Swiss bank secrecy and GenAI: Between embracing the future and honouring tradition

Unlocking business value with GenAI for banks

In today's rapidly evolving digital landscape, the financial sector stands at a crossroads. Banking institutions have long been a bedrock of trust and stability. But the integration of Generative Artificial Intelligence (GenAI) into banking operations will represent a seismic shift not just in technology but also in business potential. What does this mean for banks in practical terms? Here we look briefly at the business value that GenAI brings to the table, focusing on how the use of GenAI could impact Swiss banking secrecy.

A brief reflection on Swiss banking secrecy

Swiss banking, renowned for its discretion, hinges upon a foundational principle: Swiss Bank Secrecy. Essentially, this secrecy ensures that a client's details, especially the "Client Identifying Data" (CID), remain confidential, unless otherwise mandated by legal imperatives. However, in the contemporary digital landscape, confidentiality extends beyond just CIDs. It covers a diverse array of digital footprints, from transaction metadata to nuanced communications between clients and their banker.

Using GenAI in banking practices: An integration dilemma and a learning challenge

In a typical IT outsourcing project for a bank, there are challenges to prevent unauthorised access to CID and to either avoid or properly structure the storage of CID outside Switzerland. Once these two challenges have been resolved, the bank secrecy issue is mostly resolved.

In the world of banking, there is a lot of data that is not directly about the client but is nevertheless confidential. Think of it as not just knowing the client’s name and address (which is obvious information) but also understanding their preferences, habits, and interactions without necessarily knowing it is 'them'. Advanced systems like GenAI do not just learn from the obvious information; they also learn a lot from these subtle clues.

Traditional systems are like filing cabinets - you can easily remove a file or a piece of paper. But with GenAI, once it learns something, it is like trying to ‘unsee’ or forget an experience. If GenAI is exposed to any confidential information, it learns from it, and 'unlearning' or making it forget is extremely challenging.

This poses a challenge when we think about maintaining the strict confidentiality standards on which Swiss banks pride themselves. It is therefore critically important to be careful about what data is shared with these systems in the first place.

Consequently, banks (and other institutions entrusted with professional secrecy) must be careful when using GenAI as part of their operations. The use of purely internal solutions in a controlled environment might be less of a concern than using open GenAI models, since the secrecy has to be guaranteed by the organisation as a whole.

These challenges should not prevent banks from using and allowing the use of GenAI. Banks typically hold a broad range of secrets about their customers and are fully capable of protecting them. Why should they not be capable of doing so when using GenAI? However, awareness training and appropriate controls at both a human and technical level should be an important part of any implementation of GenAI in a banking operation, in order to protect bank secrecy.

Strategic imperatives for GenAI onboarding in a Swiss bank

• Preferably use models that were specifically trained for a Swiss bank
  
  While humans can intuitively gauge the sensitivity of certain data, GenAI processes data more objectively. Using a model that has been trained in the context of a high level of confidentiality and trust may lead to a more cautious approach to using it when confronted with investigative questions. Going forward, Swiss banks might even consider the use of models that are developed specifically by or for Swiss banks. Swiss banks have built their reputation on discretion. Ensuring that a GenAI model aligns with these values is crucial for maintaining clients’ trust and upholding the bank's reputation.
  
  
• Monitor and filter any interactions with the model
  
  When input is fed into a GenAI model, even if it is subsequently deleted, its “echo” might still influence the model’s behaviour due to the patterns it has recognised. For banks, this poses a challenge to maintaining confidentiality or complying with data deletion requests from clients. While compartmentalising data or utilising advanced "forgetting" mechanisms in AI might mitigate the risk, the best approach is always to monitor any interactions with the model for potential CID or any other unwanted topics. Advanced analytics, including AI, might be used to perform an important part of this monitoring.
  
  The same goes for output produced by the model. Even when applying all due caution, a risk remains that the model producing unexpected statements or insights which might not be in line with the bank’s culture of confidentiality. Given the current level of maturity of GenAI technology and models, it is imperative for banks to filter the output for sensitive information from the models prior to sharing it with customers or third parties.

• Remember the basics
  
  GenAI is ultimately a data processing model that sits on an IT system. Its implementation and use require the same level of IT security as any other IT system that operates with sensitive data. This simple truth explains why Swiss banks will typically restrict access by employees to public GenAI models. However, it should not hold them back from proactively exploring this exciting new world.

Authors

• Ralph Wyss - Partner, Defence, Security & Justice Sector Lead, Audit & Assurance
• Marc Beierschoder - Partner, AI & Data Lead, Consulting
• Elianne Rosochacki - Assistant, Risk & Regulatory Assurance, Financial Services