Lessons from the Frontlines of AI in Compliance

Insights and Best Practices for Responsible Gen AI Adoption in Financial Compliance

📅 January 6, 2025

Key Lessons from Gen AI Implementation

Generative AI (gen AI) is reshaping financial compliance, unlocking new capabilities for productivity, decision-making, and insight generation. However, implementing gen AI effectively requires navigating significant challenges and opportunities. At the Institute for Financial Integrity (IFI), we’ve drawn on real-world experience in developing AskFIN, our proprietary gen AI-powered financial crime assistant, to identify strategies for leveraging this technology responsibly.

By examining approaches for integrating gen AI while addressing critical considerations like data quality, user education, and governance, this article provides actionable steps for financial compliance leaders aiming to stay ahead in an evolving regulatory and technological landscape.

Data is Key and Data Quality Is Paramount

Organizations best positioned to succeed with gen AI are those with a robust and well-structured data asset or knowledge store. High-quality data is foundational for gen AI to function effectively, as poor data quality can undermine the entire process, leading to inaccurate results and eroded trust—highlighting the adage, “garbage in, garbage out.” However, data perfection is rarely achievable. Rather than waiting for flawless data, it’s often better to start with what you have, breaking ground and building while continually improving your data story along the way.

Model Selection and Adaptability

While model (LLM) selection is important—not all models are created equal and there are models that excel for specific purposes—it is becoming less important with the rate of improvement, the convergence of model performance on specific tasks, and the increasing ease of running concurrent model testing or even swapping out models on the fly. Whatever you start with, it will likely be overtaken quickly by something else. Don’t overthink where you start but instead set a baseline, establish your review practices, and find ways to continually compare what you are using with what is available as you evolve.

User Education Is Key

Users of gen AI solutions bring varying levels of familiarity with the technology. Providing education and tools that help users engage effectively with gen AI is essential. Features like prompt guidance and tailored training workshops empower users to make the most of gen AI capabilities. This approach bridges knowledge gaps and builds confidence across diverse user groups.

Educating employees and customers on fraud risks, particularly those posed by AI, is essential. Learn more about strategies for AI fraud prevention in our article, “Elevating Defenses: Strategies for AI Fraud Prevention”. It outlines key steps to empower teams and improve defenses against emerging threats like deepfakes and biometric spoofing.

For insights into the evolving role of compliance professionals in an AI-driven landscape and the importance of upskilling, see “AI vs. Human Judgment”. It discusses how professionals can adapt to the shift toward strategic and governance roles.

Privacy, Security, and Governance Are Non-Negotiable

In compliance, privacy and security are foundational. Implementing localized data processing environments, as was done with AskFIN, ensures sensitive information is safeguarded and does not feed external models. Permission-based access controls add another layer of security, aligning with the unique demands of the compliance space.

Transparency is Critical

Transparency around sourcing and function is not just appreciated—it’s required. A “black box” solution erodes trust, increases user confusion and questions, undermines adoption, and adds strain on client support teams. Providing context about how answers are derived and linking them to credible sources fosters accountability and confidence. Even after initial implementation, organizations must continuously iterate to maintain transparency, trust and confidence.

Establish Guardrails for Responsible Use

Robust guidelines and guardrails are essential to manage the dynamic capabilities of gen AI. These measures help ensure responsible AI application and mitigate potential harm. For example, AskFIN has implemented guardrails to prevent questions outside the financial integrity domain while maintaining flexibility for users to introduce new terms within the model’s learning scope.

Ongoing Testing and Quality Assurance

Continuous validation and iterative improvements are vital in the dynamic gen AI landscape. For example, with AskFIN, ongoing testing of its knowledge repository, architecture, and underlying models ensures its capabilities remain current and effective. This commitment to quality assurance builds resilience in rapidly changing environments.

Unique Implementation Strategies

To deliver trusted gen AI solutions like AskFIN, the following approaches were adopted:

Collaborative, Multi-Disciplinary Development

We embraced a collaborative, multidisciplinary approach to implementing gen AI, bringing together the expertise of in-house subject matter experts (SMEs), technical and product teams, and valuable insights from our clients. This approach ensured a well-rounded perspective that addressed every aspect of the implementation process. Actively seeking out diverse viewpoints allowed us to refine functionality, tackle emerging challenges, and drive innovation to create a solution that truly resonates with users.

Red Teaming for Innovation and Risk Mitigation

We engaged a second development team to “red team” our process, using a creative approach to identify opportunities for rapid improvement and uncover vulnerabilities to address. Much like a penetration test designed to challenge boundaries and think outside the box, this skilled external team applied their expertise to critically evaluate and expand our mental models, ensuring a more robust and innovative outcome.

Collaborating with external teams for testing and validation is a valuable strategy for identifying vulnerabilities and enhancing systems. To understand more about collaborative approaches in AI, see “Exploring the Balance of Innovation & Responsibility”, which discusses how organizations can engage regulators and industry peers for effective AI governance.

The journey to integrate gen AI into financial compliance is filled with both challenges and opportunities. From ensuring high-quality data to fostering user education and embracing iterative development, leaders can take actionable steps to harness AI’s potential responsibly. By learning from the experiences of others and remaining adaptive to this rapidly changing landscape, the financial compliance industry can lead the way in leveraging AI for transformative results.

Author

Shannon Barnes is the Chief Product Officer at IFI. AskFIN is available to users on the DOLFIN platform and the BETA continues for our industry test group. For more information on AskFIN or to be part of the industry BETA, please reach out to info@finintegrity.org.

Reach Your Financial Integrity Goals

AskFIN is a revolutionary, AI-powered tool seamlessly integrated with DOLFIN^® — the world’s largest and most trusted library of curated resources on financial integrity topics.

Built to support financial integrity professionals, AskFIN offers just-in-time knowledge and boosts productivity by providing fast, accurate responses on the latest regulatory developments and compliance requirements. Combined with the advanced technology from DOLFIN^®, the largest and most trusted library of financial integrity resources, AskFIN delivers a unified solution to ensure professionals are informed and equipped to help protect the global financial system from use by illicit actors.

Explore AskFIN

Recommended Blogs

Toward a Financial Integrity Risk Management Program

December 19, 2024

This article explores the commonalities between AML, sanctions compliance, ABC, fraud risk management, and export control compliance programs and recommends that organizations consider using a holistic financial integrity risk management and compliance framework.

Safeguarding Trust – How to Balance Innovation and Security in Gen AI-Powered Compliance

December 12, 2024

This article explores how privacy-first architecture, robust guardrails, and source transparency can build trust while ensuring responsible AI deployment in compliance solutions.

Webinar Recap – The Dos, Don’ts & Expert Insights on Beneficial Ownership

December 10, 2024

In our recent webinar, regulatory, investigative, and anticorruption policy experts discussed some of the nuances relating to the U.S. Corporate Transparency Act (CTA) and its Beneficial Ownership reporting requirement. Explore the highlights in this article.

A Tipping Point

December 5, 2024

Learn how gen-AI is reshaping the industry and how tools like AskFIN, IFI’s gen-AI-powered financial crime assistant, are leveraging authoritative resources and privacy-first architecture to drive meaningful innovation.

Side Quest

November 19, 2024

“Side quests” are initiatives that align staff motivations, interests, and experience with discretionary projects. They provide solutions to enhance staff engagement, performance, and retention, and are particularly valuable where resource constraints may slow promotions or pay increases, or where compliance tasks involve repetitive work.

Calibrating the Crosshairs

November 13, 2024

This article outlines a practical six-step process financial institutions can follow to implement export control red flags within their compliance program. They are referenced as a key requirement in regulatory expectations of financial institutions, which continue to increase in response to recent geopolitical events.

Unverified and Unsure

November 7, 2024

The Commerce Department’s Bureau of Industry and Security maintains and administers several lists that involve goods, software, and technology, governed by the Export Administration Regulations. The Unverified List is just one of these. What is the Unverified List and what due diligence obligations do entities that transact with parties on the Unverified List have?

Big Fines, Bigger Lessons

October 30, 2024

TD Bank’s $3 billion fine highlights a growing trend: regulators are cracking down hard on weak AML programs. Discover why fines are skyrocketing and how strong AML training can help safeguard your institution.

Risky Convergences

October 28, 2024

New digital solutions in money laundering and underground banking have facilitated the expansion of the criminal business environment in Southeast Asia, integrate billions of criminal proceeds into the formal financial system and enabling the growth of new criminal organizations.