On July 18, the Commodity Futures Trading Commission (CFTC) Technology Advisory Committee (TAC) held a public meeting.
In her opening remarks, Committee Sponsor Commissioner Christy Goldsmith Romero said that she will continue to promote the examination of responsible artificial intelligence (AI), focusing on the use of AI in the financial sector.
Below are some high-level takeaways from the meeting prepared by Delta Strategy Group.
HIGH-LEVEL TAKEAWAYS
AI Accountability, Security, and Responsibility
Travis Hall, Acting Deputy Associate Administrator, National Telecommunications and Informal Administration (NTIA)
- We are focusing on accountability policy in AI. At this point we are analyzing how these AI creators are held accountable, but it is critical to develop a strong regulatory foundation first.
- We are actively participating in interagency processes that are looking to address a variety of risks. We will be giving recommendations for policies around auditing that will apply to governance structure within companies. Investors are interested in our work to provide accountability to the companies they are invested in.
Nicole Turner Lee, Senior Fellow in Governance Studies and Director of the Center for Technology Innovation, The Brookings Institute
- Together, machine learning algorithms, AI, and deep learning algorithms can efficiently and quickly solve a host of existing and unforeseen social problems. However, it is important to note that bias can be introduced into the training data at any of the life cycle of the algorithm. Some examples of AI biases are ad targeting, facial detection errors and inaccuracies, and false predictive measures.
- In the regulatory landscape, we are seeing more voluntary self-regulation or opt-in best practices. Going forward, we need less segmentation and more clarity over jurisdictional authority in the U.S., potential harmonization with EU regulation, and sectoral regulation.
Dan Guido, Co-Founder & CEO, Trail of Bits
- AI changes the cost model for attackers and defenders. Unfortunately, output censorship of AI is an unwinnable task as it cannot unlearn information it has already been taught, whether it be used for good or bad. This in mind, there are no effective systematic evaluations for emergent cyber capabilities. The industry needs more task specific data sets and evaluation frameworks to eliminate surprise.
Regulatory Issues for DeFi and DAOs
Anthony Biagioli, Special Counsel to the Director, Division of Enforcement, CFTC
- Ooki DAO can be served as unincorporated association. Does transfer of control to an LLC immunize that group from the law simply because they operate under a decentralized manner. CFTC service on the DAO via a chat help satisfied applicable service rules. The DAO is legally considered a “person” and can be held liable as an operating entity.
Ben Milne, Founder & CEO, Brale Inc.
- There are four key qualities of Defi: self-custody, autonomy, transparency, and interoperability. There is natural tension between heavy governance and DeFi, but the core virtue of DeFi is credible neutrality. The optimal policy approach would be flexible in distinguishing between token holders and stakeholders. Policy should also connect a core mechanism with human input.
Justin Slaughter, Policy Director, Paradigm
- Smart contracts are a useful AI tool we can use to create a governance model with great promise to solve DeFi’s logistical problems. We should focus on mapping the contracts to existing regulation. With a highly decentralized security with large community support, smart contracts can be tailored to DeFi.
Dan Awrey, Professor of Law, Cornell Law School
- In order to regulate DeFi activities we need to understand its several overlapping dimensions like transactions, governance, development, and the operations. Existing regulatory frameworks and approaches rely heavily on a relatively high degree of centralization across enforcing violations, monitoring compliance, and updating rules.
Cyber Resilience For Financial Markets
Hillary Allen, Professor of Law, American University
- Cyber-attacks get most of the attention in cyber security, but some estimates show that losses are greater from accidental tech glitches. Operational threats from climate change can have similar impacts but receive less attention which could lead us to ignore the possibility that operational problems can be transmitted from bank to bank through technological channels. We will need a “macro-operational” perspective to address proper regulation.
Timothy Gallagher, Managing Director, Digital Investigations & Cyber Defense, Chief Security Officer, Nardello & Co
- The required response time for published vulnerabilities is reducing close to zero, which has been very beneficial. Small technology service providers are more likely to enter into third party risk management contracts.