen their risk management and cybersecurity practices to account for AI systems’ advanced and novel capabilities; consider greater integration of AI solutions into their cybersecurity practices; and enhance collaboration, particularly threat information sharing, according to a Treasury Department report released today.
The 51-page report was published in response to a 2023 executive order by President Biden directing federal agencies to develop strategies for the safe deployment of AI technologies across the U.S. economy. The Treasury Department interviewed key players in the financial services sector, information technology and others to learn what institutions already doing in terms of AI, where there is room for improvement, and draft best practices for managing AI threats. Among other things, the report cautioned that financial institutions should ensure they have prudent risk management over AI activities, including robust oversight of third-party providers.
The report stressed the need for industry collaboration to counter AI-related risks. As an example, it noted that the American Bankers Association is working to design and pilot a new information-sharing exchange focused on combating fraud and other illicit finance activities. “The U.S. government, with its collection of historical fraud reports, may be able to assist with this effort to contribute to a data lake of fraud data that would be available to train AI, with appropriate and necessary safeguards,” the report said.