Date - May 30, 2023.
Financial institutions (FIs) are increasingly relying on artificial intelligence / machine learning (AI/ML) solutions to streamline operations, processes, and business services provided by Canadian fintech innovators. At the same time, when adopting these innovative solutions, FI’s must consider a myriad of additional compliance obligations e.g., privacy, security, while also managing expanded third-party risk factors and expanded reputational risks.
The Digital Governance Council (DGC) has released a workshop agreement (DGSI/WA 126:2023) for Canadian fintech innovators to address risks associated with third-party AI/ML solutions being utilized by FIs. While FIs are increasingly adopting AI/ML provided by fintech vendors to streamline their operations and business services, these solutions can pose compliance, reputational, operational, and financial risks. To build trust between FIs and fintech vendors, the DGC’s Digital Governance Standards Institute (DGSI) developed the workshop agreement in partnership with the Canadian RegTech Association (CRTA), who received funding through the Standards Council of Canada (SCC) Intellectual Property Program.
“Third-party relationships have been a mainstay in financial services driving innovation and enabling faster speed to market. FI’s have always had to weigh risk vs. reward but with the introduction of AI/ML and more specifically Generative (AI), the potential organizational impact of its use is amplified. This workshop agreement promotes transparency and a shared understanding of best practices which serves to reduce common challenges so that model risk validations teams can focus efforts on risk assessment. We look forward to continued discussions with the industry to ensure the proper safeguards and disclosure is in place.”
– Donna Bales, Founder, Canadian Regulatory Technology Association
Today, DGC and CRTA announce the publication of DGSI/WA 126: 2023 Baseline Requirements for Vendors Offering AI/ML Lifecycle Solutions to Financial Institutions. The workshop agreement covers steps such as establishing a model governance framework, managing risks upfront, and documenting end-to-end data collection and processing. The publication builds on the extensive in-depth insights and experiences shared in January 2023 by over 75 AI/ML expert stakeholders representing financial institutions, fintech vendors, regulators, academics, consultants, and think-tanks.
This publication is timely, as it reflects the DGC’s and CRTA’s ideas to build on the Office of the Superintendent of Financial Institutions (OSFI)’s recent update to Guideline B-10: Third-Party Risk Management and may also compliment OSFI’s upcoming consultation on Guideline E-23: Enterprise-Wide Model Risk Management for Deposit-Taking Institutions.
“Standardization deliverables, whether workshop agreements, National Standards of Canada, technical specifications, or other documents, all play a key role in determining how we structure, secure, and govern data. SCC supports innovators from all kinds of industries and sectors to have an opportunity to participate in standardization work. We are proud to act as an impartial advisor to help foster the right conditions for Canadian innovators like the Canadian RegTech Association to advance their ideas. We are encouraged to see solutions that support and build on Canada’s commitment to innovation in the digital space for a stronger and more competitive Canada.”
– Chantal Guay, CEO of the Standards Council of Canada.
By consolidating diverse organizational perspectives and approaches to managing third-party risks, this publication brings together best practices and agreed-upon processes to establish a consistent approach to common challenges FIs face when outsourcing AI lifecycle processes. The workshop agreement provides foundational support to fintech vendors to increase innovation opportunities while building confidence in the Canadian marketplace.
“We are happy to have partnered with Canadian RegTech Association and the Standards Council of Canada on the development of a Workshop Agreement that provides baseline requirements for vendors who offer AI/ML Solutions to financial institutions. The workshop was an opportunity to come to a shared upon agreement of best practices that cover steps such as establishing a model governance framework, managing risks, and documenting end-to-end data collection and processing. Through implementation the Workshop Agreement will serve to reduce common challenges.”
– Darryl Kingston, Executive Director, Digital Governance Standards Institute