Picking up from where we left off, while the cybersecurity aspects of Generative AI are paramount, the journey of understanding its integration into banking doesn’t end there.
Third-Party Integrations & Their GenAI Components
Ah, third-party risks! If GenAI was the appetizer, third-party integrations are the main course. Just as we adjust to one technology, another seems to knock on our door, often integrated into tools we already use. Popular platforms like Grammarly1, Slack2, and Salesforce3 have already woven in GenAI components.
Remember the saying, "trust but verify"? It couldn’t be more accurate for banks and credit unions today. Third-party integrations are like guests at a party. It's all fun and games until one of them spills a drink on your expensive couch. And that's where your vendor due diligence process comes in. It's the gatekeeper, ensuring that the guest list is refined. But given the rapid integration of GenAI into everyday tools, a quick revisit to this process might be in order. Update it to drill down on third-party & even fourth-party AI practices. It's no longer just about who you let in, but also who they bring along.
Another pro tip? Train your vendor managers. Make them the watchdogs for software updates to catch those incorporating GenAI tech.
Operational, Legal, and Reputation Risks
Navigating the Digital Era isn’t just about fancy tech. It's also about the not-so-obvious hazards lurking behind them. Today, the operational dependency on GenAI might seem distant, but the landscape could shift. So while GenAI might not be on your critical dependency list today, a few years down the line, it might just be. And for those eventualities, having your Vendor Management Process and Business Continuity and Disaster Recovery Plans updated is crucial.
But let's shift the lens a bit. Beyond operational snags, the waters get murkier4. Did you hear about GenAI’s reputation? Accusations of biases, discriminatory outputs, hallucinations, even potential copyright issues! Picture this: One of your teammates crafts content using ChatGPT, and poof! You're now facing backlash or, worse, a lawsuit because they skipped a critical review. Regulators aren't behind either. With AI interfacing directly with customers, you're not just dealing with Privacy Laws but also specifics like California's Bot Disclosure Law5. Your mitigation strategy? Get legal onboard, revamp that Acceptable Use Policy, and ensure your team knows their GenAI dos and don'ts. Also, a quick brush-up on your privacy and disclosure agreements might save the day!
It's Just Getting Started
Dipping our toes into the world of GenAI risks is just skimming the surface; it’s a brave new world out there, and the landscape is still shaping up.
So, where does your bank stand in this evolving narrative? Have you welcomed GenAI with open arms, given it the cold shoulder, or set up barriers against it6? Peter Diamandis projects7, "There will be two kinds of companies at the end of this decade... Those that are fully utilizing AI, and those that are out of business." Now, that's food for thought. While the verdict is still out on the accuracy of his prediction, one thing is clear: GenAI isn't just knocking on our doors; it's steadily moving into our offices. Time to roll up those sleeves, assess the risks, and get those controls spot-on. Don't just be prepared; be ahead. If you're feeling overwhelmed, give us a call any time or reach out at support@bedelsecurity.com. we'd be happy to help!
Referenced Articles and Additional Resources
- Grammarly
https://www.grammarly.com/business/learn/enterprise-grade-generative-ai/ - Slack
https://slack.com/blog/news/introducing-slack-gpthttps://slack.com/blog/news/introducing-slack-gpt - Salesforce
https://investor.salesforce.com/press-releases/press-release-details/2023/Salesforce-Announces-Einstein-GPT-the-Worlds-First-Generative-AI-for-CRM/default.aspx - The waters get murkier
https://www.jdsupra.com/legalnews/friend-or-foe-legal-risks-arising-from-2542268 - California's Bot Disclosure Law
https://www.termsfeed.com/blog/ca-bot-disclosure-law/ - Set up barriers against it
https://www.forbes.com/sites/brianbushard/2023/02/24/workers-chatgpt-use-restricted-at-more-banks-including-goldman-citigroup/?sh=32a1dcd36cf4
- Projects
https://www.diamandis.com/blog/my_thoughts_on_ai