The Monetary Authority of Singapore (MAS) has on Thursday issued a consultation paper proposing a set of Guidelines on AI Risk Management to guide financial institutions on the responsible use of artificial intelligence (AI) in the financial sector.
MAS said in a statement that the proposed Guidelines will apply to all financial institutions (FIs) and set out MAS’ supervisory expectations on oversight of AI risk management in FIs, key AI risk management systems, policies and procedures, key AI life cycle controls, as well as capabilities and capacity needed for the use of AI.
MAS said it recognizes that AI can be applied to a wide range of use cases, and that the risks associated with different usage of AI may vary based on the scale, scope and business models of FIs.
The guidelines aim to establish a set of expectations that are generally applicable across the financial sector, and may be applied in a proportionate manner – commensurate with the size and nature of FIs’ activities, use of AI, and their risk profiles.
The guidelines will also cover different AI applications and technologies, including Generative AI, as well as newer developments such as AI agents.
Meanwhile, MAS has set out expectations for FIs in the following key areas – oversight of AI risk management; key AI risk management systems, policies and procedures; AI life cycle controls, capabilities and capacities.
Firstly, board and senior management of FIs play a key role in the governance and oversight of AI risk management, including the establishment and implementation of frameworks, structures, policies and processes for AI risk management, and fostering the appropriate risk culture for the use of AI.
Secondly, to support oversight and risk management of AI use, FIs need to establish clear identification processes for AI usage across the firm, maintain accurate and up-to-date AI inventories, and implement risk materiality assessments that factor impact, complexity and reliance dimensions.
Thirdly, to manage the risks of AI throughout its lifecycle, FIs should plan for and implement robust controls in key areas such as data management, fairness, transparency and explainability, human oversight, third-party risks, evaluation and testing, monitoring and change management.
Such controls should be applied based on their relevance and be proportionate to the assessed risk materiality of AI usage.
FIs should also ensure that their capabilities and capacities are adequate for their use of AI.
The guidelines also build on MAS’ supervisory thematic review of key banks’ use of AI in 2024, as well as discussions with FIs.
“The proposed Guidelines on AI Risk Management provide financial institutions with clear supervisory expectations to support them in leveraging AI in their operations,
“These proportionate, risk-based guidelines enable responsible innovation by financial institutions that implement the relevant safeguards to address key AI-related risks,” said Ho Hern Shin, Deputy Managing Director.