Artificial intelligence technology is now broadly impacting business strategy, daily life, commerce, data governance, and corporate compliance—all areas that may benefit significantly from big data insights.
AI’s evolving capabilities also pose numerous compliance and operational challenges. These include ethical use of analytic models when applied to sensitive or personal information, and security and privacy controls for ever-growing pools of data.
Employee use of personal devices, collaboration applications, and ephemeral messaging tools for business communications influence the growth of data volumes, information governance, and the compliance team’s access to information or activity that may put the organization at risk.
As organizations leverage big data and analytics to accelerate business objectives, regulatory authorities are also tapping these resources to support enforcement. The Department of Justice, Federal Trade Commission, and Securities and Exchange Commission recently enhanced recruitment of private sector talent with experience applying technology to compliance and leveraging data to understand patterns and behaviors.
With more agents who understand this space, regulators are empowered to monitor and enforce guidance around the effectiveness, accuracy, and sophistication of corporate compliance programs.
Key Issues
Legal and compliance teams must first understand how big data is used in their organization—inside and outside its control. Data hygiene is essential to determine and catalog communication tools, what governance controls apply to them, relevant data privacy guardrails, and how communications can be accessed, preserved, and interrogated.
With this clarity, it’s then imperative to establish strong data and information governance, as well as policy and procedures. Technical functions should retain and dispose of data according to that policy, and be able to authenticate, protect, preserve, or take that data into custody. A strong governance framework also ensures that data management—and any subsequent application of analytics over the data—aligns with the organization’s compliance risk profile.
Upon implementation, AI enters the equation in powerful ways. Analytics and AI use in specific areas can accelerate and strengthen compliance by locating key details through the noise of massive stores of data and surfacing any anomalies. Such programs ultimately provide return on investment through risk reduction and insights that improve compliance effectiveness and scope.
Investing in Prevention
Legal and compliance teams often compete with other business areas for resources and budget for new technology, and should clearly prioritize which programs and tools most effectively meet compliance needs.
Most organizations have already established policies, training, whistleblowing procedures, and data hygiene controls. Today, however, data is more complex and brings more regulatory risk than before.
New laws, standards, and regulations require timely reporting and response when issues arise, and will reward or penalize companies accordingly. In this environment, organizations should prioritize more sophisticated efforts that support prevention and response.
AI Can Navigate Patchwork Regulations
Businesses are often forced to adopt the strictest form of compliance to simplify working in a global market. But they might also become overly risk-averse in jurisdictions with lower regulatory requirements.
AI presents an array of promising solutions, that if used thoughtfully, allow the compliance function to proactively leverage data to avoid risk and spot problems. Similarly, analytic models can be designed to monitor communications for red flags that may suggest fraud or other behavior that increases risk.
These are major areas where businesses can be fined globally, and responsible individuals may face personal criminal penalties. AI can effectively spot these issues quickly and cost-effectively before they escalate, so that compliance teams can respond, investigate, and mitigate.
Additionally, AI as a tool for monitoring compliance can allow an organization to adopt different strategies in different regulatory environments without fear of breach. A varied compliance regime can maximize potential where appropriate.
Organizations that are new to leveraging big data and AI can start by implementing a pilot program in an investigation or e-discovery context. This is a way to begin testing how the tools work and their outputs. Findings in those use cases can reveal the markers that indicate wrongdoing or risky behaviors, and strengthen the compliance program.
Technological Obligation
Legal and compliance teams have a tough job monitoring big data and investing in AI to support proactive compliance and communications monitoring. This is done while navigating the internal culture and change management among the workforce.
Employee attitudes about compliance controls will either fortify or erode the program. Leadership support will strongly influence the success and optimization of any AI investments that will enhance compliance.
Leaders must add another task on their plate to stay ahead of the risk curve: advocating for alignment between compliance needs, business objectives, and company culture while embracing the role of AI.
Compliance teams don’t need to be technical specialists, but must be able to identify tools that can assess employee behaviors and enforce compliance goals. When needed, compliance leaders should engage expert consultants.
As with all high-impact technologies and applicable laws, corporate compliance functions should take a holistic view of AI. The compliance team will need to build a broad community of AI learners and adapters, invest in technologies that that align with corporate and compliance objectives, and seek to use AI in a manner that promotes trust and transparency.
This article does not necessarily reflect the opinion of Bloomberg Industry Group, Inc., the publisher of Bloomberg Law and Bloomberg Tax, or its owners.
Author Information
Angeline Chen, of counsel at DLA Piper, is a cyber and national security attorney with previous experience as a general counsel and chief compliance officer.
Al Park is senior managing director at FTI Consulting’s technology segment, specializing in oversight of technology solutions to address risk and compliance for global corporations and firms.
Ilan Scherr is an antitrust lawyer with over 20 years of experience, and is executive director and founder of Aiscension, which uses artificial intelligence to spot and manage risks.
Write for Us: Author Guidelines
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.