As the European Union moves toward banning “unacceptable” uses of artificial intelligence (AI) systems, its proposed rules could slow the adoption of AI in banking and financial services.

Proposed rules released by the EU last week put stringent controls on the use of AI systems for surveillance and “applications that manipulate human behavior,” laying down requirements for transparency, explainability and auditing that will increase the compliance burden for financial services.

The regulation states that credit-scoring systems using AI would need to prove their accuracy and fairness, keep records of all activity, and have “appropriate” human oversight.

“On artificial intelligence, trust is a must, not a nice-to-have,” Margrethe Vestager, EU executive vice president for digital policy, said in a statement. Although the EU is taking a risk-centric approach to AI regulation and has put trust at the center of it, others feel that the stringent rules could make banks averse to implementing AI-powered systems.

“No regulator has given clear direction on how to adopt explainability,” Moutusi Sou, an analyst at research firm Gartner, told Bank Automation News. Explainable AI generally refers to a set of tools and frameworks that clarifies and interprets predictions and decisions made by a machine learning model. Sou added that while there are multiple open-source approaches to explainable AI available in the market, regulators have not laid out clear guidelines or requirements, and this could make banks more hesitant about utilizing AI.

The EU regulations also lay out penalties for noncompliance with the new rules, with maximum fines of up to 30 million euros or, for a business, “up to 6% of its total worldwide annual turnover.” It’s almost like the EU is “trying to say ‘Don’t use AI,’” Sou said, referring to the penalties.

While the pushback from the EU is hard to understand, in Sou’s opinion, others see the new rules as a welcome first step.

“They did a pretty good job of defining ‘high risk,’” Bruce Upbin, head of policy and communications at software provider Zest AI, told BAN. Upbin acknowledged that while compiling documentation and explaining “game-theoretic math” can be time-consuming, the requirements will also likely raise the bar for other financial services and ensure standardization.

“I wouldn’t think there would be a wholesale stepping back or retrenching of what companies are doing, solely because of these new regulations,” Brian Higgins, a technology law and intellectual property attorney at law firm Blank Rome, told BAN. He added that businesses that have already invested in AI are unlikely to change course because of the rules, but since the rules allow for software-made decisions to be challenged, smaller enterprises may need to “retrofit” their systems to make them align with regulatory requirements.

“I can see for smaller companies that may not have the deep resources to completely redesign an AI system with all those costs, [they] might be somewhat hesitant to do that,” Higgins said.

The EU is not new to being the first-mover when it comes to regulating tech. Europe took the lead in regulating data privacy with the General Data Protection Regulation (GDPR), implemented in May 2018, and the newly proposed regulations for AI also mark one of the first attempts to develop detailed and nuanced rules for such systems. Parts of the European data privacy and protection law have since trickled into laws governing data use regulations in different jurisdictions, including the state of California, and the EU’s AI rules may follow a similar roadmap, according to some.

“We certainly have a very strong expectation that the EU’s lead stance is likely to become, over a period of time, the standard across the globe,” Likhit Wagle, general manager of global banking at IBM global markets, told BAN.

Wagle added that the EU’s focus on data privacy and control, combined with its emphasis on transparency in AI decision-making and reduction of bias were likely to position it as the lead regulator for AI. “Customers do increasingly want to have the opportunity to determine how that data is going to be used,” he said, adding that “Customers also want to have the confidence that the way in which AI is being applied to take decisions doesn’t have in-built bias in it.”

The EU’s proposed rules to regulate AI are merely a first step and they will have to be adopted by the European Parliament and the union’s member states to be instituted. The deliberative process that follows will give regulators and stakeholders an opportunity to flesh out how the guidelines will be applied.