US bolsters AI regulation and compliance standards

The initiatives are set to intensify scrutiny on policy issues related to effective use of AI in the justice system. The DOJ has already used such software to boost areas such as the fight against drugs trafficking, the assessment of public tip-offs given to government agencies, and the analysis of data evidence in an array of legal cases. 

The Deputy Attorney General also unveiled updates on corporate compliance guidelines for firms developing, selling or implementing AI tools. The new guidance is now set to be integrated into the DOJ’s Evaluation of Corporate Compliance Programs, and will impinge upon such programs to analyse and offset risk stemming from business use and/or sale of AI and other pioneering wizardry.

US firms falling short of compliance standards may find themselves facing far more challenging pathways to corporate criminal resolutions, which may lead to more complex compliance measures, the allocation of an independent compliance supervisor, and stiffer penalties.

Monaco’s speech also underlined increasing governmental fears over the dangers of AI in criminal hands. Where technology “is deliberately misused to make a white-collar crime significantly more serious, our prosecutors will be seeking stiffer sentences — for individuals and corporate defendants alike”, Monaco said.

Statements were also made regarding a new DOJ whistleblower scheme to incentivise the reporting of corporate malpractice, with pilots of the program pencilled in for later 2024.

Resonating with the US government’s strengthening posture in this area, the US Attorney’s Office for the Southern District of New York recently charged two individuals with hacking online entertainment accounts and gambling platforms and then selling associated PII data on the dark web. The accused men advertised their fraudulent services with the help of images created by generative AI tools.

Know the risks

Monaco’s statements underscore the growing emphasis that world governments are putting on the development of safeguards around the use of AI in business. 

These issues and many more related to corporate governance, risk and compliance (GRC) will be explored this month at PrivSec & GRC Connect Chicago, in sessions dedicated to exploration of good practice on the rapidly evolving AI landscape.

Speaking recently to GRC World Forums, RegTech Adviser and Law Professor at Fordham Law School, Stan Yakoff described some of the key challenges that businesses face as they integrate AI with compliance functions.

“Trying to rush a ‘solution’ without clearly understanding and articulating the problem statement being solved,” was one issue Yakoff underlined.

“Counter to the hype seen today, there are plenty of problem statements where ‘AI’ is not the most effective answer and there is a simpler, more cost-efficient, and timely approach,” Yakoff added.

“For example, the solution instead may be: (1) process automation or (2) the incorporation of additional contextual data available internally or externally to aid with decision-making,” he continued.