- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Aaron Nicodemus2024-12-13T16:47:00
When the U.S. Department of Justice (DOJ) released its revised Evaluation of Corporate Compliance Programs (ECCP) earlier this year, it turned some heads. Tucked into a section on risk assessments was a strongly worded series of questions that appeared to shoulder compliance teams with the responsibility for ensuring the safe use of artificial intelligence tools by their firms.
It was a surprising move, in part because AI is so new. Many in the compliance community believe that the DOJ did this to plant a flag about what the government expects from businesses that use AI–because Congress appears reluctant to pass any law that would set guardrails for businesses to follow.
Two chief compliance officers, who asked to remain anonymous because they were not permitted to speak on the subject, said they hoped the DOJ would adjust the ECCP in the future as it relates to AI.
The reason, one of the CCOs said, was they believed the responsibility of ensuring the safe use of AI tools should be shared among all business functions.
“It creates a potential situation where compliance is seen as owning AI, even though it didn’t have input in the decision-making process,” the CCO said. “It seems like the DOJ is dumping this responsibility on compliance.”
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
Data governance has become a key concern for companies, especially when the EU AI Act and General Data Protection Regulation have put a premium on handling data responsibly and ensuring that artificial intelligence does not cause harm.
Companies spend huge sums on audit, risk management, and compliance to alert them about potential legal issues before they escalate into serious corporate governance failings. There’s only one problem, however–they often misread their own early warning signs or ignore them altogether.
The era of artificial intelligence adoption is testing the old ways of doing compliance, underscoring the need for continuous monitoring. Compliance isn’t a one-and-done activity, but sometimes organizational incentives and goals fail to prioritize the importance of this.
The Department of Justice’s Evaluation of Corporate Compliance Programs has made the importance of artificial intelligence governance frameworks clear, but it didn’t say what role compliance should play. Here’s the answer.
The U.S. Department of the Treasury’s Financial Crimes Enforcement Network issued an alert to financial institutions about their obligations to report deepfakes, warning artificial intelligence has given bad actors additional tools in their arsenal.
A nationwide rental outlet affiliated with Rent-a-Center and its chief executive have been sued by the Consumer Financial Protection Bureau for allegedly deceiving five million consumers about the terms of credit agreements.
