What’s next in AI-assisted governance, risk and compliance

By | 3 minute read | November 2, 2021

“You need a technology plan that’s aligned with your risk and compliance objectives,” says Heather Gentile, Head of RegTech Offerings, Data and AI at IBM. In an episode of the executive video series “Compliance Over Coffee,” Gentile and Brian Clark, co-founder of regulatory knowledge platform Ascent, discuss the partnership between Ascent and IBM OpenPages with Watson to handle governance, risk and compliance (GRC) for clients. The two discuss the responsibilities that come with digitalization, proactive measures for compliance, the importance of trust, and what’s next in compliance trends.

Gentile points out the two sides of the trend toward total digitalization. “With ‘going digital,’” she says, “we see organizations collecting more information about their clients than ever. On the good side, you have a lot of data available for AI analysis. The challenge is, you need a data governance framework that allows for the secure collection and organization of that data so that it can be securely leveraged.”

Using the predictive capabilities of AI, organizations can get more proactive with their compliance strategies. IBM OpenPages integrates with Ascent to bring obligation data into OpenPages and help organizations look ahead, rather than simply react. “You can’t always predict where the Administration is going to go with their new legislation,” Gentile says. But there’s an opportunity to start earlier, make plans and involve stakeholders in a more collaborative approach to compliance. “The lines between first line, second line, third line are really starting to blur now,” she says. “If you can anticipate the risks accurately, you’re less inclined to have an audit issue to clean up later.”

“By combining Ascent’s knowledge with IBM OpenPages, we’ve created an integration that helps make the process of compliance more seamless, repeatable, and scalable than ever before,” says Brian Clark, President and Founder at Ascent. “Ascent’s RegulationAI solves an actual business problem, and our partnership with IBM focuses on maximizing this impact.

“From ‘Compliance Over Coffee’ to the IBM RegTech Summit, we are working together to help the market distinguish between smoke and mirrors and true value-add technology. Ultimately, we’re on a mission to help firms ‘de-risk’ their business in a cost-effective and accurate way.”

Gentile emphasizes the advantage of the IBM approach to AI, which emphasizes trust and transparency, breaking open the “black box” of AI. Many organizations are eager to adopt AI models to support business strategies, she says. Those organizations need to have control of, and insight into, how the models operate. “You can set everything up with the best of intentions from a governance perspective,” she says, “but a big piece of people being able to accept AI is through effective controls.”

To scale GRC solutions, financial services firms are looking to the cloud and hybrid cloud. That, says Gentile, is where they can leverage containerization on the Cloud Pak for Data platform. Now that IBM OpenPages is part of Cloud Pak for Data, OpenPages has a direct integration with Watson Knowledge Catalog to address data governance.

Gentile points out GDPR regulation from the EU, and the intense work that organizations went through to comply. This work isn’t over, thanks to similar data privacy laws in states such as California, as well as potential federal regulation under the new administration. But Ascent and IBM OpenPages can make it easier. With anticipatory requirements and control suggestions from Watson Natural Language Classifier inside of the OpenPages UI, based on a repository of regulatory data, clients can save time on data mapping and administration, so they can focus better on analysis.

Gentile places regulatory compliance within IBM OpenPages paradigm of infusing AI throughout an entire organization. Clients can use OpenPages to optimize the compliance process end-to-end. “We’re seeing more and more that IT is not just a stakeholder in the risk and compliance buying decisions, but more of a decision maker and a collaborator.” That makes it important to align an organization’s GRC objectives with its technology plan. There’s a lot of work ahead, and organizations that automate, integrate and optimize end-to-end will come out ahead.