China's National Financial Regulatory Administration issues 32 point guidance on safe AI development and use in banking and insurance

China's National Financial Regulatory Administration has issued guidance on the secure development and application of artificial intelligence in the banking and insurance sectors, setting out a supervisory framework for how financial institutions should use AI while controlling related risks. The guidance applies to banks and insurers that develop or use AI and requires them to follow principles of user accountability, self controllability, practical efficiency and safe development, with an emphasis on compliant, transparent and trustworthy use. The 32 measures are organized across governance, development and deployment, data governance, computing capacity, risk management, capability building, and supervisory safeguards. Institutions are required to establish full life cycle AI management, strengthen oversight of use cases and business processes, and manage model development and deployment end to end. The guidance also calls for stronger data management and high quality datasets, the buildout of secure and efficient computing capacity, and risk controls that bring AI into the overall risk management framework, including risk classification, entry controls for high risk applications, human oversight and intervention at critical stages, and tighter outsourcing and supply chain risk management. Additional expectations cover model robustness, transparency and explainability, legal and values compliance, cybersecurity, data security, personal information protection, and operational resilience and business continuity. The administration and its local offices will strengthen guidance and supervision, press institutions to implement the risk governance requirements, monitor compliance risks in financial business, and investigate violations. It also said it will improve risk response and disposal arrangements and regularly assess supervisory policy and outcomes.