Artificial intelligence or AI and its new, generative, iteration has hit the headlines. Depending on where you look the likes of ChatGPT is either going to save the world or be the cause of armageddon. Somewhere in between financial services firms need to navigate the real-world use case(s) for AI in a competitive marketplace where the successful deployment of AI has the potential for substantial cost savings and efficiencies.
For regulators and financial services firms alike the sheer magnitude of the communications data currently being generated outstrips the capacity of individuals to review manually. This has particularly been seen with the now near ubiquitous use of dynamic unified collaboration (UC) tools such as RingCentral, Zoom, Cisco Webex, Slack, and Microsoft Teams. UC tools are an essential part of the modern business environment. That said, due to the scale and complexity of actively and comprehensively detecting unique and growing risks within communications, organizations are turning to technology including AI to help. AI powered detections enable vast volumes of communications data to be analyzed. Critically, it also enables organizations to detect risks and breaches at scale, providing them with alerts at significant speed and helping prioritize what to review.
Garbage in, garbage out
For AI to be truly useful for financial services firms there are some key ground rules with the old adage of ‘garbage in, garbage out’ to be borne in mind:
- What a firm discloses, communicates or otherwise makes public remains its responsibility and the firm is accountable for the compliance of the content. It does not matter if the information has been created using AI or quill pen and ink - the firm retains responsibility.
- Robust, comprehensive recordkeeping is a prerequisite for the use of AI in supervising communications. Firms are expected to be able to preserve an ever widening range of content including emojis, GIFs and chat and given the regulatory expectations around retrieval and supervision, records need to be captured and preserved in their native context to allow, if need be, the content to be retrieved in its original state and surveilled. Case in point–you need to capture the money bags emoji 💰to search for the money bags emoji.
- Given the ever evolving nature of risk management in financial services there will always be a need for not only a human-in-the-loop to ensure accountability and appropriate decisions, but also a human directing the AI as to where to look, on what basis and with what assumptions.
- The deployment of purpose-built, pre-trained AI-based risk detections which focus on specific conduct, compliance, or security risks has many potential benefits. For example, firms should consider models that are trained to detect specific confidential or personal information including account numbers, email addresses, and birthdates, sensitive documents like customer lists or applications that are shown such as trading screens, HR or finance systems. By definition, such targeted detections use high quality expert sources and domain expertise and that means the burden does not fall to individual organizations to train the AI models or verify the results.
- Specifically, it is a well-trained AI's ability to understand specific risks in context that reduces both the number of false positives or alerts, as well as risks that would otherwise be missed because audio or transcript are unclear. Context is all important. Well trained AI can use captured emojis and other elements of communications to take a full context view of a communication or other content.
- The selection of the high quality expert sources and domain expertise needed for a well-trained AI model requires the human touch and cannot be left to the multiplicity of mixed quality, potentially biased sources informing a generative approach. Put simply, organizations cannot, and indeed must not, rely on generative AI such as ChatGPT for the judgment call and experience needed to train a financial services or other specialist AI model.
AI has enormous potential to transform financial services enabling firms (and their regulators) to find risks and potential risks at speed as well as benefiting from significant efficiencies and cost savings. However that benefit can only begin to materialize if firms have the capability for complete, accurate and native context records retention, preservation and retrieval and for that robust recordkeeping to be used as the input into well-trained, domain specific AI.
How Theta Lake can help
Theta Lake’s multi-award winning product suite provides patented compliance and security for modern communications utilizing over 100 frictionless partner integrations that include RingCentral, Webex by Cisco, Microsoft Teams, Slack, Zoom, Movius and more.
- Theta Lake captures and compliantly archives communications including videos, voice, chat, screen share and file transfer from mobile messaging platforms to SMS and WhatsApp to enable compliance with relevant recordkeeping and other requirements. It also acts as an archive connector, enabling existing archives and data storage to be utilized without disruption.
- AI-enabled automated detection of potential or actual misconduct requiring reporting to the risk committee or regulator. Identified risks are surfaced in an AI-assisted review workflow providing an efficient and effective review process for compliance teams. Theta Lake has more than 85 risk detections which are pre-trained and ready for customer use with customers able to provide feedback and training on the classifiers.
- The ability to ensure that all aspects of messaging can be preserved, and a full audit trail provided to supervisors, regulators or prosecutors. For example, chat messages can be viewed in their native format over the entire history of the conversation with full context retained together with in-meeting communications and images, GIFs, emojis or reactions that change meaning and context.
- Theta Lake’s compliance suite is SOC2, Type II audited and maps controls to ISO 27001 so confidential, privileged or sensitive data can be automatically redacted to meet data privacy and other legal obligations.
Ways to learn more:
- You can find further regulatory perspectives from Theta Lake here.
- Get our guide: “Smart Compliance Capture Considerations for Unified Communications” which outlines a buyer's checklist to use when evaluating recordkeeping and capture solutions.
- Join a weekly 30-minute demo webinar showing Theta Lake’s Smart Capture solution by registering here.