Regulations over data, how it’s accessed and used — and especially, safeguarded — are changing rapidly.
And they’ll keep changing.
In one recent example, the Consumer Financial Protection Bureau proposed a rule tied to open banking, which seeks, in part, discussion and regulation of data sharing and access among service providers, third parties and banks.
Kathleen Yeh, director of product compliance at Galileo Financial Technologies, told PYMNTS that next year (and beyond), companies are going to grapple with the larger questions that arise at the intersection of consumer-level information and technology.
“As we move forward into 2024,” she said, “we’ll need understanding on how we are going to leverage technology — and what it’s going to used for, what type of data is going to be capture, and what the potential risks are.”
Beyond the data itself, as Yeh noted, “currently, at the Federal level, we don’t have specific regulations or laws that pertain, specifically, to AI and the risks surrounding it.”
The integration of payment systems and artificial intelligence (AI), she said, may be among the most “prolific” areas of innovation in finance and in commerce. Robust data flows and analytics can help personalize recommendations in real time. Banks have been using AI to help refine chatbots and improve customer interactions and cut down on time spent on the line with call centers. Yeh pointed to Cyberbank Konecta, a Galileo SaaS offering that improves response times by more than 65% and has cut the “drop out” rates from online chats by more than 50%.
We’re seeing some movement at the state level to regulate AI, perhaps most visibly in California. Oregon’s taken steps, too, to allow consumers to opt out of letting their data be used to profile them.
Compliance becomes even more complicated against the backdrop of companies operating internationally, because regulations can vary widely from country to country when it comes to data and risk mitigation. It’s an optimal strategy for firms to have proverbial boots on the ground in each country or region where it does business. That may not always be possible, due to limited resources, so a partnership approach — as described below — may be helpful.
Yeh noted that regulators and lawmakers are closely monitoring the developments in the space and are adamant that AI firms are not exempt from having to comply with existing federal regulations and laws.
“There are a lot of laws on the books and a lot of existing regulations,” she said, “and those are not going away.”
The companies looking to bring innovation to the financial services realm are tasked with continuing to test and document their compliance with existing rules, Yeh said.
Partnering with platforms and providers, including Galileo, she said, can streamline client firms’ efforts to remain in compliance, and to be aware of what’s trending on the regulatory horizon.
Yeh said the partnership approach enables Galileo to connect with its clients and discuss the impacts and risks of new and emerging technologies, as well as the impacts of regulation. With that collaboration, she said, companies can state that “they’ve done their homework, tested controls and done their best to ensure there is a reduced, manageable and acceptable level of risk.”
That value of relying on Galileo’s insights becomes apparent for a company that may find that regulations in Europe differ from those in South America — but go-to market strategies demand attention to both.
“Having that legal and compliance expertise and being able to rely on that expertise in that specific jurisdiction to provide guardrails to innovation,” said Yeh, is critical as commerce grows across borders.
For all PYMNTS AI coverage, subscribe to the daily AI Newsletter.