The global AI market is projected to grow by more than 30% per year through 2030, while as many as 80% of business are either using AI or actively exploring whether to deploy it. In the absence of strong regulation governing responsible use of the technology, chief technology officer Lou Bachenheimer explores how companies can self-regulate — for now.
How to embrace responsible innovation when it comes to artificial intelligence (AI) is top of mind for both public and private organizations. As the government grapples with guidelines for ethical AI development and industry heavyweights agree on the need for guardrails on new tools, the time to begin building a framework for governing AI in your company is now.
While the White House’s executive order on AI establishes principles to guide the use of AI, federal agencies like the Equal Employment Opportunity Commission (EEOC) and the Federal Trade Commission (FTC) are refining the stipulations within existing guidance. Meanwhile, prominent AI firms, including Google, Meta and OpenAI, have committed to upholding new standards concerning safety, security and transparency. These measures represent tentative steps taken in the U.S. amid broader efforts by governments worldwide to establish a legal and regulatory foundation for the responsible advancement of AI.
Some countries have developed national AI strategies that include considerations for governance. For example, Canada’s AI guidelines emphasize the responsible development and use of AI to benefit society, including initiatives related to AI ethics, transparency and accountability. And the European Union’s AI act is seen as the world’s first comprehensive law safeguarding the rights of users. It also appears to be set to ethically regulate the ever-evolving needs of AI application developers in Europe and beyond.
For businesses operating in the U.S., the regulatory environment regarding AI still lacks clarity. However, being proactive about establishing best practices for utilizing AI and initiating risk management efforts will position your organization to be ready for future AI regulation. By having a robust AI governance framework in place, organizations can instill accountability, responsibility and oversight throughout the AI development and deployment process. This, in turn, fosters ethical and transparent AI practices, enhancing trust among users, customers and the public.
A roadmap for AI governance
Chances are you have interacted with a chatbot or used generative AI, or perhaps your company uses AI-driven business processes. As AI becomes more integral in daily life, it is essential that organizations address concerns about ethical, legal and societal implications. A number of steps that can be taken to assess business workflows and identify where AI technology should be used in your organization and the potential business risks.
Ultimately, when it comes to governance, everyone has responsibility — from the CEO and chief information officer to front-line employees:
- Top-down: Effective governance requires executive sponsorship to improve data quality, security and management. Business leaders should be accountable for AI governance and assigning responsibility, and an audit committee should oversee data control. You may also want to appoint someone with expertise in technology who can ensure governance and data quality as a chief data officer to lead these efforts.
- Bottom-up: Individual teams can take responsibility for the data security, modeling and tasks they manage to ensure standardization, which enables scalability.
- Modeling: An effective governance model should utilize continuous monitoring and updating to ensure the performance meets the organization’s overall goals. Access to this should be given with security as an utmost priority.
- Transparency: Tracking your AI’s performance is equally important, as it ensures transparency to stakeholders and customers and is an essential part of risk management. This can (and should) involve people from across the business.
The field of AI ethics and governance is still evolving, and various stakeholders, including governments, companies, academia and civil society, continue to work together to establish guidelines and frameworks for responsible AI development and deployment.
While these are early days in the AI regulatory landscape in the U.S., self-regulation now can help your business identify and mitigate potential risks such as data privacy concerns, bias in AI algorithms and security vulnerabilities.
Many tech companies have developed their own AI ethics guidelines and principles. For instance, Google’s AI principles outline its commitment to developing AI for social good, avoiding harm and ensuring fairness and accountability. Other companies like Microsoft, IBM and Amazon have also released similar guidelines.
There are several strategic approaches organizations can employ when establishing AI governance:
- Development guidelines: Establish a regulatory regime and best practices for developing your AI models. Define acceptable data sources, training methodologies, feature engineering and model evaluation techniques. Start with governance in theory and establish your own guidelines based on predictions, potential risks and benefits and use cases.
- Data management: Ensure that the data used to train and fine-tune AI models is accurate and compliant with privacy and regulatory requirements.
- Bias mitigation: Incorporate ways to identify and address bias in AI models to ensure fair and equitable outcomes across different demographic groups.
- Transparency: Require AI models to provide explanations for their decisions, especially in highly regulated priority sectors such as healthcare, finance and legal systems.
- Model validation and testing: Conduct thorough validation and testing of AI models to ensure they perform as intended and meet predefined quality benchmarks.
- Humans in the loop: Continuously monitor the performance metrics of deployed AI models and update them to adapt to changing needs and safety regulations. Given the newness of generative AI, it’s important to incorporate human oversight to validate AI quality and performance outputs.
- Version control: Keep track of the different versions of your AI models, along with their associated training data, configurations and performance metrics so you can reproduce or scale them as needed.
- Risk management: Implement security practices to protect AI models from cybersecurity attacks, data breaches and other security risks.
- Documentation: Maintain detailed documentation of the entire AI model lifecycle, including data sources, testing and training, hyperparameters and evaluation metrics.
- Training and awareness: Provide training to employees about AI ethics, responsible AI practices and the potential societal impacts of AI technologies. Raise awareness about the importance of AI governance across the organization.
- Governance board: Establish a governance board or committee responsible for overseeing AI model development, deployment and compliance with established guidelines that fit your business goals. Crucially, involve all levels of the workforce — from leadership to employees working with AI — to ensure comprehensive and inclusive input.
- Regular auditing: Conduct audits to assess AI model performance, algorithm regulation compliance and ethical adherence.
- User feedback: Provide mechanisms for users and stakeholders to provide feedback on AI model behavior and establish accountability measures in case of model errors or negative impacts.
- Continuous improvement: Incorporate lessons learned from deploying AI models into the governance process to continuously improve the development and deployment practices.
AI governance is an ongoing process that requires commitment from leadership, alignment with organizational values and a willingness to adapt to changes in technology and society. Well-planned governance strategies are essential when working with this ongoing evolution to ensure your organization understands the legal requirements for using these machine learning technologies.
Setting up safety regulations and governance policy regimes is also key to keeping your data secure, accurate and compliant. By taking these steps, you can help ensure that your organization develops and deploys AI in a responsible and ethical manner.