Free Authentic IAPP AIGP Actual Exam Questions - Question 12 Discussion

D imo, since GDPR requires transparency and contest rights regardless of bias tests.

Maybe D. Even though the AI passed fairness tests, GDPR still demands transparency about automated decision-making and lets people contest decisions, especially if they’re fully automated. The other options don’t fit as well—A talks about explicit consent, but that’s more for data processing not automated decisions. B and C seem unrelated to this scenario. So disclosing the use and giving users a way to challenge sounds like the necessary step here before deployment.

D, users must be informed and able to contest automated decisions under GDPR.

It’s D for sure. Even if the AI isn’t biased, GDPR requires that users know when automated decisions are made and have the chance to challenge them. The question mentions automated decision-making, so the bank can’t skip these transparency and contestation steps. A and C don’t really fit here—consent isn’t always needed if the bank has another legal basis, and adequacy decisions relate more to data transfers, not AI deployment. B’s about the Digital Services Act, which doesn’t mandate this kind of disclosure for financial AI tools. So disclosing AI use and enabling contestation is the key step

It’s D because GDPR mandates transparency and contest rights, regardless of bias testing.

Maybe D makes sense too, because GDPR requires transparency and rights to challenge automated decisions, especially in sensitive areas like banking. The testing doesn’t replace the need to inform users and allow appeals.

I’m leaning towards D here. Since the system is used for automated decisions in account opening, the bank should inform users about it and let them contest decisions. That fits with GDPR rules on automated decision-making, right? Options A and C don’t seem directly relevant, and B is about the Digital Services Act, which is more about platforms, not AI transparency.