Artificial Intelligence

Stay Updated on the Latest Generative AI Regulations

October 09, 2024by Robert Cruz
SUBSCRIBE TO BLOG

Subscribe to the Smarsh Blog Digest

Subscribe to receive a monthly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

Does it seem like every time you hear about generative AI it’s about how the technology has taken another leap forward in usability and innovation? That’s probably because that’s exactly what’s happening.

Quick take

We're making it easier for you to stay in the know by compiling the most impactful updates on generative AI regulations and how they will affect your firm. Check back often, as we'll keep this list current.

And legislators and financial services regulators are being dragged along for the ride. While regulators around the world are doing their best to keep their guidelines current and explicit, the burden is on financial services firms to stay updated on generative AI regulations and to ensure that their risk controls meet new obligations as they arise.

It’s a heavy — and costly — burden for global firms operating in multiple regional jurisdictions, but we’ll try to make it a lighter lift. Below, we’ve summarized the most recent statements and updates on impactful regulatory positions regarding generative AI in the financial services industry.

Financial services regulatory perspectives on generative AI

SEC on generative AI

The SEC has continued to focus on cases of “AI washing,” looking for false and misleading claims of how AI is used by financial services firms.

While this current focus is on firms themselves, there is clearly greater due diligence required to ensure that third-party AI technologies employed by firms are making accurate claims about their solutions. Foundational models and surrounding infrastructure must clearly be suited for purpose by highly regulated firms and not be just a part of the sales strategy of a generative AI startup to penetrate an attractive vertical market.

However, the SEC has also experienced a couple of hurdles in its aggressive enforcement posture.

First, its proposed Predictive Analytics rule focused on potential “conflicts of interest” was pulled back as firms struggled to understand how they could implement controls that would balance investor interests against the interests of the firms.

Second, the U.S. Supreme Court’s decision to strike down the so-called Chevron Deference under Roper Bright v. Raimondo removes enforcement authority of government agencies, including those of the SEC’s new rule proposals. Even so, the proposed Predictive Analytics rule remains on the SEC agenda for the end of this year.

FINRA on generative AI

FINRA published a reminder to industry firms leveraging generative AI of their existing regulatory obligations and its objective to remain technologically neutral as it considers additional guidance through its exam priority publications.

Federal Trade Commission (FTC) on generative AI

The FTC has been conducting an investigation of OpenAI’s data protection capabilities. The goal is to ensure that information used to develop and train models is appropriately managed, information ownership rights are not questioned, and OpenAI is properly governing the data protection and data privacy obligations.

Commodities Future Trading Commission (CFTC)

The CFTC published recommendations on the responsible use of AI within the U.S. financial services industry.

Bank of England, FCA, and Prudential Regulatory Authority statement

This is a response to the U.K. government’s AI regulatory policy and white paper, which represents emerging proposals for regulating AI.

The strategic approach statement outlines the publishers’ desire to continue to promote innovation in the industry’s use of AI, as well as the need to continue to monitor developments in the technology in determining if additional regulation is appropriate.

The broader artificial intelligence perspectives that can impact financial services

The EU AI Act

The EU AI Act has crossed another threshold in its path toward active enforcement, providing several consumer and individual protections according to specific risk categories. Most importantly, the EU Act has outlined specific risk categories and sanctions that will be imposed on firms that violate the required controls in each category.

Biden Administration Executive Order on artificial intelligence

The broad executive order issued in 2023 continues midstream in proposing standards for AI safety and security, focusing on consumer privacy protection. Most recently, the Administration has reported that government agencies have all met their 270-day obligations, highlighted by progress made by the U.S. in driving cooperation across multiple countries in the development of standards, and progress reported by the NIST.

The National Institute of Standards and Technology (NIST)

The NIST has produced a number of publications attempting to define standards to govern the use of AI, including risk management frameworks and in conducting research into what the organization considers ‘trustworthy’ AI technologies.

These standards have been developed in close collaboration across several financial regulators, including the Federal Reserve and CFTC.

Consumer Financial Protections Bureau (CFPB)

The CFPB issued a spotlight on the use of chatbots based on a growing number of consumer complaints on the difficulty of resolving disputes. The CFPB noted that all top 10 commercial banks in the US are using chatbots to engage with customers.

It’s on firms to stay updated on regulatory requirements around generative AI

Generative AI will surface a multitude of use cases, some of which that have never been encountered and some will touch multiple regulatory obligations in different jurisdictions. Awareness of the latest regulatory perspectives, conversations and statements will be crucial to ensuring firms are able to use AI to increase productivity while compliantly operating in multiple jurisdictions.

Bookmark this page for developments on this ongoing topic.

featured guide icon

FEATURED GUIDE

Financial Services and Generative AI: Navigating a New Era of Innovation

How financial services firms are embracing — and governing — generative AI

Get Guide

Share this post!

Robert Cruz
Latest posts by Robert Cruz (see all)
Smarsh Blog

Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.

CONTACT US

FEATURED CONTENT

Ready to enable compliant productivity?

Join the 6,500+ customers using Smarsh to drive their business forward.

watch it work
CONTACT SALES

More Resources

wiw video cc government
Georgia Public Records: A Guide to Meeting Open Records Requirements and Improving Transparency
by Smarsh
on November 04, 2024
Read more
blue technology network security data featured img
The AI Balancing Act: 2024 FINRA AI Guidance on Juggling Innovation and Compliance
by Tiffany Magri
on November 01, 2024
Read more
cash money bills featured img 600x320
From Penalties to Practices: Decoding the SEC's New Vision for Communication Records
by Tiffany Magri
on October 29, 2024
Read more

Contact Us

Tell us about yourself, and we’ll be in touch right away.