Using the power of organizational change in compliance efforts

The burden placed on companies in the compliance space is growing exponentially. In the past year, as companies have ramped up artificial intelligence policy efforts, they have been met with mind-bending legal developments and changes. There seem to be daily reminders that traditional — slow — approaches to compliance development will not work. 

Take, for example, rote training about what not to put in AI tools. Stories and experience abound with personnel who ignore the training and then create a product that is not protectable, infringes on others' rights, or is inaccurate or inappropriate. 

What about aspirational policies like "do not use AI tools in your work?" As a result of these aspirational — and impractical — policies, some personnel engage in workarounds. A favorite is the employee who was told not to use AI on their work computer, so their personal device runs alongside their work computer all day. And on the personal computer, they conduct all their AI tasks. A lot of AI tasks.  

The problem and a solution 

These techniques can be worse than ineffective. They can increase risk. This is especially true in litigious regions like the United States, where plaintiffs' attorneys use deceptive trade practice and other laws to bring cases in the absence of clear legal guidance. 

Regulators may take this approach as well. When they do, they often point to the ineffectiveness of a company's compliance program to try to hold the company liable — for example, arguing a company should be held accountable for inappropriate AI output because of ineffective training. Or, that a company had participated in the "bad acts" of its employees because its policies were unworkable.