UK Treasury Committee Demands AI Stress Testing for Financial Services as Accountability Gaps Threaten Systemic Risk

The UK's financial system faces a critical vulnerability: the rapid deployment of artificial intelligence across banking, credit, and investment services without adequate stress testing or clear accountability frameworks. A new report from the House of Commons Treasury Committee, published today, delivers a stark warning that regulators' 'wait-and-see' approach could lead to systemic shocks that harm consumers and threaten financial stability.

The committee's investigation revealed troubling gaps in oversight and understanding of AI risks within the financial services sector. During hearings, the Financial Conduct Authority's Executive Director for Payments and Digital Finance, David Geale, asserted that individuals within financial firms bear responsibility for harm caused to consumers through AI systems. However, trade association Innovate Finance testified that management at financial institutions struggled to assess AI risk effectively. This disconnect creates a dangerous accountability vacuum where responsibility is claimed but practical control remains elusive.

The core of the problem lies in the fundamental mismatch between AI's 'black box' nature and regulatory requirements for transparency. The committee highlighted that the 'lack of explainability' in many AI models directly conflicts with the senior managers regime, which requires executives to demonstrate they understand and control risks. This creates an impossible situation: senior managers are legally accountable for AI-driven decisions they cannot fully comprehend or explain.

The report provides a concrete example of this accountability dilemma: "For instance, if an AI system unfairly denies credit to a customer in urgent need – such as for medical treatment – there must be clarity on who is responsible: the developers, the institution deploying the model, or the data providers." This scenario illustrates how current regulatory frameworks, designed for human decision-making, break down when applied to automated systems.

The Critical Third Parties Gap

Beyond the immediate AI accountability issues, the committee identified a significant regulatory failure in the implementation of the Critical Third Parties (CTP) regime. Introduced in January 2024, this framework was designed to give the Bank of England and the FCA power to investigate non-financial firms that provide essential services to the UK financial sector, including AI and cloud providers.

However, more than a year after its establishment, the government has not effectively utilized these new powers. The report states: "Over a year since the regime was established, it is not clear to us why HM Treasury has been so slow to use the new powers at its disposal." This delay leaves the financial system exposed to risks from third-party technology providers that operate outside traditional financial regulation.

The committee recommends that the Bank of England's Financial Policy Committee monitor the CTP regime's progress and use its recommendation power to HM Treasury to ensure swift implementation. This oversight is crucial because financial institutions increasingly depend on external AI and cloud services for core operations, creating interconnected risks that traditional banking supervision cannot address.

The Economic Stakes

The urgency of these recommendations is underscored by the financial sector's importance to the UK economy. In 2023, financial services contributed £294 billion to the economy, representing approximately 13 percent of the gross value added across all economic sectors. This concentration of economic activity makes the sector particularly vulnerable to AI-related disruptions.

Despite this significance, successive governments have adopted a light-touch approach to AI regulation, primarily to avoid discouraging investment and innovation. This regulatory restraint, while intended to foster growth, may be creating conditions for a systemic crisis if AI systems fail or produce harmful outcomes at scale.

The Path Forward: Proactive Stress Testing

The committee's primary recommendation is for UK financial regulators to conduct comprehensive stress testing to ensure businesses are prepared for AI-driven market shocks. This approach would mirror traditional financial stress testing but adapted for AI-specific risks, including:

• Model failure scenarios where AI systems produce erroneous or biased decisions
• Data quality issues that could cascade through automated systems
• Concentration risks from reliance on specific AI providers or algorithms
• Cybersecurity vulnerabilities unique to AI systems
• Interconnected risks between AI-dependent financial institutions

Dame Meg Hillier, Treasury Select Committee chair, emphasized the need for a more proactive approach: "Firms are understandably eager to try and gain an edge by embracing new technology, and that's particularly true in our financial services sector, which must compete on the global stage. Based on the evidence I've seen, I do not feel confident that our financial system is prepared if there was a major AI-related incident and that is worrying."

Implementation Challenges

The report identifies several implementation challenges that regulators must address:

Technical Complexity: AI systems vary widely in architecture, from simple decision trees to complex neural networks. Stress testing frameworks must be flexible enough to accommodate this diversity while maintaining rigorous standards.

Data Dependencies: AI models depend on specific datasets for training and operation. Stress tests must account for data quality issues, data drift, and potential data poisoning attacks.

Cross-Border Coordination: Many AI systems and financial services operate across international borders. UK regulators must coordinate with international counterparts to ensure comprehensive oversight.

Innovation Balance: Regulations must protect against systemic risks without stifling legitimate innovation that could improve financial services efficiency and accessibility.

Global Context

The UK's challenges reflect broader global concerns about AI in finance. The report references several related developments:

• The Bank of England has previously warned about potential AI bubbles resembling the dot-com era
• US economic data suggests AI investment is currently preventing recession
• Enterprise AI spending is being deferred to 2027, indicating market uncertainty
• Tech leaders continue to invest heavily in AI despite bubble concerns

These global trends underscore the need for the UK to establish robust oversight frameworks that can adapt to rapidly evolving technology while maintaining financial stability.

Next Steps for Financial Institutions

Financial services firms operating in the UK should prepare for enhanced regulatory scrutiny by:

1. Conducting Internal AI Risk Assessments: Evaluate current AI deployments for potential systemic risks and accountability gaps
2. Establishing Clear Governance Frameworks: Define specific roles and responsibilities for AI development, deployment, and monitoring
3. Implementing Explainability Measures: Develop capabilities to explain AI-driven decisions, particularly for credit and investment decisions
4. Engaging with Regulators: Participate in upcoming consultations on AI stress testing frameworks
5. Reviewing Third-Party Dependencies: Assess risks from external AI and cloud providers under the CTP regime

The Treasury Committee's report represents a significant shift from the UK's previous light-touch approach to AI regulation. By demanding proactive stress testing and clearer accountability frameworks, the committee is pushing financial regulators to move beyond reactive oversight toward preventative risk management. The implementation of these recommendations will be closely watched as a test case for how democratic societies can balance AI innovation with financial stability and consumer protection.

The financial services sector's rapid adoption of AI has created new vulnerabilities that traditional regulatory frameworks are not equipped to address.