Executive Summary
Respondents broadly agree that AI can encode and amplify historical patterns of discrimination and proxy protected classes, creating real risks on prohibited bases. They also identify practical mitigation strategies across development, validation, revision, and use—ranging from data representativeness and feature controls to fairness testing and lifecycle governance. Yet barriers persist: limited access to bias-testing data, ambiguity about what fairness requires, opacity of complex models, and uneven guidance. The aggregated results show mixed coverage of the question across submissions, underscoring both urgency and unresolved implementation challenges.
Key takeaways:
- Across 76 responses for Question 12, outcomes were 46.05% Yes and 53.95% No.
- AI can learn or proxy protected characteristics even when sensitive variables are excluded.
- Pre-, in-, and post-processing techniques, fairness testing, and robust monitoring are cited as effective mitigations.
- Model performance depends on representative, validated data and careful feature selection or restriction.
- Human-in-the-loop oversight and lifecycle risk management are emphasized to curb discriminatory outcomes.
- Barriers include limited access to bias-testing data, difficulty defining fairness, and black-box opacity.
- Alternative data and third-party tools present heightened risks of disparate impacts if not governed.
- Respondents call for transparency-oriented practices to isolate and address sources of disparate impact.
Bottom line:
Yes—AI systems pose material risks of bias and discrimination, but respondents point to concrete mitigations across the lifecycle. Effectiveness hinges on data quality, feature controls, fairness testing, human oversight, and continuous monitoring, constrained by data access, definitional ambiguity, and opacity.
The Question (Ref #12)
What are the risks that AI can be biased and/or result in discrimination on prohibited bases? Are there effective ways to reduce risk of discrimination, whether during development, validation, revision, and/ or use? What are some of the barriers to or limitations of those methods?
Direct Response to the Catalog Question
Risks: Learning algorithms can pick up patterns correlated with protected characteristics and replicate historical discrimination or engage in proxy discrimination, including when protected variables are omitted.
Methods during development/validation: Use pre-, in-, and post-processing debiasing approaches; strengthen data validation and sampling for representative training sets; restrict or filter inputs and exclude prohibited bases; and run fairness testing and disparate impact analyses.
Methods during use/monitoring: Implement robust monitoring and controls for drift and disparate impacts, maintain human-in-the-loop review for consequential decisions, and apply transparency-oriented practices to isolate drivers of disparities.
Governance and design choices: Apply lifecycle risk management that emphasizes fairness risks; select algorithms and feature sets deliberately; diversify development teams; and document decisions to support explainability and accountability.
Barriers/limitations: Access to data to test for bias may be constrained; defining fairness is contested; black-box models complicate detection and redress; guidance is uneven across use cases; and alternative data and third-party tools introduce additional uncertainty.
By-the-numbers — Question 12
| Metric | Value |
|---|---|
| Total Yes | 35.0 |
| Total No | 41.0 |
| Total (Yes+No) | 76.0 |
| % Yes | 46.05% |
| % No | 53.95% |
| % of answers (coverage) | 100.0% |
Introduction
Question 12 asks about the risks that AI can be biased and/or result in discrimination on prohibited bases, the effectiveness of mitigation methods across development, validation, revision, and use, and the barriers to those methods. The provided materials collectively describe how AI can replicate historical inequities and identify both technical and governance practices to reduce those risks, while acknowledging persistent limitations.
Historic Lessons in the Evidence
Respondents’ reasoning converges on a core lesson: biased or unrepresentative data and opaque modeling choices readily propagate historical inequities, and proxies can recreate protected-class effects even without explicit sensitive attributes. They argue that fairness cannot be retrofitted at the end; instead, it must be embedded across the lifecycle with disciplined data, feature, and algorithm choices, coupled with ongoing monitoring and human oversight. Where definitions of fairness are unsettled and data access is limited, even well-intended controls can fall short.
Recent Developments
Not observed in the provided materials.
The Challenge
Practically, institutions must secure representative data and the ability to test for bias, design features that avoid proxies, and maintain explainability while using complex models. Respondents highlight gaps: limited access to bias-testing data, ambiguous fairness standards, opaque models that hinder root-cause analysis, uneven guidance for non-credit applications, and heightened risks from alternative data and third-party tools.
Evolving Metrics
Respondents described applying disparate impact frameworks, targeted fairness testing, and continuous monitoring to assess discrimination risk. They referenced bringing excluded features back in validation to compute fairness metrics, transparency-oriented analyses to locate sources of disparity, and routine validity and fairness testing for production models. These practices reflect a shift from one-time audits to lifecycle measurement that includes data representativeness checks, bias detection/correction, and outcome monitoring.
A Framework Inspired by the Inputs
An implicit lifecycle framework emerges: plan for fairness risks; curate and validate representative data; select algorithms and features to minimize proxies; apply pre-/in-/post-processing bias mitigations; conduct fairness testing and disparate impact analysis in validation; keep humans in the loop for consequential decisions; and deploy with robust monitoring, documentation, and transparency to isolate and correct disparities over time.
Case Study
A representative pattern in credit underwriting begins by filtering data to avoid prohibited bases and restricting features likely to act as proxies. During validation, teams reintroduce excluded variables offline to compute fairness metrics and check disparate impacts. They maintain human-in-the-loop review for borderline cases, deploy monitoring and controls to detect drift or emerging disparities, and document decisions for transparency. Respondents report that, with such practices, AI need not pose greater discrimination risk than traditional models.
Recommendations
- Validate data representativeness and strengthen sampling and data quality checks before training.
- Apply pre-, in-, and post-processing debiasing techniques and document model design choices.
- Restrict inputs and filter out prohibited bases; test for proxy effects in validation using fairness metrics.
- Conduct formal disparate impact and fairness testing prior to deployment and on an ongoing basis.
- Keep humans in the loop for consequential decisions and establish clear escalation and override paths.
- Implement lifecycle governance: risk assessments, monitoring for drift/disparities, and periodic model reviews.
- Increase transparency to isolate drivers of disparities and support explanations for affected consumers.
- Address barriers directly: secure access to necessary bias-testing data, define fairness criteria for the use case, and set expectations for third-party tools and alternative data.
Conclusion
The materials affirm that AI can be biased and result in discrimination on prohibited bases, particularly through historical patterns and proxy variables. They also outline practical mitigations—data representativeness, feature controls, debiasing techniques, fairness testing, human oversight, and lifecycle governance—with clear caveats. Barriers such as data access, fairness ambiguity, opacity, and uneven guidance remain material. Answering Question 12, respondents show that effective risk reduction is achievable, but only with disciplined, transparent, and continuously monitored practices across the AI lifecycle.
This analysis will continue in our next publication. Don’t miss the next installment.
Follow us, stay informed, stay secure, and let’s navigate the risk landscape together.
