Abstract
Modern FinTech companies are disrupting the traditional credit scoring model for loan decision-making by turning to artificial intelligence and machine learning systems. They use those systems to assess creditworthiness based on “alternative data” like banking activity or education history. Such AI scoring has the potential to extend credit to those whose creditworthiness is not captured by standard scores. At the same time, it presents new concerns that current regulatory schemes are ill-equipped to address. This paper raises these concerns and compares the current U.S. and EU regulatory regimes insofar as they may apply to the emerging AI scoring industry. The first issue is data privacy in AI credit scoring. The EU regulates this under the omnibus approach of the General Data Protection Regulation, in the United States it implicates the Fair Credit Reporting Act. The second issue is discrimination in AI-based lending, which falls under the U.S. Equal Credit Opportunity Act and a number of European Anti-Discrimination Directives. The paper discusses the discrimination issue in the context of the U.S. Consumer Financial Protection Bureau’s decision to grant the noaction letter requested by FinTech lender Upstart. In a postscript, we discuss the EU’s recent proposal for an Artificial Intelligence Act and provide some preliminary thoughts on the Proposal’s provisions in the context of the challenges of AI scoring regulation raised in this paper.
