The productivity gains offered by emerging technologies could transform asset owners’ risk management protocols, but fully adopting these new systems remains a challenge.
A September report from the International Forum of Sovereign Wealth Funds underscored this issue. Three-quarters of funds surveyed by the organization said they use technology in their compliance efforts—including using third-party background check tools—or in due diligence. However, only 15% of respondents said they use artificial intelligence to support compliance efforts, including in third-party risk management or risk assessment.
Given the zeitgeist surrounding AI, institutions may feel an urgency to have a strategy for its use, yet remain unsure how to create one and how to judge services offered by AI companies, many of them startups. Dan Johnson, managing director at F2 Strategy, an outsourced chief technology firm, says, “It’s made it very difficult for firms to answer a very basic question: ‘What can AI do?’ and ‘What does effectively leveraging AI actually mean?’”
Like any new technology, AI has pros and cons. When it comes to risk management, investors need to think beyond just cybersecurity or portfolio management and consider that risk management is now an enterprise-wide strategy, say industry sources.
For more stories like this, sign up for the CIO Alert newsletter. ?
Considering Implementation
Sean Scranton, a consultant on the cyber risk solutions team at WTW, says asset owners thinking about incorporating AI should conduct a risk assessment and then decide what the organization will do with the technology, what data to make available, how to use the resulting information and how to respond if the technology is fed bad data. That risk assessment and the answers to those questions should then form the controls the organization needs to have in place to prevent problems.
From there, the organization should issue guidelines on what technology can or cannot be used and train its employees. The rapid evolution of AI means organizations should, according to Scranton, create an AI steering committee that reviews risks and creates policies and procedures for the safe, trustworthy and ethical use of AI.
“It’s making sure that everyone understands the AI risk appetite for the organization,” he says.
Guidelines help asset owners prevent the use of unauthorized, or “shadow,” IT or AI use that has not been approved, which can put an organization at risk, he adds.
To get the most value out of AI, Lejla Agic, a principal at Deloitte Consulting, says investors should focus on change-management and measurable improvements, such as better risk identification, as AI’s value is efficiency, transparency and insight, not just cost savings.
Using AI Carefully
Agic says asset owners are implementing AI to enhance their investment opportunities and optimize operations for both public and private markets. Among some of the areas ripest for use are portfolio monitoring, portfolio rebalancing and third-party reporting.
AI can help investors sift through reems of data and highlight relevant portions, but data integrity is critical, sources say. Matt Malone, head of investment management at private markets technology firm Opto Investments, says investors must ensure data sets are clean when feeding them into large language models, and they must tightly control who has access to the data to make sure that data stay clean and remain within the organization, rather than being shared broadly.
“You never want to be in a position where you inadvertently violate some securities law because you shared information … in a quasi-public setting,” he says.
Replacing manual processes with AI creates efficiencies, but experts say having plans on how to fix bad data or AI hallucinations may mean incorporating a road map in an organization’s disaster recovery and business continuity plans, enabling investors to revert back to where they were before data issues, if necessary.
Governmental bodies such as the European Union are starting to roll out regulations covering AI. Such legislation is likely to evolve, and remaining compliant is another reason for asset owners to create strong oversight on AI use, say Agic and Scranton.
Risk Management as an Enterprise-Wide Activity
Eduard van Gelderen, a senior managing director at nonprofit FCLTGlobal [Focusing Capital on the Long Term], says when it comes to AI and risk management, asset owners tend to think only of alpha generation or the next step in quantitative investment management.
That’s wrong, he says; rather, asset owners need to consider the organization’s biggest value driver and how AI can help it improve upon that. For example, is risk management related to the funded status of a pension fund and, if so, how does AI improve that? As asset owners explore AI, they need to think critically about the organization, as this technology will change how business is done, he says.
“The biggest problem is: Everyone is endorsing the productivity gains, but (not focusing on) the business transformation that I firmly believe is going to happen going forward,” van Gelderen says.
AI has also upended some cybersecurity controls, as criminals with sophisticated tools can easily make deep fakes, such as falsified audio, video and recorded messages, says Daniel Soo, a principal in Deloitte & Touche LLP, Deloitte’s U.S. cyber financial services industry firm.
To help protect against such threats, asset owners should implement strong identity security protocols such as biometric checks and multi-factor authentication; awareness programs; and third-party due diligence, he says.
What AI Cannot Do—Yet
AI is good at interpreting documents and can make some judgments, but it might not be able to understand the decision an investor is making relative to the macroeconomic environment or how investors make real-time, risk-based decisions based on interactions with different people or different countries, says Ed Brandman, founder and CEO of ToltIQ, which use AI for due diligence in private equity.
The technology also has trouble with sophisticated Excel spreadsheets that may use a lot of macros, he says.
That likely will not always be the case, and van Gelderen suggests that in the future, AI will no longer be an enabler, but a driver of investment decisions.
“I don’t think a lot of investors, asset owners, are really there yet,” van Gelderen says. “It’s really early stage.”
Tags: Artificial Intelligence, Risk Management, Technology
#Adopting #Challenge #Transform #Risk #Management