Firms need to embrace the opportunities that AI presents, whilst being mindful of the potential risks that they are exposed to. Whilst developing your strategic plans to introduce AI into your operational estate there are some tactical solutions and controls you can adopt now to help manage the risks and encourage responsible use of public generative AI (GenAI) across your organisation.
Organisational controls
AI policy | Boundary controls | Enteprise license |
Document a corporate policy that defines and informs acceptable use by employees. | Configure existing technology (such as CASB, DLP, web filters, network hardware, firewalls) to control access or monitor use of web based GenAI services. | Opt for licensed versions of web based GenAI services that have additional features to manage usage, history, data privacy and security. |
Individual controls
Data governance | User preferences | User credentials |
Refrain from uploading personal, corporate, or sensitive information that may be intercepted or accessed by malicious actors. | Update the user settings in your GenAI service to prevent storage of data or its use in training the model. | Use anonymous / pseudonymous accounts when subscribing and interacting with GenAI services. |
Guardrails, training and awareness
Risk appetite | Employee communication | Employee education |
Define your risk appetite from the top down, agree what risk you are prepared to accept in the short term through using GenAI. | Engage in ongoing communication with employees, informing them on the BAU activities that can/should be enriched through the use of GenAI and those that should be avoided. | Educate employees on the disinformation and discrimination risks when using GenAI, from either data bias, knowledge gaps, fabrication or even infiltration. |
Given the pace of change, organisations must keep one eye on the external environment. New regulations, third party considerations, client and customer expectations, are all changing. With their other eye, organisations should consider which functional teams may need to evolve their current ways of working to accommodate these emerging external requirements and what changes may be required to their internal operating models.
To learn more about how to develop your strategic plans around AI, please contact us.
Our Experts
Related Insights
Your roadmap for DORA day one compliance
With less than six months to go, the race to DORA compliance is on. Our day one roadmap identifies and prioritises critical actions you need to take within four of DORA's main pillars.
Read moreNavigating the FAR: Five priority actions
Australia's financial services industry faces a surge in new regulations and increased oversight. So where do you begin?
Read moreFAR: your questions, answered.
Answers to the most frequently asked questions we receive on the FAR.
Read moreAI risk management: are financial services ready for AI regulation?
Find out how AI is transforming financial services and the crucial need for proactive risk management and compliance in the evolving regulatory environment.
Read more