AI Governance

In December 2024, Corporate Compliance Insights highlighted a significant trend: while artificial intelligence (AI) adoption is accelerating across industries, the implementation of governance controls is not keeping pace. This disparity raises concerns about potential risks associated with unchecked AI deployment.

Widespread AI Adoption Amidst Governance Gaps

A Deloitte survey revealed that nearly two-thirds of organizations have integrated generative AI into their operations. However, a substantial number lack proper governance frameworks: 21% of extensive AI users and 41% of limited users have no controls in place. This oversight is alarming, especially as AI systems increasingly influence critical decision-making processes.

Casey Kacirek, Internal Audit Managing Director at Deloitte & Touche LLP, emphasized the urgency of establishing AI governance: “Organizations adopting GenAI tools must also implement corresponding guardrails—ideally before deployment.” Without these measures, companies risk unintended consequences and compromised output integrity.

Financial Services Sector: High Stakes and Lagging Controls

The financial services industry exemplifies this trend. Research from Smarsh indicates that while 81% of large firms feel compelled to adopt AI to stay competitive, only 32% have formal governance programs in place. This gap is concerning, given the sector’s reliance on data accuracy and regulatory compliance.

Neva DePalma, Chief Marketing Officer at Smarsh, highlighted the risks: “The absence of established AI governance poses significant threats.” Firms are particularly wary of “shadow AI”—unauthorized AI tools used by employees—which can lead to data breaches and compliance violations.

AI-Enhanced Cyber Threats on the Rise

The integration of AI into business operations has also led to an increase in AI-driven cyberattacks. A report by Sophos found that one in four organizations experienced AI-enhanced security breaches in 2024. These sophisticated attacks can bypass traditional security measures, making robust AI governance and cybersecurity protocols more critical than ever.

The Path Forward: Implementing Robust AI Governance

To mitigate these risks, organizations should prioritize the development and implementation of comprehensive AI governance frameworks. Key steps include:

• Establishing Clear Policies: Define acceptable AI use cases and ensure all deployments align with organizational values and regulatory requirements.

• Employee Training: Educate staff about the potential risks of unauthorized AI applications and promote adherence to established guidelines.

• Continuous Monitoring: Regularly assess AI systems for performance, bias, and security vulnerabilities to maintain trust and efficacy.

By proactively addressing these areas, companies can harness AI’s benefits while safeguarding against its inherent risks.
-CP