OCC’s Semiannual Report Highlights Emerging Risk of AI in Banking

Gregory Parisi, James Stevens, Zayne Tweed
Troutman Pepper
Contact
LinkedIn
Facebook
X
Send
Embed

On December 7, the Office of the Comptroller of the Currency (OCC) published the fall edition of its Semiannual Risk Perspective, which discusses key issues facing banks. From the OCC’s perspective, the overall strength of the banking system remains sound and recessionary pressures appear to be easing. The OCC notes that, while many economists had predicted a decline, gross domestic product increased at an annual rate of 2.1% in the second quarter of 2023, slowing just slightly from the first quarter’s 2.2% pace. However, the OCC also emphasized that inflation remains elevated and a slowing labor market, declining savings, and higher interest rates could cause financial stress to borrowers.

Going forward, the OCC focused on credit risk, rising deposit rates, operational risk, and compliance risk as key themes. According to the OCC, the key issues for banks in 2024 are:

  • Credit Risk:
    • The economy is expected to experience slowing growth, with inflation remaining elevated and interest rates predicted to stay high for a longer period. This situation will affect vulnerable borrowers.
    • The Federal Reserve may implement additional rate hikes if inflation remains high, which could increase the cost of business investment and consumer goods.
    • Commercial real estate credit quality metrics show signs of deterioration. The office market risk remains high, with increasing vacancy rates. The multifamily market is also seeing increased risk, with higher vacancy levels due to new inventory and slowing demand.
  • Rising Deposit Rates:
    • Rising deposit rates and increased reliance on wholesale funding started to impact net interest margins through the first half of 2023.
    • Stress testing and sensitivity analyses of deposit assumptions remain critical given recent trends in deposit movement and rates as well as uncertainty regarding depositor behavior moving forward.
  • Operational Risk:
    • Operational risk is high due to the increasing sophistication and prevalence of cyberattacks, particularly those targeting the financial sector. These attacks include distributed denial of service attacks and ransomware, which can disrupt operations and compromise customer data.
    • To mitigate against cyber risks, it is important for banks to adopt heightened threat and vulnerability monitoring processes and implement effective security measures, including the use of multifactor authentication (MFA), hardening of systems configurations, and timely patch management.
  • Compliance Risk:
    • Compliance risk elevate as banks expand their partnerships with third parties, such as financial technology companies (fintechs). As the range of payment methods and their accessibility continue to expand and evolve, it is important that banks continuously evaluate their Bank Secrecy Act/Anti-Money Laundering risks and corresponding controls.
    • There has been a significant increase in fraud, as highlighted by the Financial Crimes Enforcement Network. Banks’ responsibilities under the current Customer Due Diligence and Beneficial Ownership Rule and other existing BSA requirements remain unchanged, emphasizing the importance of effective processes to prevent, identify, and file Suspicious Activity Reports in a timely manner.

The OCC also discussed the emerging risk posed by AI, highlighting the pros and cons of AI use in banking. The OCC acknowledged that developments in the technology may reduce costs and increase efficiencies; improve products, services, and performance; strengthen risk management and controls; and expand access to credit and other banking services. However, the agency also warned that the technology may also present significant challenges. “It is important for banks to identify, measure, monitor, and control risks arising from AI use as they would for the use of any other technology. Advances in technology do not render existing safety and soundness standards and compliance requirements inapplicable. Although existing guidance may not expressly address AI use, the supervision risk management principles contained in OCC issuances provide a framework for banks that implement AI to operate in a safe, sound, and fair manner.”

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Troutman Pepper | Attorney Advertising

Written by:

Troutman Pepper
Troutman Pepper
Contact
more
less

Troutman Pepper on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide