Learn | Articles | Matilde Alves | 30 May 2024

Uncovering Hidden Vulnerabilities in Machine Learning

As AI and machine learning (ML) technologies continue to transform industries, it’s crucial to understand not just the technical aspects but also the broader sociotechnical context in which these models operate. A recent study by our colleague Anouk Wolters, in collaboration with Roel Dobbe, sheds light on this vital topic, focusing on the financial sector. Their research proposes practical guidelines to adopt in ML practice, which allows organizations to better navigate the complexities of ML applications, fostering trust and innovation in their use of AI.

The Bigger Picture: Sociotechnical Systems

ML models are not standalone entities; they function within complex systems involving people, processes, and institutions. This broader view helps us see the full picture, highlighting potential risks and ensuring these technologies are used safely and effectively.

Identifying Key Vulnerabilities

The research categorizes vulnerabilities into eight dimensions, each offering a unique lens to understand and address potential issues:


Misspecification: Mistakes or gaps made in the definition of the ML system as an integrative part of the larger sociotechnical system.

Bias and Error: Data biases and model errors can significantly affect people, processes and organizations.

Interpretation: Misunderstanding model outputs can lead to incorrect decisions or over-relying on model outputs.

Performative Behavior: ML models can inadvertently influence the behavior of people interacting with them.

Adaptation: Users may use the system in unintended ways, leading to new vulnerabilities.

Dynamic Change: Changes in the system’s environment can impact model performance.

Downstream Impact: Decisions based on ML models can affect other processes and systems.

Accountability: Clear responsibility and transparency are essential for trust and safety.

Practical Guidelines for Addressing Vulnerabilities

To proactively tackle these vulnerabilities, the study proposes several practical guidelines, among which:


Form Multidisciplinary Teams: Engage a diverse team from the start to cover all aspects of the sociotechnical ML system.

Define System Boundaries: Clearly outline the scope for design, development, and governance.

Monitor Continuously: Keep an eye on model performance and its interaction with the broader system.

Ensure Transparency: Be open about how models are used and how decisions made with models come about.

Facilitate Communication: Develop shared knowledge and communication channels among all stakeholders.

Real-World Insights from the Financial Sector

Focusing on the financial industry, the research paper provides empirical evidence through interviews and case studies, highlighting the challenges in integrating ML models into existing systems. Two case studies illustrate these challenges vividly: one in financial crime detection and another in email marketing. Stakeholders experienced several difficulties during the design, development, and implementation stages, underscoring the need for a holistic approach.

Moving Forward

Integrating sociotechnical considerations into ML design and governance is not just a best practice but a necessity. This approach helps ensure AI systems are effective, fair, transparent, and safe. By adopting these guidelines, organizations can better navigate the complexities of ML applications, fostering trust and innovation in their use of AI.

For an in-depth look at this important research, check out the full paper here.

Watch Our Interview with Anouk Wolters

Don’t miss our video interview with Anouk Wolters discussing her research and its implications for AI. Watch it here.

About The Author

Anouk Wolters

Research & Implementation Engineer

Anouk is a Research & Implementation Engineer, focusing on implementing Deeploy’s platform and responsible AI best practices for our customers. Her research on sociotechnical AI fuels our product and way of working while contributing to the scientific community as well.