**Article 9**

### Establishment and Maintenance of the Risk Management System

Veritas Risk Solutions has implemented a comprehensive risk management system for the Consumer Credit Transformer, addressing the AI system’s designation as high-risk under the EU AI Act. This system is formally documented, maintained, and updated continuously to cover the entire lifecycle of the AI system—from design and development through deployment and post-market operations. The framework integrates automated and manual checkpoints for periodic review, ensuring systematic identification and handling of risks as new data and user contexts emerge. The lifecycle approach incorporates cross-disciplinary inputs including data science, financial regulation experts, and compliance officers to maintain alignment with evolving risk landscapes and regulatory expectations.

### Identification and Analysis of Known and Foreseeable Risks

Risk identification began with detailed domain-specific hazard analysis focusing on health, safety, and fundamental rights impacts for natural persons applying for credit products. Key identified risks include erroneous creditworthiness evaluation leading to discriminatory denial of credit, impacts on data privacy through integration of financial metadata, and risks of unintended bias against vulnerable groups such as minors or economically disadvantaged demographics. This initial analysis leveraged a review of 12 million anonymized credit applications spanning five years, combined with external audit reports on systemic bias in credit scoring. Reasonably foreseeable risks were extrapolated using scenario modeling, including misuse cases such as adversarial data manipulation and incomplete input features. The analysis also accounted for misuse via re-identification attempts in aggregated data and unintended behavioral steering through decision feedback loops.

### Estimation and Evaluation of Risks Including Reasonably Foreseeable Misuse

Quantitative risk estimation used probabilistic risk assessment models calibrated on both historical credit decision outcomes and synthetic adversarial examples generated via perturbation of input features. The model’s baseline false positive rate—where creditworthiness is underestimated—was experimentally determined at 4.3%, with a false negative rate of 3.1% under standard operating conditions. Evaluations under simulated misuse conditions showed potential risk increases, which informed risk thresholds for system deployment. The likelihood and severity of outcomes were weighted to assess overall risk magnitude, incorporating internal model explainability scores to measure confidence and areas prone to uncertainty. Complementary adversarial robustness tests simulated realistic scenarios such as incomplete transaction data and feature tampering, revealing residual exposure that informed mitigation strategies.

### Post-Market Data Analysis and Emergent Risk Evaluation

Post-market monitoring data feeds into the ongoing risk analysis cycle through the integrated telemetry system capturing anonymized user interactions and decision outcomes at an aggregate level. Data subject to GDPR-compliant anonymization is reviewed monthly to detect drift in prediction accuracy, emerging bias towards new population segments, and novel failure modes. A dashboard compiling key performance indicators and alert thresholds supports the risk management team’s proactive assessment of emergent risks. For example, initial post-market reviews revealed a slight decrease in model accuracy (1.2%) among applicants under 18, triggering a targeted investigation and recalibration of preprocessing filters. Such data-driven iterative evaluation ensures dynamic updating of the risk profile over time.

### Design and Development Measures to Mitigate Identified Risks

Mitigation measures were incorporated across multiple facets of the system design to minimize risks identified in earlier phases. At the architectural level, the encoder-only transformer model uses multi-head self-attention mechanisms to detect and weigh critical features accurately, reducing model bias by learning richer feature interactions rather than relying on single-attribute thresholds. Data preprocessing pipelines enforce strict validation rules, including outlier detection and feature normalization, to prevent corrupted or anomalous records from influencing decisions unfairly. Additionally, a bespoke fairness-aware regularization component was integrated during model training to minimize demographic disparities measured by equality of opportunity metrics, achieving a disparity reduction of 22% compared to baseline models. Comprehensive explainability modules provide deployers with feature attributions for each decision, supporting transparency and user challenge mechanisms.

### Consideration of Combined Effects of Risk Management Measures

The risk management measures were developed considering their combined effects to optimize residual risk reduction while maintaining system utility. For instance, fairness regularization interacts synergistically with robust feature engineering to curb biases without undue compromise on predictive performance, which remained stable at an AUC of 0.87 on validation datasets exceeding 3 million records. Explainability tools complement model robustness by facilitating deployer and end-user understanding, thus indirectly reducing misuse risks. Documentation of these interdependencies is part of the quality management system, ensuring coordinated updates across components during model retraining or pipeline modifications. Trade-offs between risk and functional performance were carefully balanced to align with the dynamic deployment contexts identified.

### Residual Risk Acceptance and Control Measures

Residual risks arising after design interventions reflect a technically informed balancing act. Where absolute elimination was unfeasible—for example, minor predictive errors affecting vulnerable subpopulations—additional controls were implemented. These include automated flagging for manual credit officer review in cases near classification thresholds, combined with mandatory user notices regarding model limitations consistent with Article 13 obligations. Training materials and technical documentation specifically target deployers with limited AI expertise, ensuring they understand system constraints, interpret model outputs appropriately, and apply operational measures to mitigate residual effects. The overall residual risk profile is monitored continuously, with escalation procedures for any risks exceeding predefined thresholds.

### Testing Regimes and Performance Verification

The Consumer Credit Transformer underwent extensive testing regimes at multiple development stages, including unit testing of data ingestion modules, integration testing of model pipelines, and end-to-end validation on representative real-world datasets. Testing scenarios covered both intended use and edge cases encompassing reasonably foreseeable misuse, with probabilistic performance metrics aligned to regulatory expectations. Tests included simulation of real-world credit application flows where missing data and noise were systematically introduced to assess robustness. Benchmarked metrics incorporated accuracy, fairness, robustness, and explainability measures. Prior to market release, the system passed a final round of testing against established thresholds: minimum AUC 0.85, maximum false positive rate 5%, and explainability coverage exceeding 95% of decisions.

### Real-World Condition Testing and Ongoing Verification

In line with Article 60 requirements, controlled pilots in operational lending environments were conducted under supervision to validate system behavior in live settings. These pilots monitored real-time decision latency, error rates, and user feedback to verify compliance with risk parameters and technical performance. Post-pilot adjustments addressed minor configuration issues affecting feature encoding consistency. Following deployment, periodic re-testing is performed triggered by model updates, significant dataset shifts, or emerging regulatory guidance. This ongoing verification ensures sustained alignment with intended purposes and risk acceptance criteria throughout the system’s operational lifetime.

### Special Considerations for Vulnerable Groups

Specific provisions were made to identify and mitigate adverse impacts on persons under 18 and other vulnerable groups. Data inclusion criteria exclude personal data of minors except where explicitly authorized, minimizing the risk of unintended profiling. Model fairness audits focus on socioeconomically disadvantaged segments, monitoring for disparate impact and updating mitigation algorithms accordingly. The technical information package includes detailed warnings and instructions on the system’s limitations concerning these groups. Furthermore, deployer training emphasizes sensitivity regarding vulnerable applicants, reinforcing ethical decision-making frameworks to complement technical safeguards.

### Integration with External Requirements

Where applicable, the risk management procedures incorporate overlapping internal risk control mandates from the financial regulatory environment, such as those stipulated by the European Banking Authority (EBA) guidelines on credit risk models. Veritas Risk Solutions’ compliance framework aligns the Article 9 risk management system with these external mandates, creating a harmonized governance structure that facilitates regulatory audits and supports deployers’ obligations without redundancy. This integration enhances consistency and efficiency while preserving the specificity of AI system risk management activities.