Firms face data governance challenges due to the changing regulations around information security. The introduction of artificial intelligence (AI) into the environment may be a solution as they navigate and adopt new technologies.
Due to time pressure, employees may deliberately avoid established company procedures and work outside of processes, using their own software and data storage solutions to meet deadlines. On the surface this may meet the end goal of the engagement, but it puts firms at risk of non-compliance.
It is easy to lose sight of what policies need to be applied due to complex security requirements
International networks of firms have the additional complexity of tailoring practices to each region in order to adhere to local data security laws, industry regulations and standards.
To mitigate these risks, IT departments can look to AI solutions that enforce policies and build compliance measures into their information management systems.
Help with protocols
The many thousands of documents that firms handle each busy season are subject to some level of compliance. It is easy to lose sight of what policies need to be applied due to document sprawl, complex information security requirements and the sheer volume.
AI can support compliance with data security protocols by applying pre-defined rules based on the type of document or information. This can include documents that require signature or review, those that include personally identifiable information data that is part of a specific or confidential client engagement, or those subject to a retention policy. The technology can identify the relevant category of information and apply predefined conditions, automatically eliminating manual error or workarounds.
Staff can focus on more complex work, and the IT department can ensure that policies are enforced
At the same time, AI can capture summaries of information using large language models and retrieve relevant information quickly via prompts. This saves staff time when reviewing historical information or performing research. With less time pressure and AI-driven security measures, staff can focus on more complex areas of their work and the IT department can ensure that policies are enforced.
Continuous learning
The process of enhancing the information security environment using AI begins by setting up automated information management systems, where the firm classifies small sample sets of data in the system. AI begins to identify patterns in the classifications, and learns how to analyse the data and re-perform the classification correctly.
The more widely the program is used, the faster it can apply logic based on patterns
Early on in the process, firms need to be hands-on to guide machine learning and correct errors in the event of any misclassifications. The more widely the program is used correctly, the faster it can learn and apply logic to data based on the patterns identified during its learnings.
Firms can pair the AI with their third-party information management software and other existing tools, applications and document repositories. This creates a unified system that automatically updates itself, so it is also simpler to maintain.
AI capabilities are just getting started. Going forward, they will improve the oversight and compliance environment for firms and IT departments.
More information
See the AB article ‘Tech takes on risk’
See also ACCA’s Quick guide to AI
