There are time tested, familiar practices that are hallmarks of well-crafted compliance programs. These practices include embracing regulatory obligations, being committed to best practices, and creating a framework of policies and procedures that enable the firm both to do its business and to detect breakdowns.
For years, compliance professionals have had oversight processes where they would test and look out for possible issues. But the rise of real-time fintech use cases and artificial intelligence will increasingly challenge how the compliance function can carry out its oversight role.
In the past, compliance departments relied on a set of established practices to stay informed about changes in regulations and to identify potential issues that could lead to non-compliance. These practices were specifically designed to help their firms to detect and prevent compliance problems. Some examples include:
These are just a handful of examples of how firms, over time, have managed their regulatory and compliance obligations. While this did the job in times past, the rise of technology in financial services requires new thinking as to how compliance oversight happens. As useful as these tools have been, each share one potential weakness: Current compliance tools are limited because the feedback is episodic… real-time detection, under current protocols, is typically impossible. Absent doing things in new ways, no compliance program, even if staffed by armies of compliance officers, could realistically detect and prevent breakdowns in real time, and therefore mitigate its regulatory risk.
This is where artificial intelligence (AI) could be a game changer in how compliance is overseen and executed. Well-designed AI tools can conceivably act as a virtual compliance officer who, 24/7, can analyze data in real time to help administer real-time compliance with dedicated oversight by human experts.
Consider as an example a common ethics obligation involving assessing conflicts from outside business interests. The compliance officer’s goal is to identify situations where staff members in a securities firm might present a conflict of interest due to an outside interest. Since the only plausible tool is employee self-disclosure, the firm has had no choice but to rely on the bona fides of the employee. Absent some type of intervention, there is no way for the firm to detect hidden inappropriate outside interests or hidden unlicensed activity.
Ebook → AI insights survey: Adopters, skeptics, and why it matters.
Another example is the 2019 introduction of Reg BI. Compliance officers overseeing a registered rep’s securities recommendations now have enhanced standards as to whether the recommendation is in the best interest of the client. Particularly with the advent of digital investment advice, compliance oversight that is based on conducting episodic reviews may over time be deemed insufficient.
Similarly, in the case of detecting potential anti-money laundering weaknesses, an episodic adverse media screen may miss a potential violation involving potentially exposed persons and their close associates, not to mention indicia of criminal activity.
These are some examples where the general ability to detect outlier behavior in real time could be a tremendous help to already overworked compliance officers. The chance of a “miss” could be mitigated significantly, as would liability to the firm. The ability for AI to continuously screen for such risks can ease the burden of compliance professionals and significantly mitigate risk.
Real-time monitoring and analysis capabilities powered by AI could also mitigate the risks of a securities compliance officer facing potential SEC liabilities. Under current SEC interpretations, a compliance officer faces liability when that officer (i) affirmatively engages in misconduct unrelated to the compliance function, (ii) purposely obstructs or misleads regulators, or (iii) has exhibited a wholesale failure to carry out his or her responsibilities.
While the first two prongs are self-evident, the “wholesale failure” test has the risk of being in the eye of the regulatory beholder. A capability that catches compliance issues early through real-time monitoring could put compliance officers in a better position to demonstrate that they had taken swift action to address potential problems, thus enhancing their ability to defend themselves against an allegation of “wholesale failure.” AI could help compliance professionals meet their responsibilities.
As an added bonus, continuous AI support could free compliance and risk professionals from wasteful, often less impactful tasks, enabling them to focus on higher-order issues.
At the “SEC Speaks” event this past April, Richard Best, the Director of the SEC’s Division of Examinations, sent a clear message of expectation:
“Compliance officers and their staff must remain vigilant and scan the horizon for new and emerging risks to ensure their compliance programs continue to offer appropriate assistance and guidance to their firms, and strong protection to investors.”
A real-time AI compliance oversight program could go a long way toward satisfying the SEC’s expectation of “remaining vigilant” and “scanning the horizon” for new and emerging risks. The ability to use robust AI tools may increase the effectiveness of a firm’s compliance function. A firm that fails to responsibly keep up with new capabilities may risk unnecessary breakdowns and could be harshly judged by regulators and the marketplace.
Learn how financial services compliance and marketing professionals are thinking about and using AI in the ebook, AI insights survey: Adopters, skeptics, and why it matters.
The opinions provided are those of the author and not necessarily those of Fidelity Investments or its affiliates. Fidelity does not assume any duty to update any of the information. The information regarding AI tools provided herein is for informational purposes only and is not intended to constitute a recommendation, development, security assessment advice of any kind.
1146087.1.0