Every RIA that uses artificial intelligence (“AI”) tools as part of their day-to-day operations should have an AI policy that outlines appropriate use of these tools in the firm’s practice.
New AI tools are rapidly being integrated into firms’ operations. From productivity and search tools like ChatGPT and Gemini to meeting transcription tools like Microsoft CoPilot, AI tools are changing how we work.
While these tools can help improve efficiency by assisting with tasks, such as conducting online research, summarizing meetings, and automating routine workflows, the use of these tools heightens the need for Firms to adhere to all applicable regulatory requirements. This includes safeguarding client data, privacy and confidentiality considerations, maintaining accurate books and records, conducting due diligence of vendors, and potentially being prepared to provide search or transcript history to regulators during an examination.
Without a formal policy, there is a risk that AI tools may be adopted and implemented without appropriate due diligence and oversight. This could lead to errors, data breaches, or failures to comply with regulatory requirements.
Furthermore, the AI policy should indicate to employees which AI tools are authorized for use and specify appropriate uses of AI tools by establishing these guidelines, the Firm can help ensure that AI is integrated in a way that aligns with its objectives, while maintaining strong compliance standards and safeguarding client privacy.
An AI policy is essential to help ensure the Firm complies with regulations, protects clients, and responsibly integrates AI tools into its operations.