Welcome to our News category, your trustworthy hub for all the latest updates and happenings at Signzy, a leading light in the fintech arena. With our continuous strides in product innovation, technological advancements, forging strategic partnerships, and earning industry accolades, there’s always a buzz of activity at our end. This category is dedicated to bringing you all the noteworthy news and developments related to our organization.
Designed with the intent to keep you well-informed about our journey, our milestones, and our forward-looking vision, our News category is an embodiment of our commitment to transparency. We believe in fostering an open dialogue with our customers, partners, and followers, and this dedicated news section serves as a testament to that pledge.
In this space, you’ll come across updates about our latest collaborations and strategic alliances that enable us to widen our horizons and deliver superior solutions. You’ll gain insights into the accolades we’ve been bestowed with for our pioneering work in the fintech sector. Above all, you’ll get a sneak peek into the trail we’re blazing within the fintech ecosystem.
We cordially invite you to stay connected with us through our News category. Be a part of our journey as we persistently push the boundaries of what’s possible in fintech, revolutionizing the operational modalities of businesses. Whether you’re a client, a partner, or a follower, this space will keep you abreast of our strides and successes. Join us as we navigate the thrilling landscape of fintech, one news update at a time.
Between the years 1990 and 2018, the social security and welfare revenue expenditure of India was more than INR1.6 trillion. Observers point out that much of this did not reach the beneficiaries as mediators consumed the lion’s share. The central government is implementing a new mode to tackle this issue- e-RUPI.
For years the RBI’s aversion towards digital currencies was attributed to the bureaucratic influence from administrations. Now the same administrations are taking steps to approach the future of the economy. e-RUPI is the nation’s latest digital nudge in the financial revolution that will certainly improve the efficiency of welfare programs. More importantly, it will pave a smoother path for the digitization of currency in India.
e-RUPI connects the beneficiaries of the service and the service providers digitally. This avoids all physical interventions, rendering the need for mediators moot. It ensures that all payments are completed only when the transaction is concluded.
How Does e-RUPI Work?
The concerned entity delivers a QR code or an SMS string to the beneficiary’s phone. This enables the user to access it as e-RUPI, a contactless digital payments system. It is similar to a prepaid gift voucher redeemable at select centers. This eliminates all needs for any debit or credit card, internet banking, or even a mobile app. The connection between the service provider and the beneficiary is strictly digital, making it exceedingly foolproof.
NPCI(National Payments Corporation of India) built e-RUPI on its other innovative venture, the UPI platform. Partner banks of the initiative authenticate the details of the specific persons and the purpose of the transaction with which corporate or government agencies approach them. Beneficiaries identify using their mobile number. The banks also provide a voucher to the service provider with the name of the respective beneficiary. This is delivered to the same individual with all security parameters met.
Advantages of e-RUPI
The primary advantage the government notes is a leak-proof proof delivery of all welfare schemes and services incorporated. This may even include schemes for providing medicine and drugs for deserving citizens without hassle or bureaucratic delay.
With more than 17.1% of the entire youth populace being female, it is highly essential to ensure that welfare schemes for women be efficient and devoid of foul play. That is why Mother and Child welfare schemes are also included under the banner. Other major programs set to adopt e-RUPI are TB eradication programs, Ayushman Bharat Pradhan Mantri Jan Arogya Yojana, fertilizer and farming subsidies, etc.
The government recommends the private sector utilize this option as well. The system can be used for CSR(Corporate Social Responsibility) Programmes and employee welfare. Once the corporate sector embraces the benefits of such a system, the national economic landscape will witness terraforming.
e-RUPI vs. Digital Currencies
Despite a frigid history of India’s aversion for digital currencies and the looming concern of a pan-nation crypto ban, the government and associated agencies are taking all steps to transform that image. They are already working on a central bank digital currency(CBDC). This coupled with the potential of e-RUPI to fill the wedges in digital payment infrastructure can result in a successful future for digital currency in the country.
But the catch is that, unlike digital currencies, e-RUPI is still backed by the existing INR as the underlying asset currency. This makes it more of an advanced voucher system than a sophisticated digital currency. Nonetheless, this is a step in the right direction for the whole nation, as financial digitization is certainly an inevitable factor.
How Can Signzy Help?
With even currency being digitized, the Indian financial ecosystem faces challenges in determining the legitimacy of parties involved in digital transactions. Fortified and secure instruments are needed to ensure that all customers, beneficiaries, providers, and even companies are credible. Signzy helps you do exactly that!
We are an RPA-platform for financial and regulatory services. With our state-of-the-art AI-powered technology with a quiver of APIs, products, and resources customizable for your specific needs, none of the hurdles that come with adapting to e-RUPI is an issue. We can make your transition smooth and seamless. Be it KYC of your customer, or a provider approaching your financial institution, we can craft the exact solution you need. Your safety and satisfaction are our priority.
About Signzy
Signzy is a market-leading platform redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering customizable workflows. In addition, it gives these players access to an aggregated marketplace of 240+ bespoke APIs that can be easily added to any workflow with simple widgets.
Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru and has a strong presence in Mumbai, New York, and Dubai.
This has been a crazy year by every count. Doctors now do physical checkup scans using video, US election saw 2x more mail votes than in-person votes, Staycation is now a travel category and of course, Banks are now onboarding users completely remotely without a salesperson or branch touchpoint (Purposely skipping the pandemic part, to keep spirits high !!). So year-end summaries would make for an interesting read.
And you might have got multiple such new year messages from feel-good ones to the ones with the 2020 year reviews and ones that predicted 2021. So writing this note as hard as I realized that maybe I have nothing new to add. But sometimes old incidents become very relevant today. So if I have nothing new to add, maybe I will just relive some old. And nothing better than Gates’s big gaffe about the internet.
Gates, one of the best thinkers of our generation, In 1994 commented: “ I see the little commercial potential for the internet for the next 10 years” at a conference
And of course, he was wrong — Amazon, Google, FB all sprang up in those 10 years and now dominate the top 5 largest companies in the world.
To his credit, by the end of 1995, he wrote an internal memo describing the internet as a tidal wave that will change everything.
We are at the cusp of the next tidal wave, but like in 1994, it seems too far away. And hence all of us are taking things as they come. To give a bit more context let me just recap a bit of this tech wave history :
The first wave was about indexing information fueled by the birth of the internet — Yahoo, Google, eBay
The second wave combined internet, with satellite-enabled GPS, 4G/5G tech and solved for real-time communication — WhatsApp, Zoom, Uber
The third imminent wave and probably the biggest would assist in intelligent decisions.
This would make your devices smarter :
Your cooking dish would understand when the dish is done and self shut off
Your car would self-drive, get maintenance at right time and come back and park itself.
Your gym equipment would self adjust for weight based on your body goals
And this list can go on…
Consumers will start demanding more and more. If they are today demanding ‘Digital interfaces’ as Web, Mobile, and Chat apps. They will start demanding ‘Intelligent’ interfaces, which learn about user’s unique needs and assist them.
While all this can seem intimidating and a 1000 feet level gyan. I also do have some prescriptions. As business leaders, we might not be able to predict everything, but what we can do is be ready for change and build capabilities in the right areas. I am listing below the ones I think are key to nailing this new tidal wave:
AI — Systems Learning to make decisions
According to a Gartner study, around 37 percent of all companies reviewed were found utilizing some type of ML in their business. It is anticipated that around 80 percent of modern advances will be based around AI and ML by 2022.
According to Autonomous Next research seen by Business Insider Intelligence. the aggregate potential cost savings for banks from AI applications is estimated at $447 billion by 2023, with the front and middle office accounting for $416 billion of that total.
Most banks (80%) are highly aware of the potential benefits presented by AI, per an OpenText survey of financial services professionals. In fact, many banks are planning to deploy solutions enabled by AI: 75% of respondents at banks with over $100 billion in assets say they’re currently implementing AI strategies, compared with 46% at banks with less than $100 billion in assets, per a UBS Evidence Lab report seen by Business Insider Intelligence.
In the banking world, AI has made significant strides. From Wells Fargo, Bank of America and Chase launching mobile apps to JP Morgan harnessing RPA, tech adoption has deeply infiltrated the banking sector. banks have realized the importance of these disruptive technologies and intensified digital transformation in their processes and solutions.
But the real question is — banks are adopting tech, but are they understanding it?
In another incident, customers have been complaining about a technical glitch on the bank’s digital banking mobile application While tech transformation comes as a boon to customers, it might also become a source of problems for both you and your customers if it’s not implemented and adopted the right way.
Here are a few things to keep in check:
Keep an eye on the cost, hire an AI partner: Production and maintenance of artificial intelligence demand huge costs since they are complex machines. AI also consists of advanced software programs that require regular updates to meet the needs of the changing environment. You need to build your own technology team which would have the right mix of AI partners and hiring talent. This is crucial in case you are building your own team where talent matters as well as experience, instead of hiring an external AI partner.
Tech Risks Vs Credit Risks: Technology will always remain susceptible to data privacy risks and human-made risks like hacking, credit fraud etc. So while automation may be the road forwards, banks must also consider the impact on every single/overall operation. This would require a suitable technology person/team who would be able to understand the tech risks and work accordingly.
APIs
There was a time when banks and other financial services worked in silos or based their truth on the data that was provided to them by their customers. It’s no secret that the last decade has been one of the most transformative periods for the global banking industry, at least from a regulatory perspective.
Financial institutions have been forced to evolve under this new era of transparency, with authorities taking unprecedented steps to ensure that consumer protection is maintained in the face of all of the business activity being conducted by banks.
Among the most comprehensive transparency drives is Open Banking, which requires big banks to share their customer data with third parties. And at the heart of Open Banking lie application programming interfaces (APIs).
APIs have become especially important to banks during the last couple of years, ever since the Revised Payment Service Directive (PSD2) came into effect across Europe in January 2018. This directive has expedited the development of APIs so that third parties such as fintech (financial technology) companies and online financial-services vendors are developing apps and services that can most benefit from the data they can now procure from financial institutions.
With consent driven data sharing architecture and more importantly with all the data being digitized over time be it identity (Aadhaar), bank records (internet banking) and even commerce (e-commerce sites and online trading); anything you would need w.r.t the customer is usually an identity verification API call away; provided the customer gives you consent.
Your data could only be accessed when you use your debit or credit card for certain transactions through the payment processors. Hence unless you are officially validated, you can’t access an individual’s banking history. However, your banking data still found a way to get to other companies who could use it for their business promotion. The usage data of the customers can be used to automatically target customers with offers that they can be availed by using their bank card.
In India, with the introduction of IndiaStack, newly reformed data privacy laws and DEPA architecture, it’s no surprise that the old rules are going for a toss. Its time for newer API driven data sharing techniques. Improvement of the entire service operations can be done through collaborative/partner-driven approaches like neo-banks or fintech/bank collaborations that have grown over the past decade.
What we are seeing is that banks are looking to combine Open Banking with real-time or instant payments and indeed, that is how a truly seamless customer experience can be created. The commercialization aspect of Open Banking is not only going to be about building APIs and exposing customer accounts to TPPs, it is also about combining these with propositions such as real-time or instant payments and then building a seamless user journey that a customer or a TPP would be willing to pay for.
Cloud and No Code
Gartner predicts that no code application building would constitute more than 65% of all app development functions by the year 2024, with about 66% of big companies using a minimum of four low code tools and platforms.
The potential benefits of utilizing an NCDP tool is that with web access and practical business intelligence one can become an application developer, which is transformational for enterprise productivity.
On the other hand, IT folks have pointed out that business users inept at debugging code may create further challenges for tech teams, given the sensitivity around cybersecurity and business theft events caused by software bugs.
Nevertheless, NCDPs users can create and experiment directly at scale and speed. They are the next wave in programming and techniques for rapid app development.
The evolution of cloud computing, combined with the power, flexibility and scalability of no-code platforms would mean that most if not all systems within the banking organization would be built using no-code, allowing even non-tech executives to build and modify systems in response to customer or market requirements.
This also means that now banks would have to put their focus on no-code and cloud technology and start building their teams around it. Especially focus on building internal cloud capabilities that can help them manage and scale their internal systems in response to changing demographics of the technology they might have to use.
If proper precautions are not taken by the vendors then entire confidential data will get corrupted. This could be avoided by encrypting the cloud service and the storage of confidential information in private storage can help in managing the risk.
Cloud computing reduces all the capital expense of buying and setting up hardware and software at data centers. This makes the banks focus more on banking functions. When purchasing the cloud, be aware of which functions are absolutely crucial to save costs.
To end on a star-gazing note, What would be the next wave?
My bet would be on genetics to make us super-humans, a close second would be the digital afterlife. Would love to hear your craziest predictions and also ideas on how this current wave would play out.
Also, a bit about Signzy’s 2020 to sign it off:
We won 7 awards including 3 international ones
Our customers grew from 87 to 160
Signzy team grew to 162 from 79
We are now present in 5 locations — Pune, Mumbai, Bangalore, Dubai and New York
And with additional funding, this year are well-capitalized with $10.5 M in the bank
About Signzy
Signzy is a market-leading platform redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering customizable workflows. In addition, it gives these players access to an aggregated marketplace of 240+ bespoke APIs that can be easily added to any workflow with simple widgets.
Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru and has a strong presence in Mumbai, New York, and Dubai.
Signzy won the Best Innovative Fintech Data Solution Provider at the 8th India Digital Award, 2018
Signzy bagged the award for the Best Innovative Fintech Data Solution Provider at the 8IDA — India Digital Award of IAMAI. India Digital Awards, possibly the biggest body of its kind, recognizes companies that use digital medium to achieve focussed, successful, and big business outcomes. We feel so humbled to have received this award for our work for simplifying complex regulatory processes in financial institutions and for enabling them to transition to a fully digital experience. As always, we’ll continue to strive hard to take this faith global and beyond the financial industry. Read here.
Events we attended
12th India Digital Summit 2018: We were at the India Digital Summit — the most prominent digital event in the country. The event brought together business leaders, industry veterans, marketers, and delegates to discuss the upcoming technologies, opportunities and challenges in the Digital Industry. Signzy’s Ankit was a part of the panel on “CyrptoCON: EXPLORING AND BUILDING BLOCKCHAIN SOLUTIONS FOR BANKING” at the the digital superconference. He shared his views on the state of the cryptocurrency industry and topics like Standardized Ledger Technology v/s Distributed Ledgers Technology, Blockchain Applications — Smart Contracts, KYC-Chain, RegTech, and Challenges of adopting blockchain for Banking. He also explained how Signzy automates verification processes using cutting-edge technologies such as AI. (17–18 Jan New Delhi)
Upcoming Events
Fintegrate Zone 2018: We’re attending the Fintegrate Zone, India’s largest FinTech conclave at Mumbai from 27 Feb — 1 March 2018. Signzy’s Ankit will be speaking at 15:00 pm on the opening day (27th February).
If you, too, are attending, do come and see us.
How Cryptocurrency Companies should handle their Due Diligence
From our blog:
An informative article explaining how cryptocurrency exchanges are deploying stronger KYC, user data privacy, and AML policies to address key concerns such as financing illegitimate activities, money laundering, and terrorist financing. Read here.
Industry News: Budget 2018 paves the way for MSME sector to be a catalyst in economic growth
Budget 2018 has made important structural changes about accessing KYC, providing tax benefits and more to strengthen the Medium Enterprises (MSME) sector and help build a more robust economy. Read the full story here.
About Signzy
Signzy is a market-leading platform redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering customizable workflows. In addition, it gives these players access to an aggregated marketplace of 240+ bespoke APIs that can be easily added to any workflow with simple widgets.
Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru and has a strong presence in Mumbai, New York, and Dubai.
Visit www.signzy.com for more information about us.
You can reach out to our team at reachout@signzy.com.
As laws to protect personal data are debated, rejected, and adopted across the globe, individuals are becoming aware of their data rights. Privacy of data has become a source of company competitiveness with consumers seeking to engage with organizations that give them a semblance of control over their data. If that wasn’t enough, India is set to pass a regulation governing personal data this year.
The context for compliance
Inferring from the soon to be passed Personal Data Protection Bill 2019, lending is an area that is bound to be hit by a combination of compliance clauses. Data is central to the lending operation. Lenders collect, process and analyze a host of customer data throughout the lifecycle of a loan. This helps the loan granting entity to gauge risk and offer personalized services adapted to the individual’s needs.
To remain compliant these data fiduciaries must ensure they understand the compliance norms and the rights of the data principals. This blog explores the data rights that translate into areas of compliance across the lending process.
The primary rights which affect compliance for lenders are explained below:
These rights have a bearing on the different types of data collected at different steps of the lending process. Although the RBI and SEBI are yet to release separate, detailed guidelines for the fintech sector, here is my take on the PDP’s impact on compliance:
KYC process
The preliminary step of any lending operation is the Know-Your-Customer (KYC) process. The basic documents required for this are (a) Identity proof and (b) Address proof. This is already a consent-based process.
The clauses that have some bearing on this step are:
Storage Limitation: after the loan has been repaid, the data principal can request the erasure of all the KYC data.
Data Portability: with eKYC and VideoKYC being adopted, automated processing is becoming common. The data fiduciary must keep a copy of the data in case it is requested by the data principal.
2. Credit Underwriting
A number of data sources are inspected as a part of the credit underwriting process. These can be divided into:
a. Public sources
This includes news articles about a customer, public social media profiles etc. Since this category of personal data is public, lenders do not have to worry about non-compliance.
b. Private sources
There are a number of private sources that can be scraped for credit underwriting. Here we discuss a few of them that bring up the concern of compliance.
i. SMS reading
This considerably new method of credit assessment would require explicit consent for processing. It is yet to be determined whether consent would have to be taken from both parties associated with the SMS exchange.
ii. Bank login based pull
To evaluate a person’s financial history, lenders perform a bank login based pull. Apart from the fact that explicit consent is required to access this data source, the question here is whether this would be a breach of the data fiduciary’s (bank) trust and if consent would be required from them as well.
iii. Email login based pull
Sometimes applicants are required to provide login credentials to a data source such as a personal email account. Till now explicit permission was usually sought for this to follow through, but not always. With the bill in place, email login based scaping would need to be 100% consent-based.
3. Credit Bureau Access
To ensure effective debt management, lenders share a customer’s personal data with credit bureaus and other third parties when servicing a loan. The transactions, details of the companies involved and justification for the data transfer must be explained to customers. Although credit scoring is a “reasonable purpose exception” in the bill which allows personal data to be processed without consent, it is not certain if it grants an exception from the right to data erasure. The storage of personally identifiable information (PII), implies that a data principal can request it be completely erased.
4. Non-traditional types of data
Bureau companies were previously mandated by the Credit Information Companies (Regulation) Act (CIC Act), which doesn’t allow credit bureaus to use alternative data in generating credit scores. Only loan account data from the core banking system could be used by the credit bureaus. This included default history, size of defaults and repayment time of loans. With an increasing number of data sources, it is yet to be determined if alternative sources are allowed under the new bill. And, how compliance norms would apply to their processing. Potentially, such sources could be:
a. Google Places/ Yelp
b. Payment processors
c. E-commerce platforms
d. Shippers
Privacy by design
The bill mandates that every data fiduciary build a robust privacy system for storing and processing of personal data. A data protection system should be implemented from the outset. This “Privacy by Design” policy is a mandatory requirement and must be certified by the Data Protection Authority. The policy is to be published on the organization and the authority’s website.
Penalties
Non-compliance is liable to a penalty. This penalty could go up to 15 crore rupees or 4% of a data fiduciary’s total worldwide turnover of the preceding financial year, whichever is higher. It is thus imperative for fintechs and banks to start prepping for these compliance measures.
Dissent from lenders
The bill in its current form recognizes all forms of personal financial data as ‘sensitive personal data’. This definition of sensitive personal data in the bill is restrictive and brings up concerns for lenders. The Digital Lenders Association of India (DLAI) had submitted recommendations to reduce potential restrictions that the bill enforces. To make the lending process less prone to frauds, lenders need to access aspects of consumer data. This includes credit history, financial position and some alternative data of customers. With the current bill in place, this would become tedious. While compliance norms are necessary for personal data protection, such a definition will inadvertently hurt the lending operation.
Conclusion
The banking and fintech industry needs a clear compliance checklist. There is a dearth of understanding when it comes to how the current bill will affect compliance for data-centric processes like lending. This is because specific norms have not been released for the fintech space yet. The RBI and the government will need to come up with guidelines for the sector to ensure that function and compliance are not at odds.
About Signzy
Signzy is a market-leading platform redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering customizable workflows. In addition, it gives these players access to an aggregated marketplace of 240+ bespoke APIs that can be easily added to any workflow with simple widgets.
Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru and has a strong presence in Mumbai, New York, and Dubai.
The data economy can be a Catch-22. It can succumb to corporate surveillance capitalism on the one hand and an authoritarian digital “welfare” state on the other. The European Union (EU) places itself as the alternative to both. Its strategy to regulate technology over the next decade is to set that precedence. Whether it is successful is up for interpretation. On 19th February 2020, the European Commission (executive branch of the European Union) published a 26-page whitepaper on Artificial Intelligence (AI). The paper titled a European Approach to Excellence and Trust states the EC’s intent to regulate and advance AI.
This blog will explore the reach, requirements, and reservations of the guidelines the whitepaper introduces.
Reach: A Risk Barometer Approach
The whitepaper will have consequences for those using and developing AI. To be specific, businesses that are participants of the data economy. It’s drafted to effectively regulate AI while not being dictatorial. Strict measures could create a disproportionate burden for SMEs.
The paper defines AI as
“Systems that display intelligent behavior by analyzing their environment and taking actions — with some degree of autonomy — to achieve specific goals.”
However, the proposed requirements will mainly affect AI which is deemed “high-risk”. This is enumerated by the EC as:
“…deployed in health care, transport, energy and parts of the public sector, or if it is used in the employment sphere (for recruitment puposes or in situations impacting worker’s rights), or for remote biometric identification and other intrusive surveillance technologies.”
Due to this definition and set scope, the suggestions would not apply to advertising technology or consumer privacy. The assumption here is that risk can be finitely calculated. This leaves many contentious issues outside of the purview of the guidelines. For example, data brokers that leverage AI to predict identities and hyper-targeted advertising.
It is anticipated that the new framework will have extraterritorial impact, like the GDPR.
Requirements: The Precursor to Compliance
The AI applications classified as high-risk would be regulated by the following key features. These center on safety, security, fairness and transparency:
Training data The paper reiterates that if there is no data, there is no AI. The decisions and performance of an AI are dependent on the data sets it has been fed and trained on. To ensure that the services or products that the AI system enables are safe, the requirements dictate that it must be trained on a broad enough data set. The training data must also be representation to avoid inadvertent coded discrimination. The data collected to adhere to privacy and data protection standards i.e. the GDPR. (Interested in reading more on the data protection regulations in place in the EU and India? Take a look at our article comparing the GDPR and PDP Bill)
Data and record-keeping Considering the opacity and complexity of many AI systems, certain requirements are put forth to verify compliance. It could allow potentially problematic decisions or actions by the AI to be traced back. The regulatory framework proposes that the following records can be kept: a. Records related to the programming of the algorithm b. Data sets used to train and test the high-risk AI systems (when justified) along with a description of their main characteristic and the reason for their selection c. Documentation on the algorithm and the training methodologies adopted to build, test, and validate the AI
Information to be provided
Apart from the above information, the AI system’s limitations and capabilities must be proactively provided. It should also mention the degree of accuracy to which the system can achieve a specific purpose. This information could be useful to those deploying the AI application. The whitepaper reiterates that citizens should be duly informed when they are interacting with an AI and not a real person. The details should be easy to understand, concise and objective.
Robustness and accuracy Across the AI system’s life cycle, it must correctly reflect its own degree of accuracy. The whitepaper mentions that the outcomes should be reproducible. The AI system must be able to deal with errors and inconsistencies. It should endure overt attacks, and be resilient against manipulated data.
Human oversight The AI system must be ethical and trustworthy. To not undermine human autonomy, the whitepaper insists on the AI being human-centric. This could manifest in different ways depending on the system’s purpose and functioning: a. Output is reviewed and validated by a human before it becomes effective. For example, human intervention needed to approve a person’s KYC. b. Human intervention post the output being effective. For example, reviewing why the AI rejected a credit application, after the decision was put into effect. c. Monitoring the operation of the AI system. This is with the possibility to intervene and stop its functioning in real time. For example, a deactivate button in a driverless car. d. Constraints integrated during the design phase. For example, a driverless car will stop when visibility is low.
Specific requirements (Example: For AI applications used for remote biometric identification)
The application of AI systems for functions such as facial recognition affects the fundamental rights of a citizen. For example the right to a private life and the protection of one’s personal data. Processing of biometric data is to uniquely identify a person. This can only be done in special circumstances with adequate safeguards. The whitepaper declares that the EC will begin a “broad European debate”- on what these circumstances are and their justification.
Reservations: Missing the Mark
The proposed guidelines address issues of personal data protection and pivacy rights, non-discrimination, and cybersecurity. But, it seems to miss the perils of “low-risk” technologies with weakened guidelines.
The whitepaper overlooks that the classification of low risk is not absolute. This could actually be very risky for some. The harms of technology are often amplified to disproportionately affect the marginalized.
A draft version of the whitepaper was leaked in January. Held against that, the new criteria are feeble attempts to regulate the possible adverse implementations of AI. Here, the draft proposed a prohibition or what is called a “moratorium” on facial recognition in public spaces for 5 years. But, the released guidelines are merely a call for a “broad European debate” on the facial recognition policy.
Stakeholders can give their insights on the whitepaper by 31st May 2020. The EC will start drafting legislation based on the proposal and feedback at the end of 2020.
About Signzy
Signzy is a market-leading platform redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering customizable workflows. In addition, it gives these players access to an aggregated marketplace of 240+ bespoke APIs that can be easily added to any workflow with simple widgets.
Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru and has a strong presence in Mumbai, New York, and Dubai.
