New York DFS, White House issue guidance on AI‘s impact. What are the implications

Why it matters

Fueled by AI's seemingly limitless potential to revolutionize the way we work and live, the euphoria surrounding the use of AI is intense. Not a day goes by without myriad conferences, webinars and articles touting AI opportunities and fostering the collective enthusiasm for even more innovative uses. The euphoria is countered, or at least accompanied, by debate on the ethical implications, societal impacts, and the future of intelligent machines including dark warnings from some big thinkers that AI could "end the human race." Directed to different audiences and focused on somewhat different, though overlapping, concerns, both the DFS and the Biden administration releases recognize the good and highlight the actions that need to be taken to address the bad-the heightened risks that come with the use of AI.

Directed at financial institutions supervised by the DFS (but a useful reminder to all financial institutions), DFS's Industry Letter highlights some of the more concerning risks arising from threat actors' use of AI and from financial institutions' own use or reliance upon AI. These include AI-enabled social engineering, AI-enhanced cyberattacks and increased third-party/supply chain dependencies. The DFS guidance also reminds supervised institutions of the controls they should have in place to address these risks.

Meanwhile, the NSM is a follow-on to the administration's Executive Order on AI. The NSM is based on the premise that "AI will have significant implications for national security and foreign policy in the near future." The NSM directs and sets a timetable for various agencies to develop and implement plans to:

• Ensure that the U.S. leads the world's development of safe, secure and trustworthy AI;
• Harness AI to advance the U.S.'s national security mission;
• Advance international consensus and governance around AI.

The scope of the NSM is not limited to U.S. government actions. It also considers broader supply chain and commercial uses of AI as being vital to national security, thereby expanding its impact. Cyber threats are prominent among the risks that must be addressed. Simultaneous with the release of the NSM, the administration also released a Framework to Advance AI Governance and Risk Management in National Security.

What they say

NY DFS Superintendent Adrienne A. Harris
"AI has improved the ability for businesses to enhance threat detection and incident response strategies, while concurrently creating new opportunities for cybercriminals to commit crimes at greater scale and speed."

White House Press Secretary Karine Jean-Pierre
"Today, @POTUS is issuing the first-ever National Security Memorandum on AI to advance federal government adoption of AI for national security. This ensures that America continues to lead the way in seizing the promise and managing the risks of AI."

What we say

"AI is an unstoppable force that brings with it myriad opportunities and risks. Both the private and public sectors, often working together, must develop and continually evolve their frameworks for assessing and managing these risks to ensure the safe and responsible evolution of AI."

The bottom line

The DFS and Biden administration releases are far from the only ones prescribing a rigorous risk management framework for the use of AI-and they are sure not to be the last ones on this topic. Public and private sector executives should consider the downside risks of not heeding the advice.