Images are still loading please cancel your preview and try again shortly.
Accessibility tools

AI in financial services 3.0

Managing machines in an evolving legal landscape

The increasing adoption of AI in financial services continues to raise complex challenges in a shifting legal and regulatory landscape. In this updated report, last published in September 2021, we offer a high-level overview of some of the key legal challenges for businesses – and practical guidance on managing legal risks when deploying this revolutionary technology within finance.

The rapid rise of artificial intelligence has captured global regulatory attention, and the emergence of GenAI has sharpened the focus on AI’s risks. This has led to calls for robust legal frameworks to protect consumers and society from potential harms, and left law and regulation struggling to keep up.

AI presents unique ethical and practical dilemmas, and this material challenge is quickly gaining traction among governments and regulators who are increasingly collaborating in the hope of establishing the global standards needed to support the safe adoption of AI in all sectors. Across regions and sectors we have seen a range of regulatory approaches emerge, with AI garnering significant interest from financial regulators.

This updated report maps out the latest developments in AI regulation in six key jurisdictions (China, Hong Kong, Singapore, the UK, the EU and the U.S.). See our heatmap below for a brief introduction. We also focus on specific issues raised by financial services regulation, data protection regulation and competition law when implementing AI solutions in finance.

Front cover for AI in Financial Services 3.0

AI in financial services 3.0: Managing machines in an evolving legal landscape

Get your copy of the guide

DOWNLOAD

Our global guide delves into AI regulation in six key jurisdictions.

Select a jurisdiction in our regulatory heatmap to see a snapshot of the regulatory landscape.

Inside the publication

Click through the wheel to navigate the key themes of the publication.

AI in finance

In this section we address the reality of how artificial intelligence is being used in the finance sector. While AI is transforming the industry, it is also raising critical questions about the relationship between machine learning and automated decision making. As AI is increasingly deployed in various areas, notable legal and regulatory challenges arise, including managing third-party risks. AI has moved centre stage as a boardroom issue, demanding C-suite attention to navigate the opportunities for integrating this novel and exciting technology while addressing legal and ethical concerns.

 

Global regulatory landscape

Regulators are responding with various approaches to address the challenges posed by AI, and different countries have taken their own paths. In this section, we summarise the approach of more prescriptive regimes, such as those proposed by the EU and already being adopted in Mainland China; the complex patchwork of law and guidance arising in the U.S. and the more flexible guidance-based approaches being adopted in the UK, Hong Kong and Singapore. Our heat map and timeline illustrate at a glance how these different approaches are playing out.

 

AI and financial services regulation

Given that financial services is a highly regulated industry, we examine how existing regulatory considerations apply when deploying AI models in finance, including looking at general compliance, oversight and validation, outsourcing, supply chain and third-party liability, consumer protection and algorithmic trading. We cover the particular challenges presented by AI in financial services, focusing on resilience and how to approach ethical deployment focusing on accountability and transparency. We also summarise the financial services specific approach to regulating AI in the six key jurisdictions covered by this report.

 

AI and data protection regulation

Given data is fundamental to AI, we discuss the central role that the GDPR has taken in its regulation of emerging technology. The interaction between AI and data protection legislation is complex and still not fully resolved with additional challenges being posed by GenAI. We also explore how other key jurisdictions are tackling the issue by considering the impact of new data protection regimes in Asia and the U.S., .

 

AI and competition law

AI has the ability to facilitate greater simplicity for consumers, more effective identification and control of investment opportunities and risks, and innovative opportunities to invest, for example through cryptocurrency. However, antitrust regulators are increasingly mindful of the potential antitrust risks posed by AI applications. We examine antitrust regulatory and enforcement approaches in Europe, Asia and the U.S., and look specifically at algorithmic collusion, hub and spoke arrangements, tacit collusion and broader harms,

 

Practical guidance 

It is uncertain if, how, and when, a global standard for AI risk management will emerge (as it did with GDPR for data protection). Various approaches are being tested with some focusing on individual rights and others on overall AI safety. As a result, global financial firms implementing AI must develop a compliance and risk management strategy balancing local specificity and global consistency while adapting to evolving international rules and regulations. This is increasingly important as enforcement of existing regimes is also being adapted to focus on the specific risks of AI. We set out a 10 step plan to help financial firms develop an effective AI risk management framework.

 

Click through the wheel to navigate the key themes of the publication.

AI in financial services
AI in finance

In this section we address the reality of how artificial intelligence is being used in the finance sector. While AI is transforming the industry, it is also raising critical questions about the relationship between machine learning and automated decision making. As AI is increasingly deployed in various areas, notable legal and regulatory challenges arise, including managing third-party risks. AI has moved centre stage as a boardroom issue, demanding C-suite attention to navigate the opportunities for integrating this novel and exciting technology while addressing legal and ethical concerns.

 

Global regulatory landscape
Global regulatory landscape

Regulators are responding with various approaches to address the challenges posed by AI, and different countries have taken their own paths. In this section, we summarise the approach of more prescriptive regimes, such as those proposed by the EU and already being adopted in Mainland China; the complex patchwork of law and guidance arising in the U.S. and the more flexible guidance-based approaches being adopted in the UK, Hong Kong and Singapore. Our heat map and timeline illustrate at a glance how these different approaches are playing out.

 

AI and financial services regulation
AI and financial services regulation

Given that financial services is a highly regulated industry, we examine how existing regulatory considerations apply when deploying AI models in finance, including looking at general compliance, oversight and validation, outsourcing, supply chain and third-party liability, consumer protection and algorithmic trading. We cover the particular challenges presented by AI in financial services, focusing on resilience and how to approach ethical deployment focusing on accountability and transparency. We also summarise the financial services specific approach to regulating AI in the six key jurisdictions covered by this report.

 

AI and data protection regulation
AI and data protection regulation

Given data is fundamental to AI, we discuss the central role that the GDPR has taken in its regulation of emerging technology. The interaction between AI and data protection legislation is complex and still not fully resolved with additional challenges being posed by GenAI. We also explore how other key jurisdictions are tackling the issue by considering the impact of new data protection regimes in Asia and the U.S., .

 

AI and competition law
AI and competition law

AI has the ability to facilitate greater simplicity for consumers, more effective identification and control of investment opportunities and risks, and innovative opportunities to invest, for example through cryptocurrency. However, antitrust regulators are increasingly mindful of the potential antitrust risks posed by AI applications. We examine antitrust regulatory and enforcement approaches in Europe, Asia and the U.S., and look specifically at algorithmic collusion, hub and spoke arrangements, tacit collusion and broader harms,

 

Practical guidance
Practical guidance 

It is uncertain if, how, and when, a global standard for AI risk management will emerge (as it did with GDPR for data protection). Various approaches are being tested with some focusing on individual rights and others on overall AI safety. As a result, global financial firms implementing AI must develop a compliance and risk management strategy balancing local specificity and global consistency while adapting to evolving international rules and regulations. This is increasingly important as enforcement of existing regimes is also being adapted to focus on the specific risks of AI. We set out a 10 step plan to help financial firms develop an effective AI risk management framework.

 

Additional resources

beams of light

Tech Legal Outlook 2025

Close X
heavy road city traffic lights

Tech Legal Outlook 2024 Mid-Year Update

Close X
city in high speed motion

Tech Legal Outlook 2024

Close X
Space

Our approach to Generative AI

Close X
Wave

Tech Legal Outlook: 2023 Mid-Year Update

Close X
waves

Issues for Boards 2023

Close X
abstract financial graphs

Crypto and DeFi - Understanding the risk landscape

Close X
Abstract_Digital_Futuristic_Eye

EU – DGA, Data Act, NISD2, DSA… confused? Our Handbook will help

Close X
   

Contacts


x Find a Lawyer