This site uses cookies to provide you with a more responsive and personalized service. By using this site you agree to our use of cookies. You can learn more about our use of cookies and similar technologies and your choices by reviewing our Privacy Policy. By clicking “I agree” you agree to our use of cookies and similar technologies.
Why You Should Care About AI Governance
Imagine this scenario: A financial institution adopted AI to automate credit decisions, but due to an inadequate governance framework, the system denied loans based on incomplete or biased data. When regulators and customers raised concerns, the company faced both legal penalties and public criticism, while more prepared competitors capitalized on the situation. This illustrates the critical importance of anticipating regulatory developments and managing AI with a framework that ensures legal compliance, transparency, and fairness—protecting not only your business but also your competitive position.
Even though AI compliance is a moving target, we have helped clients assess their risk and establish a framework that will adapt and manage risk over time. We break it down into the following three areas: legal, ethical, and competitive.
Legal: The regulatory landscape of AI is rapidly evolving but is still being outpaced by AI innovation. Therefore, it is not only important to care about current applicable legislation but to anticipate legal developments in order to ensure an efficient compliance environment at your organization. Current legislation differs by jurisdiction as legislative bodies have struggled to keep up with the technology. Companies must navigate these regulations to ensure their AI systems are compliant with laws such as the General Data Protection Regulation (GDPR) in Europe, the EU Artificial Intelligence Act in the EU, Executive Order 14110 in the United States and other local laws. All organizations should care about and prioritize avoiding enforcements and penalties associated with noncompliance. The lack of standardized regulations across different regions puts multinational companies specially at higher risk of noncompliance. Despite the challenges posed by differing compliance standards, all AI regulations target the same general concerns that existed before the widespread use of AI, such as data privacy and bias, and emphasize taking a risk-based approach with adequate controls to mitigate company-specific risk.
Ethical: The anticipation of legal developments in AI regulation is difficult, but this difficulty can be tempered by following ethical best practices and aligning AI use with your organization’s existing ethical standards. Beyond caring about the legal risks associated with AI, you should care about customer and stakeholder trust in your organization, and that entails caring about the societal and moral implications of AI use. In order for an AI governance framework to properly account ethical concerns it must at minimum address bias detection/mitigation, transparency/communication related to decision-making processes where AI is involved, and fairness/equity in application and availability of use. As organizations have implemented AI tools in their business practices there have been too many instances where AI has unjustly or erroneously made major decisions, such as employment decisions, violating privacy laws/policies, or promoting disinformation. AI auditing is the research and practice of assessing, mitigating and assuring an algorithm’s safety, legality and ethics. AI auditing can help prevent unethical AI practices and outcomes.
Competitive: Artificial intelligence (AI) is one of the world’s most discussed technology trends and is forecast to increase global GDP by $15.7 trillion by 2030. AI is a unique tool that, like previous technological developments, can advance your organization’s business goals only if implemented with clear objectives and a strong framework. Organizations with a strong AI governance framework that cover developing, implementing, and evaluating new AI tools and applications, can achieve competitive advantages. It is critical to find a balance between policing the application of AI in your organization and fostering an environment that rewards innovation, which is necessary to stay competitive across industries.
The key to utilizing AI for good is to establish a solid AI framework as a foundation. Engaging a third-party consultant, like Guidepost, to help you assess, design, and implement a complete and balanced AI framework enables your organization to more rapidly respond to AI use opportunities. You will enhance your organization’s efficiency, save costs, improve the customer experience, and develop more solutions unique to your organization.
Allison Spagnolo CIPP
Chief Privacy Officer, Senior Managing Director
As Chief Privacy Officer and Senior Managing Director, Allison Spagnolo leads the Artificial Intelligence (AI) practice, ensuring governance and compliance for clients’ AI usage, and compliance engagements across sectors including financial institutions, healthcare, and government contractors. This includes reviewing anti-money laundering (AML) and sanctions (OFAC) issues for global banks and multi-national companies, as well as advising on financial crime compliance issues specific to cryptocurrency exchanges and Fintech companies. She has traveled extensively in Europe and Asia for the purpose of leading and conducting on-site inspections and reviews related to NYDFS and Federal Reserve monitorships, BSA/AML audits and other compliance matters.
Morgan Maiorino
Senior Analyst
Morgan Maiorino is a compliance and investigations analyst at Guidepost Solutions. She supports the Investigations + Business Intelligence, Corporate Risk + Compliance, Institutional Integrity, and Immigration + Border Services practice groups.
Jacqueline Pluta ACAMS
Analyst
Jacqueline Pluta is an analyst with Guidepost Solutions working on a variety of issues across multiple industries. Most recently, Ms. Pluta completed a compliance review for a community bank with 13 locations, where she developed several review procedures to test the bank’s compliance with regulatory requirements including the Equal Credit Opportunity Act and Truth in Savings Act.
InvestigationHotlines