Emily Foges, CEO, Luminance, and Emma Walton, Knowledge and Innovation Manager, Slaughter and May, suggest ways that artificial intelligence can be harnessed by corporate governance professionals in the area of regulatory compliance.
Artificial intelligence (AI) has become entwined in business processes across a range of industries. Increasingly we see corporate leaders and innovation teams proactively exploring how they can harness AI in their workflows to increase efficiencies, attain time savings and better manage risk. When people speak of AI, they are typically referring to a set of technologies that include machine learning – the ability of a platform to automatically learn and improve from experience without being explicitly programmed. With AI already routinely deployed in certain repetitive tasks, it is apt to explore how AI can be harnessed by corporate governance professionals in the area of regulatory compliance.
The pain points of regulatory compliance
Corporate governance professionals face the formidable task of ensuring that their organisations are managed according to proper governance standards and processes. Internally, this means instituting mechanisms and policies to govern decision-making processes. Externally, corporate governance professionals need to stay on top of changing regulatory requirements in order to ensure that their organisation remains compliant with the rules and standards of the business and political environment in which it operates.
With the explosion of enterprise data, this is a growing challenge for corporate governance professionals. The sheer volume of data and documentation within an organisation can make it a challenge to locate potential risk and ensure that the organisation’s processes and documentation keep pace with regulatory changes. Organisations with lean teams and limited resources run the risk of missing crucial details amongst the masses of documentation.
Enter artificial intelligence
It is against such a backdrop that corporate governance professionals are increasingly turning to AI to meet the demands of regulatory compliance. While document review and data extraction software have been around for a while now, such legacy software often requires extensive set-up and training. The user first needs to introduce rules and predefined parameters in order for the platform to be able to perform certain tasks, such as recognise named entities (for example a company name) or extract figures from text within a document into an Excel sheet. The process of configuring such software can be time-consuming and detracts from the time savings the software is meant to bring about in the first place.
However, the increasing sophistication of machine learning algorithms has meant that we now have access to solutions that are far more flexible and adaptable to a range of use cases without the need for extensive configuration. Sophisticated machine learning systems are able to digest data and draw out significant patterns and correlations at near-instant speeds, rendering them perfect for tasks that involve repetitive processing of large volumes of information where attention to detail is paramount.
At their core, advanced AI platforms rely on pattern recognition technology to comb through vast volumes of documentation and identify repeated patterns, thereby reducing hundreds of variations into manageable clusters based on their similarities and differences. Such AI platforms are able to locate key information within a body of data, identify standards and deviations, and therefore flag anomalies which are potential risks for the organisation.
Some areas where AI has been deployed for corporate governance include fraud detection, where AI assists forensic teams in searching unstructured documents for target information, and trade surveillance, where AI combines trade data with electronic and voice communication records to track emerging patterns of behaviour among traders and predict latent risks. AI has also been used extensively in the area of document review.
Responding to changes in legislation and meeting deadlines
AI platforms have also been helping corporates respond to changes in legislation. For instance, when the EU General Data Protection Regulation (GDPR) was first introduced in May 2018, many organisations struggled to determine how their processes for collecting and managing personal data had to change in order to comply with the regulations. Furthermore, legal teams also had to review existing contractual relationships with suppliers and other key stakeholders to ensure that data privacy provisions were compliant. Even when time is spent trawling through thousands of contracts in the hope of identifying every relevant data privacy clause, this process cannot provide absolute certainty that all exposure has been identified.
Prior to the introduction of the GDPR, a law firm and an AI solution provider worked together with one of the law firm’s financial services clients to harness the power of AI to review thousands of contracts which might need to be amended before the new regulations came into force. The AI platform’s pattern recognition algorithms quickly grouped documents based on their conceptual similarities. As a result, those conducting the review could easily identify groups of contracts that had similar drafting and therefore review just a handful of documents within that cluster, applying the analysis to the documents that shared the same characteristics. This allowed the team to quickly identify the documents which required amendment and those which did not. Once those documents which required amendment had been identified, a more detailed review of the relevant clauses could be carried out. Without AI this would have been a daunting, time-consuming process. With the help of the AI platform, the review time per document was reduced from 40 minutes to 6 minutes on average.
AI platforms can assist clients who find themselves in the midst of a data breach. A law firm’s data protection team taught an AI platform to read commercial contracts and to identify any jurisdictions in which a data breach notification must be made, as well as the timeframe for making that notification. This information can be quickly extracted into a report so that within minutes the company is equipped to formulate an action plan for making data breach notifications.
The workflows described above in the GDPR context can be applied to other areas of compliance or any change in legislation which would potentially result in a re-papering exercise.
The benefits of deploying AI in regulatory compliance
As seen from the examples above, deploying AI in regulatory compliance would enable corporate governance professionals to overcome some of the difficulties of managing an organisation’s documentation and processes. Instead of reviewing a hundred different contracts that look somewhat similar, with the help of an AI platform you can instantly determine that there are, for example, only five main clusters of documents and focus on the meat of the review. Beyond the time savings brought about by the removal of repetitive work, effectively harnessing AI removes the need for risky sampling methods and gives corporate governance professionals renewed confidence that they have conducted a rigorous review and attained a more holistic understanding of the business.
As businesses increasingly incorporate AI into their processes, it is important to recognise the capabilities and limits of AI in order to achieve the right balance between the roles of humans and AI in any workflow. AI can be deployed for some of the low-level repetitive work, but the analytical layer of document review remains the responsibility of humans. While document review software can instantly pinpoint the one contract out of a thousand similar contracts that has a differently worded data privacy clause, it is still up to the professional to determine the implication of this anomalous wording based on their understanding of the organisation’s risk profile, interests and priorities at a given point in time.
Shameek Kundu, Chief Data Officer at Standard Chartered Bank, has been quoted in the Financial Times stating that using AI is ‘about improving our risk appetite, reducing the risk but also increasing our ability to take risk’. With risk management being a central aspect of corporate governance, effectively harnessing AI allows corporate governance professionals not just to identify risks more astutely but to strengthen the organisation’s overall capacity for risk management.
With AI taking the burden of low-level cognitive tasks, corporate governance professionals can focus on providing recommendations for the business and better position themselves as advisers of business strategy.
Knowledge and Innovation Manager, Slaughter and May