The latest compliance news: regulatory developments, punishments, guidance, permissions and new product and service offerings.

FINMA
A recent survey by FINMA, the Swiss regulator, found that about half of the firms it surveyed use AI or are developing initial uses for this technology. A further 25 per cent say they intend to use it in the next three years.

The study, based on 187 institutions, also showed that the regulator is worried that the heavy use of outsourced providers raises operational risks.

On average, these organisations have around five applications and are developing nine of them. Some 91 per cent of respondents who use AI also use generative AI such as newer chatbots. 

Most institutions do not rely solely on their own developments but also use external service providers. Smaller institutions often rely exclusively on externally-developed applications, the regulator said late last month; it drew attention to the operational risks that such outsourcing might generate.

Around half of the institutions surveyed have incorporated AI into an explicit AI strategy. When applying existing governance frameworks, many focus on data protection, IT and cyber security, data management and enterprise risk management.

In its Guidance 08/2024 update, the regulator shared its supervisory observations regarding governance and risk management when using artificial intelligence.