Skip to main content

Financial Services

Bank Regulators Seeking Comments on the Use of AI and ML in the Industry


The five federal financial regulatory agencies are gathering insight on financial institutions’ use of artificial intelligence (AI) and machine learning (ML).

The five federal agencies are:

  • the Consumer Financial Protection Bureau (CFPB),
  • the Federal Deposit Insurance Corporation (FDIC),
  • the Federal Reserve Board (Fed),
  • the National Credit Union Administration (NCUA) and the
  • Office of the Comptroller of the Currency (OCC)

The agencies collectively announced a request for information (RFI) to gain input from stakeholders including financial institutions, trade associations, and consumer groups. The agencies are seeking to understand the public’s views on the use of AI by financial institutions in their provision of services to customers. The RFI also solicits the industry’s views on the use of AI in financial services to assist in determining whether any clarifications from the agencies would be helpful for the use of AI in a safe and sound manner.  Finally, views are sought for compliance with applicable laws and regulations, including those related to consumer protection.

AI / ML in Financial Institutions:

Financial institutions are implementing AI and ML-based applications in a variety of ways in their organizations. Current uses include:

Flagging Suspicious Transactions

This involves employing AI to identify potentially suspicious, anomalous, or outlier transactions (e.g., fraud detection and financial crime monitoring). It involves using software to analyze both structured and unstructured data (i.e., email, text, audio data), with the aim of identifying fraud or anomalous transactions.  Flagging transactions must balance greater accuracy and timeliness while not creating too may false positives. It also includes identifying transactions for Bank Secrecy Act and Anti-Money Laundering investigations, monitoring employees for improper practices, and detecting data anomalies.

Personalization of Customer Services

AI technologies, such as voice recognition and natural language processing (NLP), are being used to improve customer experience and to gain operational efficiencies. One example is the use of chatbots to automate routine customer interactions, such as account opening activities and general customer inquiries. AI is being leveraged at call centers to process and triage customer calls to provide improved customized service. These technologies are also used to better target marketing in retail and customize trade recommendations in wealth management.

Credit Decisions

This involves the use of AI to inform credit decisions to enhance or supplement existing techniques. This application of AI may use traditional data or employ alternative data (such as cash flow transactional information from a bank account).  The challenge is to ensure that the software being developed is not coded with biases.

Risk Management

AI may be used to augment risk management and control practices. For example, an AI approach might be used to complement and provide a check on another, more traditional credit model. Financial institutions may also use AI to enhance credit monitoring (including through early warning alerts), payment collections, loan restructuring and recovery, and loss forecasting. AI can assist internal audit and independent risk management to increase sample size (such as for testing), evaluate risk, and refer higher-risk issues to human analysts. AI may also be used in liquidity risk management, for example, to enhance monitoring of market conditions or collateral management.

Textual analysis

Textual analysis refers to the use of NLP for handling unstructured data (generally text) and obtaining insights from that data or improving efficiency of existing processes. Applications include analysis of regulations, news flow, earnings reports, consumer complaints, analyst ratings changes, and legal documents.


Think of the commercials on television from the army where computer viruses are found and destroyed just in time. AI may be used to detect threats and malicious activity, reveal attackers, identify compromised systems, and support threat mitigation. Examples include real-time investigation of potential attacks, the use of behavior-based detection to collect network metadata, flagging and blocking of new ransomware and other malicious attacks, identifying compromised accounts and files involved in exfiltration, and deep forensic analysis of malicious files.

Make Your Voice Heard:

Readers are encouraged to provide comments, which become part of the public record, to the Bureau of Consumer Financial Protection.  Readers may submit responsive information and other comments, identified by Docket No. CFPB 2021-0004, by any of the following methods:

  • Federal eRulemaking Portal: Go to Follow the instructions for submitting comments.
  • Email: Include Docket No. CFPB-2021-0004 in the subject line of the message.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Carl Aridas

Carl is certified in the Scaled Agile Framework (SAFe), a Scrum Master, and a Six Sigma Green Belt project manager with more than 25 years of experience in financial services overseeing large-scale development global, multi-currency accounting, regulatory reporting, and financial reporting software platforms. He has hands-on experience completing, reviewing, and filing Federal Reserve, FFIEC, and IRS reports, including Call Reports, Y9C reports, 2900 reports, TIC reports, and arbitrage rebate reports.

More from this Author

Follow Us