AI isn’t magic. But it can help Compliance Professionals. A lot.

Since the release of OpenAI’s ChatGPT in November 2022, the AI hype has taken over the world. Even law firms (the most tech-conservative bunch I can think of) moved to adopt GenAI in their day-to-day work to enhance productivity and efficiency.

The truth is that AI, or more precisely, machine learning (ML), has been quietly helping to solve complex problems for years. Think AML, transaction monitoring, eDiscovery, or any other area where you need to process significant amounts of data.

It’s time for Corporate Compliance to leverage the benefits of AI, too.

What can AI do for us?

There is a lot of hype around AI. But let’s be realistic here—some features are nice to have but might not necessarily enhance your program. Nor are the LLMs smart enough to replace compliance expertise or solve ethical dilemmas employees face.

But it can definitely help.  Here is how:

Increase productivity and enhance the efficiency of compliance operations.

There is a lot we can borrow from early adopters in the legal sphere:   

• Document review, compliance analysis and research. We can focus on more strategic matters by freeing up time from these mundane tasks.
• eDiscovery. Almost all leading tools on the market now incorporate AI/ML in their eDiscovery tools. Enormous savings on time and resources when you do your compliance investigations.
• Drafting and document creation. Okay, I would not trust AI to create a ready-to-go Quarterly Board Update presentation, but it can still help to generate early drafts.
• Automating routine and repetitive tasks. We all need that!

A word of caution here: think of confidentiality, IT security, and the quality of the AI model (including the data it was trained upon). So, if you are thinking about uploading your confidential data into ChatGPT, think again. Instead, there are many options where (a smaller) LLM model can be put on your server or machine, and you can train it on your company’s reliable data.  

Red flags and suspicious activity identification.

This has been used in RegTeg for quite some time (AML, transaction monitoring, etc.). More and more third-party screening resources are now using it to weed out false positives. It might not be a perfect tool yet, but it certainly helps when you have significant volumes of transactional data.

With the continuing focus on sanctions and export controls compliance nowadays (hello, the 14^th EU Sanctions package), it can be an essential tool to identify non-compliance in the vast amounts of shipment, supply chain or sales transactions data.

Ethics & Compliance LLM “Co-Pilot”.

Upgrade dummy chatbot with GenAI. While AI cannot solve ethical dilemmas or complex compliance issues for us, it can bring the right information in a simple, user-friendly and human-like style to help employees do the right thing. It can be especially helpful when you don’t have on-the-ground compliance resources in all your locations. This way, you can ensure the right information is delivered when and where needed. Of course, that’s on the assumption the model is trained on the right data (my point above is valid here, too)

Predictive analytics, working out the conduct patterns and root cause analysis.

This is where AI can help like no other. By analysing vast amounts of historical data, your AI solution can help you work out the conduct or transactional patterns. Once you see the emerging patterns, you can look at them through the prism of root-cause analysis, cause-to-effect links, and lessons learned from past compliance incidents and misconduct. Does it all make sense? Are there any anomalies in the data? Something unusual? What do trends show? Dive in. And you don’t need to be a data scientist to do this.

There is much more you can do in the predictive analytics field. These are the types of solutions we at Comhla are working on. Reach out, and we will be happy to discuss them with you in more detail.

Still not magic

At the end of the day, AI is just a tool. It can not and would not replace compliance expertise, solve ethical dilemmas or fix fundamental flaws.

If the organisation lacks well-designed and operating business processes capable of producing quality and usable data, there will be nothing to feed into the model, no matter how well it is built. The quality of design and effectiveness of the compliance program operation are also essential elements.

In other words, if your program is at the stage of “adequate procedures,” meaning that you have great policies covering all legal requirements, but those policies are not embedded in business processes, operate, or produce reliable performance data, your focus should not be on AI but on building, embedding, and operationalising compliance processes.

AI cannot solve corporate culture failures either. Leaders must lead by example, set the right tone, walk the walk, engage, and build trust and psychological safety in the organisation. No tech can replace this.

Embarking on a Project

By now, the benefits of adopting AI in Corporate Compliance are clear. But without addressing the fundamentals, it is a lost investment. This is what Compliance leaders need to consider before embarking on an AI project:

• Ask yourself: What problem are you trying to solve with an AI tool? Is it the right solution? Define your objectives and intended outcomes. Set realistic expectations and understand the limitations.
• Planning and Strategy: I have reviewed dozens of compliance and GRC systems and platforms. Despite what sales folks say, there is no such thing as a “plug-and-play” GRC platform. The same is true for AI tools. Acquisition, implementation, customisation and integration, testing, and rollout require meticulous planning.  
• How good are your compliance processes and the data they produce? AI is only as good as the data it processes. Remember Process, Organisation and Systems. For this, organisations must have effective processes capable of producing accurate, well-organised, and accessible data. If that’s not the case, your first priority should be to build a robust and working Compliance Program.
• Change Management and upskilling your workforce: AI isn’t just about plugins into your IT infrastructure. It’s about people who use it, how they work, and the processes they operate. Managing change is essential.
• Establish Governance and human intervention points. The review shall be conducted by someone with the authority and empowered to change the automated decision-making. Security and data privacy are other essential considerations.
• Monitor and Adjust: Allow room for flexibility. Your AI tool will require tweaking and recalibration as it matures and your compliance processes evolve.

AI can improve your prevention and detection processes and generate insights needed to improve your Compliance Program. It can point to trends and help to predict the likelihood of achieving intended outcomes. AI is not a panacea, but with the proper preparation and deployment, it can be a game-changer in your compliance toolkit.  

Thank you for reading, and enjoy the rest of your weekend. See you next Saturday!

---

If you are embarking on your own compliance transformational journey and need help designing and enhancing your compliance program, get in touch with us. We are here to help!

Comhla Intelligent Compliance

At Comhla, we are driven by a mission to revolutionise the way organisations approach compliance and misconduct prevention. By leveraging our in-depth governance, compliance and internal control expertise, actionable data insights and cutting-edge applied research in organisational science, we help our customers build effective regulatory and compliance management to safeguard their license to operate, protect the bottom line and enhance reputation as responsible businesses.

Follow us on LinkedIn: https://www.linkedin.com/company/comhlaic 

Learn More https://comhla.co

We aim to publish weekly.  The information provided in this newsletter is not intended to and does not render legal, accounting, tax, or other professional advice or services.