Bridging the Gap Between Artificial Intelligence and Compliance

Will Artificial Intelligence (AI) replace me? Will I have a job in the future? Will my knowledge and expertise become obsolete? These were the first thoughts that crossed my mind, about 10 years ago when I first heard about AI. Would I be able to keep my job, or would I have to “surrender” it to a mechanical being that could replace the need for a human?

Since then, much has changed and the perception of what AI is has evolved, though it still poses some ethical dilemmas and challenges certain laws, including employment law, copyright law and human rights law, as well as the GDPR, among others. However, the recent approval of the Artificial Intelligence Act (the AI Act) by the European Commission in May 2024, has confirmed that AI systems are an innovative technology which, when subject to regulatory requirements, should be adopted to increase efficiency, reduce costs, enhance security and improve an organisation’s product offerings.

The AI Act has been introduced to provide reassurance to the sceptical, aiming to protect fundamental rights, democracy, the rule of law and environmental sustainability from high-risk AI. It establishes consumers’ rights to file complaints and receive meaningful explanations. The regulation adopts a risk-based approach where AI system obligations are derived from their potential risks and level of impact, meaning the higher the risk of societal harm, the stricter the rules. The AI Act will be fully applicable 24 months after its entry into force and some parts will take effect sooner:

• The ban of AI systems posing unacceptable risks will apply six months after the Act’s entry into force
• Codes of practice will apply nine months after the Act’s entry into force
• Rules on general-purpose AI systems that need to comply with transparency requirements will apply 12 months after the Act’s entry into force

High-risk systems will have more time to comply, as the obligations concerning them will become applicable 36 months after the Act’s entry into force.

But what does AI have to do with compliance and how can it be used in the compliance field? Credit and financial institutions can modernise compliance by strategically blending AI technologies with their staff’s regulatory expertise. AI can assist the Compliance Function by automating the monitoring of transactions and customer activities, identifying complex patterns and anomalies that might indicate non-compliance or fraudulent activity. It can provide real-time alerts for potential compliance breaches, enabling faster response times, and can be used as a predictive analytics tool to alert Compliance Officers to potential breaches before they occur. AI can also be utilised for risk assessment and scenario analysis and through Natural Language Processing it can interpret and analyse new regulations, making it easier to understand and implement changes. Additionally, AI can automate reporting and generate accurate and comprehensive reports, reducing the time and effort required by Compliance Teams. Integrated automation also alleviates the burden of mundane tasks like data entry and document processing, leading to efficiencies and cost savings, while minimising human errors, thereby allowing more time for strategic thinking.

The AI Act requires organisations to establish an internal governance framework to ensure that integrated AI systems are ethical, transparent and accountable. This involves setting clear guidelines for AI development and use and establishing oversight mechanisms – a responsibility that will more likely be entrusted to the Compliance Function to implement and ultimately oversee.

Most importantly, AI can aid in decision-making, providing insights to Compliance Officers that might otherwise be unavailable, given the vastness of the legal framework and ever-increasing regulatory requirements. The use of AI systems under the Act mandates these systems to be overseen by humans. Therefore, the need for the Compliance Function to be staffed by experienced and knowledgeable personnel surpasses the capabilities of any AI, as critical thinking and the interpretation of emotions, unspoken signals and words are aspects that AI cannot replace. While AI can automate, analyse, identify and report, a Compliance Officer can interpret the information produced and provide insight to the organisation and Management, making Compliance more of a strategic ally than a nuisance.

So, will I be replaced by AI? Most likely not in the next 10 to 20 years but some tasks might be – and that is ok. The result? Enhanced operational efficiency, cost and time savings, reduced risks and a stronger regulatory position.

By Vicky Christofidou & Christiana Loizou, ECOMMBX

Contact Information:

Address: 27 Pindarou Street,1060 Nicosia, Cyprus | Tel: +357 22270349

e-mail: info@ecommbx.com | Website: www.ecommbanx.com