Richard Harmon, VP & Global Head of Financial Services at Red Hat, believes the excitement around artificial intelligence (AI) in banking and financial services will last for some time, despite the optimism of some that 2024 will see widespread use of AI in this field.

At the MoneyLIVE Summit in London in 2024, we had a conversation with him and his coworker Monica Sasso, Red Hat's Global Financial Services (FSI) Digital Transformation Lead, about the subject.

According to Harmon, "there's still constant innovation coming across when it comes to Gen AI." Banks now need to know where and how to use Gen AI most effectively, all the while working with regulators to change the laws governing this area.

"The application of Gen AI is far more widespread than what we're currently witnessing, so banks may need to wait for additional innovations before determining which use cases are most appropriate for their own organizations."

Regulatory barriers for Gen AI in banking
In fact, the newly approved EU-AI Act in Europe and the UK will require banks using Gen AI to adhere to it (though they still have time to organize their affairs before it takes effect). This will classify the banks' current usage of AI as "high risk."

This covers price and risk evaluations conducted by banks using AI, as well as creditworthiness assessments. As a result, banks are required to adhere to stricter guidelines when using AI for these purposes.

Therefore, Harmon stated that even if this new technology "may be really exciting, gain efficiencies and insights into customer behavior, it must be implemented correctly."

"A bank may face dire repercussions if it fails to use AI in accordance with the most recent and pertinent regulatory requirements.

Therefore, even though banks have a lot of options, I believe that initially they will focus on Gen AI application use cases that are beneficial right away, don't need regulatory clearance, and don't reveal any customer data. Natural language processing is one example of what banks have already done, but this will be more advanced.

An Argentinean bank called Banco Galicia, a Red Hat customer, processed corporate onboarding and new corporate customers in a matter of days instead of weeks by utilizing natural language processing and predictive AI.

The bank was able to swiftly digitize paper-generated material and fast analyze and process it thanks to natural language processing.

"Today, a bank could use Gen AI to further reduce that processing time while utilizing the chance to suggest embedded offerings, giving customers a more accurate, personalized, and nuanced onboarding experience."

Gen AI: Boosting the cybersecurity capabilities of banks

Naturally, practical cases for Gen AI in banking go far beyond those involving client onboarding.

As Sasso points out, there is a lot of room for Gen AI to automate a bank's cybersecurity procedures.

We've been employing artificial intelligence (AI) for years, she claims. "A bank must utilize it if they choose to do any kind of real-time action.

"Therefore, banks will be able to begin automating some cybersecurity tasks if they begin to consider some of these efficiencies, apply an operational resilience lens to it, and integrate AI with threat hunting software."

Cybersecurity measures are so vital for banks today, with companies like JPMorgan facing up to 45 billion hacking attempts a day, employing over 60,000 technicians with the express objective of countering cyber assaults.

As such, Red Hat collaborates extensively with its clients in the field of using AI to assist cybersecurity. According to Sasso, "We're starting to help them work with some of these newer AI-based tools."

"These things keep the lights on, which is why it is so important," she continues. "AML procedures are often somewhat laborious. To achieve that, hundreds of people would be needed. However, these new technologies greatly improve accuracy and speed up the procedure. Therefore, I believe banks should concentrate there.

According to Sasso, automated threat-hunting and cybersecurity technologies must be reintegrated into a bank's primary system in order for prompt action to be taken in the event of a danger.

"Who's going to wake up at two in the morning to cope with an attack? Threats may be automatically avoided to keep systems up and running with Red Hat tools like Ansible Lightspeed interacting with Advanced Cluster Security or Advanced Cluster Management, says Sasso.

Furthermore, the likelihood of a financial institution becoming the target of an attack increases with size, similar to the previously stated JPMorgan, emphasizing the need of cybersecurity concerns.

Simplifying AI: Developing labor skills

AI apps need to be as straightforward as possible since banks and financial institutions are highly concerned about the potential of cyberattacks. Upskilling the workforce is an important factor in this, since many workers need to undergo retraining to match today's technology expectations.

According to Sasso, "two things, culture and upskilling," are essential to the basic use of AI.

"Banks need to shine a light on all this and truly lift the hood to see what they're working with and how AI can help drive efficiencies in their existing infrastructures," the speaker goes on.

It is also crucial to consider how it may impact other processes, such as risk. Some people could believe that banks that outsource to third, fourth, and fifth parties are also exporting risk, but they might not realize that doing so creates new risks.

"This boils down to possessing the knowledge and abilities necessary to recognize the new dangers that are generated, and banks that lack these attributes are vulnerable to hostile assaults.

"Although banks have the option to pay for the ability to ignore what is happening inside the box, they still need to be aware of which box is plugged into which string, which box contains which software infrastructure, and which small applications are calling other services from that box."

Banks must thus comprehend their software supply chain and software bill of materials when utilizing technology through outsourcing to third parties in order to guarantee that the code used on the bank's code base is validated and virus-free.

Sasso goes on, "This is where we at Red Hat are working tirelessly with our clients." The main goal is to impart knowledge, awareness, and control over the things that they should know and understand. We'll keep doing that as technology advances and becomes more widely used.

How banks ought to transform the current infrastructure
Naturally, interoperability between third-party software and the sometimes outdated infrastructure used by banks is required when outsourcing to outside parties.

The idea of overhauling financial infrastructures has been popular for a while, but as Sasso attests, banks cannot complete this task quickly; rather, it must be done gradually.

According to her, "decisions at large institutions are sometimes made without fully understanding what integrations are, or what they can do for you as a bank, because technology is moving quickly."

"I often remind my customers that the choices they make now might result in tech debt down the road. We're currently working with major institutions to unravel 40-year-old tech debt, which is never going to be an easy task.

Banks can containerize innovative technology to attain uniformity. Red Hat has been working on this for nearly a decade with Red Hat OpenShift, a hybrid cloud application platform that helps banks move to cloud-native systems and modernize software on older systems.

Additionally, banks are able to lessen the cognitive load on developers and operators as well as technological duplication thanks to hybrid multi-cloud services. According to Harmon, banks that build natively on a single cloud must create distinct versions of their products for each location in which they wish to operate.

"You can deploy apps enterprise-wide, operating anywhere using a hybrid multi-cloud architecture, meaning technicians only need to support one piece of code and relocate it around to the places needed.”

Banks and other financial organizations are favoring a multi-cloud approach where one cloud may serve as a backup to another since backup clouds are required to fulfill regulatory standards as well.

Therefore, it is evident that even while artificial intelligence (AI) has the potential to completely transform banking and financial services, it is crucial to have the proper infrastructure in place to facilitate AI integration and a thorough grasp of how best to employ it.