The Financial Services Information Sharing and Analysis Centre (FS-ISAC) has released a comprehensive guide to help financial institutions manage the risks associated with Generative Artificial Intelligence (GenAI). As the financial sector in Singapore and globally embraces AI technologies, concerns about data security and regulatory compliance have emerged. FS-ISAC’s whitepaper, “More Opportunity, Less Risk: 8 Steps to Manage Financial Services Data with GenAI,” aims to address these challenges.
Michael Silverman, Chief Strategy & Innovation Officer at FS-ISAC, highlighted the dual nature of GenAI, stating, “GenAI presents enormous opportunities for financial firms to improve business operations, provide better customer service, and even enhance their cybersecurity posture. However, just like any new technological development, GenAI increases security risks when it’s not leveraged in a safe and compliant manner.”
The guidance, developed by FS-ISAC’s Artificial Intelligence Working Group, outlines eight foundational steps for effective data governance:
– **Consider Your Risks:** Identify and address risks, gaps, and opportunities through policies and technical controls.
– **Data Selection Criteria:** Implement cautious data selection with ongoing oversight and risk testing.
– **Create and Maintain a Data Lineage Inventory:** Ensure strong access controls and data classification.
– **Be Disciplined with Data Access and Authorisation:** Restrict access to GenAI training data and regularly review datasets.
– **Obsessively Protect Your Customers’ Data:** Use security techniques like encryption and data sanitisation.
– **Use Best Practices When Building Effective Test Plans:** Establish baselines and leverage cross-sector data sharing.
– **Keep Current on Model Vulnerabilities:** Maintain cybersecurity hygiene to mitigate threats.
– **Require Your Vendors’ Transparency on Your Data Storage:** Ensure vendor compliance with security standards.
As GenAI continues to evolve, FS-ISAC’s report provides financial institutions with the tools needed to navigate the complexities of AI-driven data governance securely. The full report is available for download on FS-ISAC’s website.
