The UK’s lead financial regulator, Nikhil Rathi, is set to warn investors, banks and insurers to increase spending on cybersecurity to combat fraud being committed through the use of generative artificial intelligence (AI). With approximately 15% of (432,000) businesses currently using AI within their companies, the risk of cyberattacks becomes increasingly more likely as cybercriminals abuse the technology to carry out fraud. In light of this, CFO of global cybersecurity company, YesWeHack, Claire Trachet, highlights the influence AI will have on the financial services industry and the need for serious investment into cybersecurity.
A recent report from Mckinsey has found the use of AI in business has increased by more than 270% in the past four years. However, with the growing excitement brought by generative AItechnologies comes an increased risk relating to cybersecurity. These risks are highlighted by a report published by BDO at the end of 2022 which found UK businesses faced an average of 65,000 attacks per day in 2020. Alongside this, research from Forbes Advisor found that 59% of Brits have concerns about the use of AI, with 38% citing privacy and data as their main concern. This highlights the general caution and lack of trust for AI that remains amongst consumers.
In 2022, the AI sector contributed roughly £3.7bn in value to the UK economy, as well as attracting almost £19bn in private investment. According to Trachet, whilst it is pleasing to see the UK capitalising on the economic benefits of AI – with recent research from Earlybird revealing that Britain houses the largest number of AI startups in Europe at around 334 – it is also important not to lose sight of taking precautionary actions against potential risks posed by AI.
Claire Trachet, CEO and founder of Trachet, Claire Trachet, comments on the influence AI will have on the financial services industry and the need for serious investment into cybersecurity:
“AI technology is constantly evolving and leading the way as a necessary component for investment into the UK economy. However, with this excitement and new opportunities, businesses, banks, boards and investors must take necessary precautions in establishing security measures to ensure they are protecting their consumers.
“Looking at the financial industry, we already see AI is being heavily deployed into data-heavy parts of the financial services industry, like asset management, algorithmic trading, credit underwriting, or blockchain-based finance. While incorporating AI into financial firms can serve as an advantage in improving efficiency from cost reductions and an increase in productivity, the potential dangers also need to be taken into account.
“AI still remains quite new, we’re still learning how to navigate it, so giving it direct control of people’s finances and the ability to make decisions that could cost companies millions from a mistake made within investing and trading is incredibly dangerous. One thing AI does not necessarily have is the ability to replace innate human skills like emotional intelligence, problem-solving, and intuition. These skills are integral to the finance industry as it allows people within finance to make decisions that will best serve their clients through the use of creative and critical thinking.
“The best way to combat this is by investing in cybersecurity measures, but also having some form of human interaction with the AI to ensure everything is being overseen to limit the run-in of any risks and fraud. In this sense, AI could operate on an advisory level. This, combined with human decision-making, could be an effective proposal for the finance industry as it leaves a large portion of the control with humans, alleviating the potential dangers of AI.
Personally, I don’t believe AI is a tool that financial industries should solely rely on – big firms may run into serious issues as a result of a cyberattack as hackers are becoming increasingly aware that banks and the financial industry are investing in AI, potentially making them more prone to attacks.
Overall, the most important procedure businesses and the financial sector needs to take is having some form of risk management, even if that means paying for specialists who can validate those risks. Otherwise, we risk getting to a point where cyberattacks reach a rate that goes beyond humans being able to effectively control them.
