The Explainability, Data, Governance, and Ethics (EDGE) Principles were outlined in a Report published on April 17 by the Financial Industry Forum on Artificial Intelligence (FIFAI), a group created by the Office of the Superintendent of Financial Institutions (OSFI) and the Global Risk Institute (GRI).
FIFAI is composed of financial services experts (e.g. regulators, banks, fintechs…) brought together to advance the discussion for managing AI risks through effective regulation.
The Report identifies four areas of greatest importance collectively referred to as the “EDGE” principles, more specifically:
1/ Explainability enables financial institutions to deepen trust with their customers as they understand the reason for decisions. The Report proposes that financial institutions focuses on the following:
Implement models with an appropriate level of explainability
Explainability by design or use additional techniques for models considered as black-box models.
Adopt different approaches to explainability (e.g. local explanation versus global explanation).
Disclosure of adequate and relevant information to help investors, regulators, and the public understand the institution’s financial health and performance and enable them to make informed decisions. Disclosure should be concise, simple, relevant, intuitive, and practical and written in plain language.
Avoid excessive disclosure to mitigate detrimental consequences on the firm's security, AI integrity process and competitive advantage.
Disclosures related to third-party AI models to ensure adequate disclosure to customers.
2/ Data leveraged by AI enables financial institutions to, amongst others, provide targeted and tailored products and services to their customers, enhance risk analysis and improve decision making.
The data governance framework should ensure that data is accurate, reliable, complete, representative, consistent, and compliant with relevant regulations, including privacy legislation. Areas to consider include:
Data characteristics (e.g. data volume, data versioning, data agility...) and associated challenges (data quality and data aggregation).
Data Governance (data ownership, data privacy & security, regional data limitations, data centric-approach and data literacy).
Third-Party Data (data collection and data sharing).
3/ Governance leveraged by AI ensures that financial institutions have the right culture, tools, and frameworks available to support their AI lifecycle. The Report states that an effective AI governance framework should:
Be holistic and encompass all levels of the organization
Clearly defined the roles and responsibilities
Include a well-defined risk appetite
Reflect the risk of use cases (including when the financial institutions transition from a rule-based to a risk-based approach)
Be flexible as a financial institution’s adoption of AI matures
4/ Ethics encourages financial institutions to consider broader societal impacts of their AI systems. To prevent or addresses issues related to bias, the Report explores various areas and suggest that:
Both legal and ethical considerations should be taken into account in the decision-making processes even though financial institutions are not affected by AI ethics.
Multidisciplinary views ( e.g., computer scientists, lawyers, financial data scientists, ethicists) should be considered while developing and using AI applications. Another suggestion is for standards setting bodies to agree upon ethical guidelines to help market participants manage their AI-related risks.
Greater transparency and appropriate disclosure related data privacy and data protection forms part of financial institutions overall framework. Ensure to put an emphasis on customer consent, including through a recommended approach named “consent drift” which “refers to the case where customers provide consent for data to be used for a particular purpose, however over time the same data is used for a different one”. Ongoing consent management would be required in such cases.
The Report also recommends that certain characteristics be taken into account for an effective regulatory framework: (i) industry recommendation on best practices; (ii) consistency across regulators (In Canada and abroad); (iii) standards around third-party risk management and/or independent review of the third parties; (iv) industry/stakeholders consultation; (v) creation of regulatory sandboxes, (vi) proportionality to account for differences in size; materiality, and organizational capabilities across financial institutions; (vii) harmonized regulatory requirements; (viii) cross border collaboration between regulators, (ix) consideration of smaller financial institutions…