Practical steps to create your own AI governance roadmap

If you wondered why governance is suddenly a hot topic in the world of artificial intelligence (AI), look no further than the European Parliament. As AI and intelligent automation (IA) become more integral in daily life with chatbots answering and interacting with clients, to scheduling appointments that improve customer experience, governance is required to ensure ethical, legal, and societal implications.

The EU’s AI act, seen as the world’s first comprehensive law safeguarding the rights of users, also looks set to ethically regulate the ever-evolving needs of AI application developers in Europe and beyond.

With the EU and a number of other countries creating groundbreaking AI governance legislation, it is a timely opportunity for business leaders to prepare their own roadmap for what could be far-reaching change in the way we use AI that will transit daily life and borders.

In the same way most banks, auditors and insurance firms and their supply chains are already geared up to meet robust existing legislation such as General Data Protection Regulation (GDPR) in Europe and Sarbanes Oxley in the U.S., AI governance will require a similar approach. The penalties for not complying being proposed are potentially huge. A maximum fine that could be imposed under the proposed EU AI Act is EUR 30 million, or six percent of worldwide annual corporate turnover, whichever is higher.

Ahead of proactive AI governance, there are a number of measures that can be taken to assess business workflows and identify where AI technology should be used and the potential business risks. Through our work with customers and wider industry, SS&C Blue Prism is well positioned to provide guidance on governance roadmaps for businesses to follow, so they are best placed to meet new requirements.

Also Read: The Urgent Need for AI Guardrails in the Public Sector

The need for urgency

AI governance will soon impact everything from digital manufacturing automation to customer chatbots and apps mimicking back-office tasks of human workers. Central and regional government offices, law and healthcare industries using AI to extract data, fill in forms, or move files will also need to comply. Rules Engine APIs, microservices and low-code apps are also affected.

So if your business uses robotic operating, basic process improvement and macros for workflow management, intelligent character recognition converting handwriting into computer-readable text, or deep level AI and machine learning experiences, you need to comply.

Transparency and authenticity are also hugely important to the way consumers view and interact with their brands, especially Gen Z customers. Making up 32% of the global population and with a spending power of $44bn, Gen Z have high expectations of their brands and will only support and work for those that share their values.

Aspects of automation will also be covered by future AI legislation, so companies need to closely examine how they use intelligent automation execution, and ensure teams meet regulatory needs as they continuously discover, improve, and experiment with automated tasks/processes, BPM data analysis, enhanced automations, and business-driven automations.

The good news is that – by being able to create an auditable digital trail across everything it touches – intelligent automation is the ideal vehicle for AI. Its ability to increase efficiencies across workflows are well known, and being able to have full, auditable insights in actions and decisions is a superpower in itself.

How to establish AI governance

As always, whether it’s data retention or how a business application uses AI, safeguards are required across the AI lifecycle, including record keeping documenting the processes where it is used to ensure transparency.

By having a robust AI governance framework in place, organizations can instill accountability, responsibility, and oversight throughout the AI development and deployment process. This, in turn, fosters ethical and transparent AI practices, enhancing trust among users, customers, and the public.

Ultimately, when it comes to governance, everyone has responsibility – from the CEO and chief information officer to the employees. It starts with ensuring internal guidelines for regulatory compliance, security, and adherence to your organization’s values. There are a few ways to establish and maintain an AI governance model:

• Top-down: Effective governance requires executive sponsorship to improve data quality, security, and management. Business leaders should be accountable for AI governance and assigning responsibility, and an audit committee should oversee data control. You may also want to appoint a chief data officer from someone with expertise in technology who can ensure governance and data quality.
• Bottom-up: Individual teams can take responsibility for the data security, modeling and tasks they manage to ensure standardization, which in turn enables scalability.
• Modeling: An effective governance model should utilize continuous monitoring and updating to ensure the performance meets the organization’s overall goals. Access to this should be given with security as an utmost priority.
• Transparency: Tracking your AI’s performance is equally important, as it ensures transparency to stakeholders and customers, and is an essential part of risk management. This can (and should) involve people from across the business.

AI governance frameworks

Those disregarding AI governance run the risk of data leakage, fraud, and bypassed privacy laws, so any organization utilizing AI will be expected to maintain transparency, compliance, and standardization throughout their processes – a challenge as technical standards are still in the making.

The field of AI ethics and governance Is still evolving, and various stakeholders, including governments, companies, academia, and civil society, continue to work together to establish guidelines and frameworks for responsible AI development and deployment.

There are several real-world examples of AI governance that while they differ in terms of approach and scope, address the ethical, legal, and societal implications of artificial intelligence. Extracts from a few notable ones are here:

The EU’s GDPR, while not exclusively focused on AI, includes data protection and privacy provisions related to AI systems.

Additionally, the Partnership on AI and Montreal Declaration for Responsible AI – developed at the International Joint Conference on Artificial Intelligence – both focus on research, best practices, and open dialogue in AI development.

Many tech companies have developed their own AI ethics guidelines and principles. For instance, Google’s AI Principles outline its commitment to developing AI for social good, avoiding harm, and ensuring fairness and accountability. Other companies like Microsoft, IBM, and Amazon have also released similar guidelines.

Some countries have developed national AI strategies that include considerations for governance. Right now, Canada’s “Pan-Canadian AI Strategy” emphasizes the responsible development and use of AI to benefit society, including initiatives related to AI ethics, transparency, and accountability.

Also Read: For True End-to-End Process Automation: Evolve Your Data Strategy and Architecture

14-Steps to governance greatness

Ensuring AI governance in your organization involves establishing processes, policies, and practices that promote the responsible development, deployment, and use of artificial intelligence.

At the very least, government departments and companies using AI will be required to include AI risk and bias checks as part of regular mandatory system audits. In addition to data security and forecasting, there are several strategic approaches organizations can employ when establishing AI governance.

• Development guidelines: Establish a regulatory regime and best practices for developing your AI models. Define acceptable data sources, training methodologies, feature engineering and model evaluation techniques. Start with governance in theory and establish your own guidelines based on predictions, potential risks and benefits, and use cases.
• Data management: Ensure that the data used to train and fine-tune AI models is accurate and compliant with privacy and regulatory requirements.
• Bias mitigation: Incorporate ways to identify and address bias in AI models to ensure fair and equitable outcomes across different demographic groups.
• Transparency: Require AI models to provide explanations for their decisions, especially in highly regulated priority sectors such as healthcare, finance and legal systems.
• Model validation and testing: Conduct thorough validation and testing of AI models to ensure they perform as intended and meet predefined quality benchmarks.
• Monitoring: Continuously monitor the performance metrics of deployed AI models and update them to adapt to changing needs and safety regulations. Given the newness of generative AI, it’s important to maintain a human-in-the-loop approach, incorporating human oversight to validate AI quality and performance outputs.
• Version control: Keep track of the different versions of your AI models, along with their associated training data, configurations, and performance metrics so you can reproduce or scale them as needed.
• Risk management: Implement security practices to protect AI models from cybersecurity attacks, data breaches and other security risks.
• Documentation: Maintain detailed documentation of the entire AI model lifecycle, including data sources, testing, and training, hyperparameters and evaluation metrics.
• Training and Awareness: Provide training to employees about AI ethics, responsible AI practices, and the potential societal impacts of AI technologies. Raise awareness about the importance of AI governance across the organization.
• Governance board: Establish a governance board or committee responsible for overseeing AI model development, deployment and compliance with established guidelines that fit your business goals. Crucially, involve all levels of the workforce — from leadership to employees working with AI — to ensure comprehensive and inclusive input.
• Regular auditing: Conduct audits to assess AI model performance, algorithm regulation compliance and ethical adherence.
• User feedback: Provide mechanisms for users and stakeholders to provide feedback on AI model behavior and establish accountability measures in case of model errors or negative impacts.
• Continuous improvement: Incorporate lessons learned from deploying AI models into the governance process to continuously improve the development and deployment practices.

Also Read: AiThority Interview with Dr. Arun Gururajan, Vice President, Research & Data Science, NetApp

Ongoing commitment to AI governance

Remember that AI governance is an ongoing process that requires commitment from leadership, alignment with organizational values, and a willingness to adapt to changes in technology and society. Well-planned governance strategies are essential when working with this ongoing evolution to ensure your organization understands the legal requirements for using these machine learning technologies.

Setting up safety regulations and governance policy regimes is also key to keeping your data secure, accurate and compliant. By taking these steps, you can help ensure that your organization develops and deploys AI in a responsible and ethical manner.

[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]