US SEC proposes AI rules for money managers

Concerns AI and predictive analytics could skew the incentive mechanisms for advisors and brokers

US SEC proposes rules for money managers, brokerages on use of AI and data analytics

Image:

US SEC proposes rules for money managers, brokerages on use of AI and data analytics

Proposed rules cover use of analytical, technological and computational functions, correlation matrices, algorithms, models or similar methods or processes

The US Securities and Exchange Commission (SEC) on Wednesday proposed new rules that would require registered investment advisors and broker-dealers to address potential conflicts of interest arising from the growing use of AI, predictive analytics and other tools used by wealth managers.

The proposal, which now enters a public-comment period, stems from concerns that advisors and brokers might employ predictive data analytics technology in a way that prioritises the broker's financial interest over the best interests of the firm's clients.

Financial companies have been using AI for market surveillance and fraud detection for several years. However, in more recent times, the emphasis has shifted towards AI's application in trading recommendations, asset management, and lending services.

The SEC wants to ensure that companies prioritise the interests of their clients over their own when providing recommendations for trades or financial products.

"We live in an historic, transformational age with regard to predictive data analytics, and the use of artificial intelligence," said SEC chair Gary Gensler.

"I believe that, if adopted, these rules would help protect investors from conflicts of interest — and require that, regardless of the technology used, firms meet their obligations not to place their own interests ahead of investors' interests."

As per a fact sheet [pdf] published on the SEC website, a firm's use of analytical, technological, or computational functions, correlation matrices, algorithms, models or similar methods or processes will fall under the proposed rules.

It further states that the use of these technologies may lead to a conflict of interest during any interaction or communication with investors, "including by exercising discretion with respect to an investor's account, providing information to an investor, or soliciting an investor."

Under the proposed rules, financial firms would be obligated to establish written policies and procedures that are reasonably designed to ensure compliance with the proposed regulations.

Additionally, they would be required to maintain books and records pertaining to these requirements.

During the discussion, Republican commissioner Mark Uyeda highlighted the fact that there are already existing laws that address numerous potential conflicts of interest that may arise between brokers and the investors they represent.

SEC Chairman Gary Gensler acknowledged the presence of existing rules covering conflicts of interest but emphasised that the rapidly evolving technological landscape requires an update to address new challenges and complexities introduced by the use of AI, predictive analytics, and other emerging technologies in the financial industry.

The proposal was approved in a 3-2 vote, with commissioners voting along party lines.

Commissioner Hester Peirce dissented, aligning with fellow Republican Commissioner Uyeda in opposition to the proposal.

On Wednesday, the SEC finalised additional rules that mandate companies to disclose major cybersecurity breaches.

The rule retains the requirement from the proposed version, stipulating that companies must publicly disclose security breaches within four business days after determining that they are "material" to the company's operations or financial condition.

However, the new rule introduces an option for companies to delay disclosure if the US attorney general determines that making the cybersecurity incident public would pose risks to public safety or national security.

Additionally, under the updated regulations, companies will be required to periodically provide descriptions of their efforts to detect and manage threats in cyberspace.

The rule, initially proposed in March 2022, is a component of the broader SEC initiative to bolster the resilience of the financial system against cyber-intrusion, data theft and systems failures.

Once more, Republican commissioners expressed dissent, arguing that the new rule was redundant considering the presence of existing requirements, and that it would impose excessive burdens on companies.

SEC officials said that in response to public feedback, adjustments were to the proposal, eliminating a requirement for companies to disclose board members' expertise in cybersecurity.