Risk & Strategy
Phil Lim Image
Phil Lim
Director, Product Management

AI is here. AI regulations are on the way. Is your board ready?

February 29, 2024
0 min read
man working with artificial intelligence on computer

Does your board still call artificial intelligence (AI) “the technology of the future?” If so, you’ll need to adjust your thinking — fast.

AI is already here. It’s part of business as usual, and regulators in the EU and United States are paying serious attention to its possibilities and ramifications.

The EU’s Artificial Intelligence Act, an AI Bill of Rights and Executive Order by the White House, and a call for guardrails by U.S. Securities and Exchange Commission (SEC) Chair Gary Gensler are just the beginning. Bloomberg Law noted that U.S. state and local governments pursuing AI regulation, along with the AI regulation under consideration in Europe, are “opening companies up to reputational damage by potentially requiring them to describe how their technology could pose a risk to democracy and the environment.”

This means your board needs to get familiar with the subject ASAP and make it a regular agenda item for ongoing risk management and oversight.

Your organization’s legal team is in the perfect position to drive change. Here’s how — and how technology can help:

Bring leadership (and yourself) up to speed: Steering your organization toward sustainable, trustworthy practices requires shoring up your own knowledge base first. The AI Ethics and Board Oversight Certification course by the Diligent Institute dives deep into navigating AI’s ethical and technological issues, with the option of an annual subscription to updated content and monthly virtual roundtables.

Find a centralized, secure way to collaborate: International law firm White and Case cited a roster of risks related to AI: the potential for factual errors or inaccuracies, distribution of confidential information, bias, privacy concerns, intellectual property rights, ownership rights, workforce issues and more.

It’s sensitive stuff — and you don’t want your board discussing it over email chains or saving documents on personal devices for reading on the go. Fortunately, specialized governance software offers an alternative, enabling boards to collaborate on documents in real time, communicate across teams and store files in a secure cloud-based environment.

Get serious about policy management: In addition to hosting discussions and making decisions about AI, your board is also responsible for crafting internal rules that govern AI use across your organization. Again, not a task you want to leave to disparate email chains and insecure file transfers. If a regulator or auditor asks to see a specific document, you’ll want to be able to quickly produce the most recent version.

Tools like Diligent’s Policy Manager keep policy development and maintenance on track. Customizable workflows and access management make sure the right people have access to the right information at the right time, while a revision and approval workflow engine ensures transparency and trackability. Automated updates, analytics, interactive visualizations and policy attestation features strengthen collaboration even more.

Bring AI into the bigger risk management picture: AI risk inherently intersects with cybersecurity, IT security and more. It also has a broader impact on strategy, productivity, market competition and demand for the company’s products, as well as investments and the company’s reputation, writes international law firm Gibson, Dunn & Crutcher.

This means you’ll want to factor AI into IT risk management, as well as your broader risk monitoring and strategy across the enterprise.The right technology will be invaluable for helping your board stay on top of the details for timely insight and oversight.

As hackers and criminals weaponize AI for their own ends, IT risk management software can help your board maintain visibility, stay ahead of threats and focus resources in the right direction. Intuitive dashboards can guide predictive, preventive and responsive strategies, while prebuilt IT risk workflows incorporate best practices and make it easy to get up and running.

Internal controls management software streamlines tracking of risk management benchmarks and policies. Automated control assessments minimize manual labor, while assurance report cards andcustomizable reports convey emerging issues to your board in a way they can easily understand.

Finally, enterprise risk management (ERM) software brings it all together, with detection, evaluation, and monitoring tools and analytics that deliver a comprehensive view across the organization. Some solutions can be configured for industry best practices, regulatory standards and individual risk appetite.

Keep up with your competition: Companies are starting to include AI risks on their 10K disclosures. Should yours follow suit? What specifically should you disclose and how? Market intelligence tools, especially ones that offer peer comparisons and industry benchmarks, can equip you with the data and insights you need for more confident decision-making.

All the tools you need to manage AI risk, united under one roof

With so much at stake, now is the time to get ahead of AI regulations and risk. 

The Diligent One Platform streamlines your risk management by delivering best-in-class solutions and centralizing all of your GRC activities in one place, so you can swiftly spot emerging risks associated with AI, ensure compliance with evolving regulations and act quickly on new opportunities.

Request a demo today to see how the Diligent One Platform can help your organization get AI-ready. 


Your Data Matters

At our core, transparency is key. We prioritize your privacy by providing clear information about your rights and facilitating their exercise. You're in control, with the option to manage your preferences and the extent of information shared with us and our partners.

© 2024 Diligent Corporation. All rights reserved.