United States of America: Issued Report on Managing Artificial Intelligence-Specific Cybersecurity Risks in the Financial Sector

On 27 March 2024, the US Department of the Treasury published a report on Managing Artificial Intelligence-Specific Cybersecurity Risks in the Financial Services Sector. The report was written in accordance with Presidential Executive Order 14110 on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence. The report identifies the opportunities and challenges that AI presents to the security and resiliency of the financial services sector. It outlines a series of next steps to address immediate AI-related operational risk, cybersecurity, and fraud challenges. Additionally, it provides an overview of current AI use cases for cybersecurity and fraud prevention, as well as best practices and recommendations for AI use and adoption. The report recommends expanding the NIST AI Risk Management Framework and developing best practices for data supply chain mapping. Furthermore, it recommends developing AI 'nutrition labels' for clearer use of vendor system data.