🏦AI Is Turning Clouds Into Banks
A KYC-like approach could be a practical way to prevent bad actors or foreign adversaries from accessing AI computing power
Before we get started:
I just came back from a two-week trip in China, my first one since Covid. I’m still ruminating about if and how I should write about my experience there. If you are a media outlet interested in publishing my trip experience and observations, please let me know by replying to this email. (A long-form podcast could work too!)
I’ll be in San Jose / South Bay next week for Zoom’s user conference and investor-related events. If you have time and scheduling lines up, I would love to grab some coffee, tea, or lunch with you!
While I was traveling, this WSJ column by Greg Ip on American labor productivity cited my previous post on labor unions. Please check it out, if you missed it.
Now on to today’s post
Louise Matsakis of Semafor reported an important scoop this week: the White House’s upcoming executive order on AI may require cloud computing platforms to share customer information with regulators. If this scoop turns out to be true, this EO will basically implement a “know your customer” (or KYC) type scheme to the realm of AI, effectively turning clouds into banks.
Is this a good approach?
While I’m not generally in favor of (too much) regulation, if we, as a society, have agreed on an intention to regulate (which appears to be the case regarding generative AI), then it’s better to use analogous rules that are already working elsewhere and fit them within the existing industry landscape, rather than come up with something totally new.
So if the goal is to prevent bad actors or foreign adversaries from accessing AI computing power, as training and inference chips become strategically critical resources, then yes, I think this KYC-like approach applied to the clouds is a reasonable and practical approach. Let's expand on why.
Regulating Within A Well-Baked Industry
The cloud computing industry is maturing and the landscape is becoming increasingly well-baked. This is not to suggest that competition isn’t still fierce and there won’t be more innovation and growth. But the key players – the hyperscalers like AWS, Azure, GCP, Oracle, and to some extent AliCloud, Huawei Cloud, and Tencent Cloud – are well-established. (See my previous post on the global data center footprint comparison between the American and the Chinese clouds.)
This industry maturity makes regulating certain aspects of generative AI more straightforward, because almost all users and builders of future AI applications will have to access the computing resources via one or two of these massive cloud platforms. Sure, there will be the occasional deep-pocketed or compliance-sensitive enterprises, who would spend the money and human power to buy and own the GPUs and build their own AI training infrastructure. But, by and large, companies who want to build or use AI will rent the resources from the cloud.
This is good news for pragmatic, well-intentioned regulators for two reasons.
First, there is only a small universe of hyperscalers that matters. As opposed to banks, where there are more than 4,000 banks in the US and 36 of them have assets of over $100 billion, there are literally only a handful of clouds that are relevant in the AI age. We can list them all here: AWS, Azure, GCP, Oracle, IBM, and a few upstarts in the Nvidia orbit, like CoreWeave and Lambda Labs. This is a great set up that makes enforcement practical. (I’m, of course, leaving out the Chinese clouds since they are out of the jurisdiction of US regulators.)
Second, most of these hyperscalers already serve large banks and other financial service institutions as their IT infrastructure, so they are familiar with the complex set of regulatory compliance that the financial industry must adhere to. Banks are arguably the most demanding, but also the most lucrative customers for cloud platforms. On the technical side, banks require the highest level of data accuracy, consistency, and security, since they store people’s money. On the compliance side, they need a huge amount of granular capabilities to meet various audit requirements, like KYC. It is a monumental undertaking to get a bank to move to the cloud, but once they do, they stay for the long haul. That’s why AWS touts its work with HSBC and Standard Chartered, Azure does the same with Blackrock and RBC, and GCP highlights its collaboration with Goldman Sachs and Deutsche Bank. Banks are the customers that will bring in more customers from all industries.
Hyperscalers are already good at compliance. They have to be for business reasons. Routing AI-related regulatory concerns through the clouds by tapping into their existing compliance processes, perhaps with some small additions here and there, is the most effective and least cumbersome way to reach regulatory goals. This approach would have prevented embarrassing loopholes, like how Chinese tech companies that are on the US entity list simply rented Nvidia GPUs from different cloud service providers when they were barred from buying those chips.
I would even venture to say that requiring cloud platforms to share customer information with regulators would be good for new AI startups too. With AI being regarded as a strategic capability for national competitiveness, geopolitics is always in the air, and which customer from which country is using which AI service is always under scrutiny. Putting the compliance onus on the hyperscalers or specialized AI clouds would remove a huge burden that few startups have the resources to bear.
Possible Drawbacks
Just like any regulatory approaches, there are drawbacks to regulating AI through the clouds. Here are a couple I can think of.
Compute Threshold Hard to Draw: if the amount of compute used by a customer is what triggers reporting from the cloud provider to the government, drawing the right line to trigger the reporting can be difficult, if not impossible. As Matsakis noted in her reporting, as the cost of compute to train AI models continues to come down, a compute threshold is too fast moving of a target. In my view, if the regulation’s goal is to preemptively prevent AI threats, especially from foreign actors, then a compute threshold is not the right trigger. In this case, the “who” is the most important factor. If a terrorist organization from the Middle East or a SenseTime (or any other blacklisted Chinese company) runs even a tiny workload using AI chips racked in an AWS data center in the UAE or South Africa, wouldn’t an American regulator want to know?
The cleanest way this regulation would work is a constant cross-checking process between the hyperscalers’ customer list and the Commerce Department’s entity list, Treasury Department’s OFAC list, State Department’s Foreign Terrorist Organizations list, and other similar lists the US government currently maintains. Blacklisted entities aren’t stupid, of course, and are already using subsidiaries and shell companies to obfuscate their identity when trying to access sanctioned computing resources in the cloud. A random, new customer that appears out of nowhere and starts using AI compute resources should trigger an automatic report. Enforcement will require extra vigilance and cooperation between the hyperscalers and the regulators.
The Big Gets Bigger: this may sound counterintuitive, but more AI regulatory requirements placed on the hyperscalers will only make them stronger in the marketplace. These already big players will get bigger. There will be less room for new entrants to disrupt this market, unless they have some special relationship and backing from an existing big player, like the relationship between CoreWeave and Nvidia, the AI kingmaker. It is not surprising that this “KYC the cloud” idea has been pushed by Microsoft and OpenAI; being the regulatory targets in this case benefits them, the incumbents.
This is a classic example of “regulatory capture”, where regulation empowers the incumbents, promotes more rent seeking, reduces competition, and produces net-negative effects for society. I don’t have a good solution for this drawback. It has happened time and time before the US, given the prominent place that corporate lobbying places in the American lawmaking process. Benchmark’s Bill Gurley gave a compelling presentation a couple of weeks ago on this very subject, by citing past regulatory capture examples in the telecom and pharmaceutical industries, and the impending AI regulations being pushed by Sam Altman and others.
My view sits somewhere in the middle. I don’t think zero regulation on AI is right. I don’t think lots of regulations that clearly only benefit the incumbents are right either. There are many bone-headed, counterproductive ways to regulate AI. However, requiring some customer reporting transparency from the hyperscalers and treating the clouds like banks is not one of them.
