In the recent decade, the value of Artificial Intelligence (AI) has been demonstrated in many industries. These trends have increased the interest of many organizations in AI technologies, not just to streamline business operations, but also to gain a competitive advantage.
However, the deployment and use of AI to support business operations may present significant risks to individuals, groups, and even society, if not managed according to clear principles and practices, such as those represented in particular sets of authoritative rules. That management would mitigate the possibility that AI could infringe upon fundamental rights of the individuals and groups subjected to it. For example, screening resumes for prospective employment candidates using AI that is biased towards specific genders or ethnicities would clearly be unacceptable.
Authoritative rules come in different forms and have diverse application domains. They can be:
Therefore, to scale the deployment and use of AI, organizations should establish a compliance management program – one that addresses relevant requirements from applicable AI authoritative rules. Such a program constructs guardrails around the use of AI so it is consistent with the organization’s principles and values, as well as with its stakeholders’ expectations and demands.
The complexity and ever-changing nature of the authoritative rules an organization must follow can be overwhelming. In addition, introducing new AI rules may negatively impact the state of compliance to some pre-existing rules. It is, therefore, more effective for the organization to handle AI compliance in a systemic way to allow for a consistent compliance approach across the organization and leverage appropriate controls to meet applicable requirements.
Updates to existing AI authoritative rules and the emergence of new ones may require significant changes in the way an organization has set up its compliance program and controls. In addition, adapting to new AI requirements may introduce a level of complexity that is beyond what the organization has been prepared to take on.
To efficiently adapt to these changes, organizations should proactively monitor the development and modification of the relevant AI authoritative rules.
When an organization is subject to several AI authoritative rules, it is often difficult to narrow down the full set of AI requirements that should be addressed in a specific context. This is because mapping requirements from AI authoritative rules that are issued by different sources for different jurisdictions is a complex task that crosses several expertise areas (e.g., AI, privacy, security).
Using in-house or third-party outsourced resources, such as IBM Promontory Services, organizations can map out common AI requirements that need to be fulfilled consistently and supplemental ones that can be addressed as needed.
An effective AI compliance management approach includes a clear communication of the right practical steps to realize AI compliance objectives.
Organizations should develop appropriate process enablement and education activities to help employees understand their organization’s AI compliance objectives, their role in meeting those goals, as well as how to proceed in practice.
Enforcing AI compliance, using relevant technical and organizational measures, is critical.
A positive compliance enforcement approach, based on promoting trust and transparency rather than overemphasizing verification, is often more effective because it allows the organization to get the full support of its employees to meet AI compliance objectives.
Technology plays an important role in supporting an effective AI compliance program. For example, it can help:
With an effective AI compliance program, sponsored by leadership and endorsed by employees, companies can achieve the compliance needed to infuse trustworthy AI throughout the enterprise.
For more information:
Learn how the EU AI Act will impact business, how to prepare, how you can mitigate risk and how to balance regulation and innovation.
Learn about the new challenges of generative AI, the need for governing AI and ML models and steps to build a trusted, transparent and explainable AI framework.
Read about driving ethical and compliant practices with a platform for generative AI models.
Gain a deeper understanding of how to ensure fairness, manage drift, maintain quality and enhance explainability with watsonx.governance™.
We surveyed 2,000 organizations about their AI initiatives to discover what's working, what's not and how you can get ahead.
Learn how to select the most suitable AI foundation model for your use case.
Govern generative AI models from anywhere and deploy on cloud or on premises with IBM watsonx.governance.
Prepare for the EU AI Act and establish a responsible AI governance approach with the help of IBM Consulting®.
Simplify how you manage risk and regulatory compliance with a unified GRC platform.