Securing Data Privacy Compliance When Applying AI in Finance

May 4, 2023

Operational efficiency is a priority for corporate leaders, with AI gaining accelerated traction across industries. While AI has shown multiple benefits and shown significant results, those in regulated industries like finance, are raising specific questions concerning security, data validity and general ethics surrounding AI, especially regarding data privacy. Whether a finance-focused business is applying AI to improve contract management, provide a better customer experience or improve fraud detection, the measures controlling how data is used and retained remain critical.

Colby Mangonon, Associate General Counsel at Evisort believes that financial, legal, IT and operations teams should assess the appropriate data privacy regulations when planning to integrate AI to ensure they are compliant and avoid any potential issues with customers, stakeholders or regulatory groups. Mangonon believes that finance businesses should ensure integrating AI is protected by a structured information security framework and data processing policies to safeguard customer data.

Applying AI to finance

As finance businesses develop their technology stacks to improve efficiencies, many have reinforced their technology with AI-focused solutions to enhance the results of their operations. Some finance companies have started applying OpenAI’s GPT products to enable advisors to deliver vital research and data. For example, a payment processing leader is leveraging AI to differentiate between authentic and mistaken fraud detection and avoid card declines. Another financial business is applying AI to deliver customised contracts and digitally work with internal stakeholders to meet all requirements. AI also delivers multiple opportunities to enhance revenue-focused operations, like accelerating customer services like loan processing or onboarding.

Aside from the benefits, the legal aspect within finance businesses is very aware of the challenges AI presents with privacy and security for customers, stakeholders and business data.

Concerns over Artificial Intelligence (AI)

While AI-driven technology can be very useful for daily operations, there are some concerns about the specifics of data at the business level. Some questions are more specific when exploring generative AI models. For example, ChatGPT has already received added scrutinisation while governing bodies explore the potential legal implications of applying this technology. For example, Italy recently banned the platform, with other EU nations raising concerns about how AI-related data tools meet the standards of GDPR.

Aside from the regulatory concerns, several financial businesses are cautious of using public third-party AI tools for fear that data could be exposed. Leading organisations like Goldman Sachs Group and JP Morgan have temporarily banned using ChatGPT for business communications while they determine a safe and effective way to apply these technologies.

These concerns don’t mean we should avoid AI to protect data in finance, but it means in legal teams must carefully consider each solution to ensure they meet regulatory standards for data privacy and security. Protecting your business when applying AI requires a deep understanding of the specifics and the parameters used to build their technology. Finance leaders should determine the specific data planning to implement into an AI model, as this plays a critical role in selecting the best platform for your organisation.

When exploring business solutions, businesses should consider the following: what are the AI data training practices used, what are the security frameworks and measures, and is the provider using a custom AI model or a third party?

Being careful in examining AI solutions, finance leaders can leverage all the benefits of AI and continue to remain compliant with regulatory standards while eliminating the risk of compromising data.

As AI continues to gain traction in the enterprise tech landscape, legal teams within finance companies will be responsible for meeting data privacy standards and allowing businesses to enhance their operations. With this mindset and a structured approach, businesses can deliver better outcomes and create a competitive edge.

Written by:

Connect with :

Recent News & Insights