View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. AI and automation
March 24, 2022updated 31 Mar 2023 9:26am

Intelligent automation in financial services: Leading the way

The financial services sector is an early adopter of intelligent automation and is encountering its governance challenges sooner than most.

By Pete Swabey

The financial services sector has been an eager adopter of robotic process automation (RPA): by one estimate, it accounts for 29% of the RPA market, more than any other sector. So it stands to reason that the industry is an early adopter of intelligent automation, the combination of RPA with AI.

“Financial services [institutions] have always been among of the top adopters of intelligent automation,” says Sarah Burnett, industry analyst and evangelist at process mining vendor KYP.ai.

Financial institutions have adopted a range of use cases for intelligent automation, from simple integrations of cognitive services into RPA systems to, in a few cases, AI-powered decision making. As such, they have also encountered the security risks and governance challenges that arise from intelligent automation sooner than most.

intelligent automation financial services
Automated loan approvals are still at the cutting edge of intelligent automation. (Photo by courtneyk/iStock)

Intelligent automation in financial services: use cases

Intelligent automation is a broad term, representing a range of possibilities for integrating AI and machine learning into process automation. This stretches as far as AI-powered decision making, but so far most use cases exploit AI’s potential to process unstructured data, such as text and images, to automate steps in a process that would otherwise require human perception.

One use case is making customer service chatbots more responsive and more useful. Recent advances in natural language processing (NLP) have improved chatbots’ ability to understand customer requests and form naturalistic responses, explains John Murphy, head of intelligent automation at accounting and consultancy provider Grant Thornton. “It is an area where machine learning and AI have made huge leaps and bounds in the last few years,” he says.

Integrating an NLP-powered chatbot with an RPA system to retrieve information and handle the customer’s request is an increasingly prevalent use case for intelligent automation, LSE professor Leslie Willcocks told MIS Quarterly Executive in an interview last year. “A bank, for example, will have an interactive chatbot for dialogue with customers, but it will draw on RPA to get the information it needs to be able to have a more accurate conversation with the customers,” he said.

Another use case for intelligent automation is remotely verifying customers’ identities. This combines machine vision to scan verify identity documents, such as a passport or driving licence, with RPA to cross-check those documents against an identity database. This application has helped banks to cut their customer on-boarding processes significantly, says Burnett. “They’ve gone from taking weeks to literally a matter of ten or 15 minutes at most, and that is improving the bottom line.”

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

Other intelligent automation applications aid data processing. WTW, the insurance provider and advisory, had previously employed people to scrub data collected by its survey division of any personally identifiable information. But it was laborious work to which humans are ill-suited, says Dan Stoeckel, digital workforce solutions architect at the company. Instead, WTW used a combination of RPA and a cloud-based NLP service to scan files and remove personal data.

Some institutions have had success in using machine intelligence to understand and optimise their business processes, says Grant Thornton’s Murphy. Process mining and intelligence can help organisations identify opportunities for automation and, in some cases, run A-B tests to see which process design works most effectively, he says.

Arguably the most sophisticated applications of intelligent automation seek to replace human decision making with AI. IBM’s Operational Decision Manager allows organisations to integrate cognitive services, whether they be IBM’s own Watson suite of offerings or their own, self-built machine learning models, says Doug Coombs, IBM’s business development leader for business automation.

Financial services customers include US bank PNC Financial, which uses the system to automate approvals for certain loans. The bank combines prescriptive business rules with predictive data modelling to assess applicants’ eligibility for credit, Combs says.

Not all clients are integrating AI into their automated decisions, however. The day when “AI is infused into everything is a little way off,” he says.

Intelligent automation in financial services: cybersecurity risks

A report entitled ‘Good Bots and Bad Actors‘ by IT consultancy Accenture identifies a number of security risks emerging from intelligent automation. Many of these relate to AI security threats, such as tampering with machine learning models or their training data to influence outcomes.

Examples include “[i]njection of adversarial training instances to introduce a ‘new norm’ to the model, for example to forge credit card eligibility or disable fraud alert mechanisms”, and “gaining possession of the model’s explainability logs to understand its decision logic and ‘trick the system’ by providing input data guaranteeing favourable outcome”.

However, experts interviewed for this article said that the ‘intelligence’ incorporated into intelligent automation is usually provided by packaged software or cloud services from third parties. Maintaining the security of the underlying ML models is unlikely to be the direct responsibility of all but the most sophisticated IA users, for the time being at least.

Instead, the primary security risks of intelligent automation are similar to those of RPA. “If malicious code is introduced [to an automated process], it can be amplified multiple times very, very easily,” explains Manu Sharma, head of cybersecurity resilience at Grant Thornton. In particular, access privileges, which are often allocated to RPA ‘bots’ to allow them to conduct certain tasks, must be carefully controlled.

Nevertheless, the risks identified by Accenture underscore the need to hold suppliers to account for cybersecurity. “A SolarWinds-type hack on [RPA suppliers] UIPath or Automation Anywhere would be devastating,” says WTW’s Stoeckel. Happily, he says, RPA vendors are “starting to put significant investment into the security layer”.

Intelligent automation in financial services: governance challenges

The governance challenges that arise from many intelligent automation use cases are similar to those of RPA. At WTW, Stoekel has established a centre of excellence that runs automations developed by business users through a series of governance checks. These include security and other technical controls, privacy impact assessments, and quality measures.  

Creating centres of excellence is a common approach to governing automation, says Burnett, although they must be well integrated into the business they are to succeed. “The model that seems to work best is a mix of central and federated,” she says. “You might have centres of excellence in different divisions or geographies, depending on what work is being delivered, and those are under the governance of a centralised body.

“You don’t want centres of excellence to become bottlenecks because then they run out of resources,” Burnett adds.

If and when intelligent automation incorporates AI-powered decision making, it can present new governance challenges, such as the risk of AI bias.

This requires simulating the outcome of automated decisions and testing them before and after deployment, Coombs says. “It’s vital that you have governance in place as you move those decisions through the design, test, simulate and live phase.”

Financial institutions that develop their own models to automate decisions, such as loan applications, will have to take particular care.

The EDM Council, a trade association that advises financial organisations on data management, has created a cloud data management capabilities framework that includes guidance on ‘model operationalisation’. Key capabilities include managing the release procedure of machine learning models, applying version control to both the models themselves and their training data, and regular review.

“There’s lots of stories about how when people’s behaviour changed in the pandemic, recommendation engines started doing strange things because they weren’t trained on that sort of behaviour,” explains Colin Gibson, a senior adviser at the council. “It’s not just a release once, review once [approach], you have to have ongoing review of your models.”

Given the risks that arise from fully automated decisions, and regulators’ eagerness to ensure AI does not harm consumers, Grant Thornton’s Murphy does not expect major financial institutions to add AI-powered decision making to processes that affect customers’ access to loans any time soon.

“I think the major banks will be still using humans in the loop and augmenting their experts with more intelligence,” he says. “Rather than getting rid of [humans], best practice would be to run the machines alongside the humans for a few years and be patient about the savings, to make sure it is thoroughly tested and you’ve got the regulator on board with the outcomes.”

Read more on intelligent automation:

Low code and intelligent automation will have a profound effect on IT teams

Intelligent automation in the UK public sector

The Mayflower will cross the Atlantic again – this time with an AI captain

Pandemic recovery gives high-risk jobs a ‘temporary reprieve’ from automation

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU