AI in credit granting: the challenge lies in governance

Credit granting has always occupied a central position in financial activity and, historically, also in risk management. In recent years, this process has undergone a structural transformation driven by the incorporation of artificial intelligence (AI). 

Decisions that once relied on human analysis and relatively static statistical models are now driven by systems capable of processing large volumes of data, identifying complex patterns, and adapting their inferences in near real time. This evolution has not only increased operational efficiency and the ability to predict defaults, but has also profoundly changed the way credit is structured, offered, and monitored over time. 

While AI was initially seen as a competitive advantage, it has now established itself as an essential part of the infrastructure for credit analysis. The real competitive advantage shifts to the quality of the data used to the ability to integrate these models into the customer journey and, above all, to the robustness of the governance that supports these automated decisions.

In this context, the expansion of data sources assumes a central role. Credit analysis no longer relies exclusively on traditional information, such as formal credit history and declared income, and now incorporates transactional data, information from Open Finance, digital behavior patterns, and contextual variables. This change allows for a more granular and dynamic assessment of ability and propensity to pay, especially relevant in cases of customers with limited history. 

In addition, the incorporation of artificial intelligence has not only increased the volume of data analyzed, but has also transformed the nature of the variables considered relevant. Traditional models have been replaced by systems capable of capturing behavioral patterns. 

As a result, risk analysis is no longer predominantly retrospective and starts to incorporate prospective elements, allowing a more dynamic reading of the client's financial situation. This evolution results, in general, in significant gains in predictive capacity, with relevant improvements in performance metrics and greater efficiency in credit allocation.

At the same time, AI has enabled a significant advance in credit personalization. Granular data analysis allows to individually adjust conditions such as limit, interest rate, and term, in addition to enabling contextualized offers throughout the customer journey. Credit is no longer a standardized product and starts to assume characteristics of an adaptive service, continuously adjusted based on the user's behavior and needs. This personalization, while increasing efficiency and customer experience, intensifies the use of profiling techniques, which reinforces the need to comply with principles such as purpose, transparency, and non-discrimination provided for in the Brazilian General Data Protection Law (LGPD).

Although the LGPD does not impose full explainability of algorithms, it requires the controller to provide clear and adequate information about the procedures adopted, which can be in tension with more sophisticated and less interpretable models. In this sense, the right to review works as a risk mitigation mechanism, seeking to balance the efficiency of automated decisions with the protection of the data subject's rights, especially in situations where credit denial can produce relevant economic impacts.

In this new scenario, the role of the human analyst does not disappear, but transforms. 

Human action is no longer focused on the individual decision to grant credit and is now focused on supervising models, defining policies, analyzing exceptional situations, and ensuring regulatory compliance. This shift reflects a broader shift in the relationship between humans and automated systems, where responsibility for decision-making ultimately remains under human control, even though execution is largely automated.

At the regulatory level, Bill No. 2,338/2023, which establishes the legal framework for artificial intelligence in Brazil, illustrates well the complexity of the framework of these technologies. In previous versions of the proposal, there was direct reference to the use of AI in financial services – including credit analysis – as a high-risk hypothesis. Throughout the process, however, the credit no longer appears expressly, but did not necessarily leave the scope of high risk. On the contrary, systems used in the granting of credit can continue to be classified as such when they fit the hypotheses provided for in article 14, especially because they involve the evaluation or classification of individuals and because they produce relevant effects on access to economic resources.

In summary, trends point to a scenario in which credit analysis will be increasingly continuous and integrated, with models capable of assessing risk in real time and adjusting decisions dynamically

The development of explainable AI techniques, the integration with new technological approaches, and the expansion of embedded finance models tend to deepen this transformation. At the same time, these innovations amplify the need for robust governance structures, capable of ensuring that the use of technology occurs in a transparent, ethical, and legally sustainable manner.

The incorporation of artificial intelligence in the granting of credit represents, therefore, more than a technological advance. It is a structural change in the way risk is understood, measured, and managed. If, on the one hand, this evolution increases efficiency and the potential for financial inclusion, on the other hand, it redefines the contours of responsibility and regulation. In this context, the central question is no longer whether AI should be used, but how to ensure that its use is aligned with appropriate standards of governance, transparency, and protection of rights.