Amid growing concern about the risks posed by the enthusiastic adoption of AI — both by the securities industry, and by bad actors targeting the sector — the International Organization of Securities Commissions (IOSCO) has published a report to arm regulators with tools to enhance oversight.
On Monday, the umbrella group of global securities regulators issued a toolkit that addresses the growing use of AI in the securities industry — ranging from machine learning to emerging agentic AI — which is increasingly being deployed in investment processes, risk management and various operational functions.
While these developments promise potential benefits to both industry firms and investors, IOSCO warned that they can also introduce, or amplify, risks including “complexity, reduced transparency, third-party dependencies and governance challenges.”
“As technologies evolve, new risks may emerge — from hallucination and explainability challenges, to autonomy and control issues, to novel forms of bias, manipulation, or operational vulnerability,” the report said — developments that regulators must track and adapt to, it stressed.
To address these kinds of risks, the report details supervisory approaches to governance, risk management, disclosure, record keeping and reporting. It also sets out metrics that regulators can use to track the adoption and use of AI.
“The toolkit reflects IOSCO’s continued commitment to strengthening supervisory approaches in response to rapidly evolving technologies,” said Hanzo van Beusekom, chair of IOSCO’S Fintech Task Force and member of the executive board of the Dutch Authority for the Financial Markets, in a release.
“It provides practical guidance to help authorities address the risk arising from the growing use of AI systems across financial markets.”
IOSCO said the report and toolkit are part of its phased approach to addressing potential AI-related risks to investor protection, market integrity and financial stability.
The next phase of that work includes a review of emerging practices in the securities industry by IOSCO. To inform that review, alongside its report, the group also launched an industry survey on Monday, which runs until June 26.
At the same time, the group also warned about the growing threat of increasingly sophisticated, AI-powered cyberattacks.
“… recent developments in AI-enabled cyber capabilities … may materially accelerate threat evolution and increase the speed, scope, and scale of existing attack techniques,” it said.
As a result, IOSCO noted that it’s now examining how its ongoing work in AI should include “more continuous assessment and remediation” to address the evolving threat posed by AI-driven cyberattacks.
“Financial market participants should remain vigilant to such risks and take timely, proactive steps to identify and remediate vulnerabilities,” the group said in a release.
“The increasing integration of artificial intelligence into capital markets requires supervisors to have practical and proportionate tools to assess emerging risks while supporting innovation and safeguarding market integrity and investor protection,” said Jean-Paul Servais, chair of the IOSCO board.