Connect with us

Business

Harnessing the sweet spot for AI and risk management

Craig Adams, Managing Director, EMEA at Protecht examines why it is important to weigh up the AI opportunity versus the challenges when it comes to risk management

AI here to stay and set to revolutionise the way many organisations manage their key business functions forever – risk and compliance included.

When ChatGPT first launched to the public in late 2022 it reached one million users in five days and surpassing 100 million monthly users in just two months. It didn’t take long before major organisations like BT were announcing plans to replace thousands of workers with artificial intelligence (AI), while newspapers were quickly filled with stories about AI already doing a better job than trained humans at various business tasks and applications.

Without a doubt AI presents a huge opportunity across risk & compliance functions, particularly in areas like automating everyday mundane tasks, offering rapid assessments, and better understanding/management of the risks faced.  Whether it’s identifying gaps in policies and control frameworks or analysing thousands of pages of regulations across multiple jurisdictions in a matter of seconds, the potential is truly enormous.

However, that’s not to say it doesn’t create a few risks of its own as well. First and foremost, risk management and compliance functions are in the very earliest stages of AI integration, which means the current lack of understanding will almost certainly lead to teething problems and mistakes. Indeed, in many organisations, risk professionals find themselves working round the clock to understand how best to retrospectively integrate AI into long-established, well-run programmes and processes.

Furthermore, AI is far from flawless in its current iteration. For all the positive headlines generated, ChatGPT has also garnered numerous negative ones as well, particularly relating to high profile gaffs, biased content, and limited knowledge of the world beyond 2021 (at least for now).

Therefore, in order to make the most of AI’s vast potential without falling foul of its current limitations, industry professionals need to look very closely at both the opportunities and challenges it presents, before finding the right path forwards to successful implementation. In fact, understanding the technology, its application, and the risks it poses, should all be considered fundamental requirements for risk managers before partial or full-scale deployment is even considered.

Realising AI’s power and potential

Just like many other industries, one of the biggest opportunities that AI presents to risk and compliance professionals is its ability to automate time consuming and repetitive tasks that humans often struggle with because of their mundane nature. For example, AI-driven customer service solutions have been shown to not only reduce operational costs, but also to improve the quality of service.

Behind the customer service function, however, AI has the potential to provide invaluable insights into an organisation’s risk profile by analysing vast amounts of data at a pace incomparable to human capabilities. For instance, AI can be used to assess thousands of pages of complex global regulations before making accurate recommendations on exactly where specific regulations apply. This kind of capability can significantly reduce the workloads of risk and compliance professionals, enabling them to spend much more of their time on strategically important activities, while also improving overall business security.

However, it’s important to note that AI powered systems are only ever as good as the data they have to work from. If AI relies on flawed data, it may fail to identify critical risks or comply with relevant regulations and start influencing the reasoning of the AI system itself.

Organisations must therefore ensure that the data feeding into their AI systems is accurate and unbiased at all times, which isn’t easy. Failure to do so not only raises the risk of serious errors but also huge reputational damage to the organisations involved and the application of AI across the profession.

Another crucial concern is the potential replacement of human workers and the impact on the wider employment market. While it’s clear that AI will increasingly be used to automate a range of functions currently carried out by human members of staff, replacing people entirely isn’t without its drawbacks. Most obviously, there is an inherent and irreplaceable value in human insight, judgement, and decision-making, especially in areas as critical as risk management, where experience plays a massive role across the board.

Harnessing the sweet spot for risk management

So, with all these considerations in mind, how can organisations find the sweet spot that allows them to enjoy the benefits of AI while guarding themselves against the inherent risks?

Here is a best practice checklist, that will ensure a structured approach for AI deployment with full transparency and visibility across the risk management function.

  • Start by assessing AI’s impact on the organisation’s overall risk profile and identify any compliance challenges created as a result.
  • Develop organisational controls such as an AI policy that defines acceptable use of AI by employees and technology controls that limits access and monitors use of AI services over the web in line with your policy.
  • Raise awareness through employee communication and training on what they can and can’t do around AI and outline the risks with knowledge gaps or even information fabrication from this sort of technology can bring.
  • Define your risk appetite around AI so you can agree how hungry or adverse you are as an organisation on embracing both the opportunities and the downside risk it represents when it goes wrong and develop metrics to measure.

In the longer term, it is vital to establish effective controls over the remit given to AI and its performance levels. These should include a commitment to manual oversight, ongoing ad-hoc testing, and the implementation of any other relevant mechanisms to ensure AI operates within the organisation’s risk appetite and compliance framework. In this context, a hybrid approach, where AI and humans work in tandem, is most likely to provide the best results.

While many organisations will find the prospect of implementing an AI-powered risk management daunting, there’s never been a better time to start exploring it.

Related Topics:
Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Business

The Quiet Strength of Being Clear – Why Assertiveness Matters More Than Ever for Founders

By Rebecca Sutherland, CEO and Founder of HarbarSix

There’s a word that often makes people shift a little in their seats. Assertiveness. It can sound sharp, maybe even a bit harsh, like something that belongs in boardrooms filled with ego or in negotiation books gathering dust on someone’s shelf. But in truth, assertiveness, when you really understand it, is one of the most compassionate tools we have as leaders.

Because at its core, assertiveness isn’t about being pushy. It’s about being clear.

And when you’re building something, a business, a team, a dream that lives outside the ordinary, that kind of clarity becomes essential. Without it, you end up drifting, making decisions that don’t feel quite right, saying yes when you mean no, and slowly watching the thing you once felt lit up by become a source of tension or exhaustion.

I’ve seen it happen more than once. A brilliant, creative founder full of drive and vision, slowly ground down by too many compromises, too much people-pleasing, too little space to breathe. They don’t lack skill or ambition. What they’re missing is that anchor, the ability to be assertive without feeling like they have to apologise for it.

So, let’s unpack that, because I think we need to talk about how to lead from a place that’s both strong and soft. Firm but open and rooted in who you are.

Assertiveness starts with self-trust

Before you can speak clearly to others, you must be clear with yourself. What do you stand for? What kind of culture are you trying to build? What do you value, not just on a branding level, but deep in your bones?

Because if you don’t know that, you’ll find yourself pulled in all directions. You’ll agree to partnerships that don’t serve you, hire people based on panic rather than alignment, and find it hard to hold boundaries when the stakes feel high.

But when you do know—when you’ve taken the time to understand what really matters to you—it becomes easier to communicate it, calmly and confidently, even when it’s uncomfortable.

Saying what you mean isn’t unkind—it’s respectful

There’s a misconception, especially among founders who want to be “good” leaders, that being direct is somehow abrasive. That if you’re too clear, you might upset people. But in my experience, the opposite is true.

When you wrap your truth in too many layers of softening or delay saying the hard thing because you’re worried about how it will land, you actually create more confusion, not less. People want to know where they stand. Your team, your investors, your clients—they respect leaders who can speak with warmth and certainty.

You don’t need to bark orders or dominate a room. But you do need to be able to say, “This isn’t working for me,” or “This direction doesn’t feel right,” or even, “I’ve changed my mind.” That kind of honesty is a form of care. It protects your energy, and it gives everyone around you a clearer playing field.

Boundaries aren’t barriers—they’re invitations to trust

One of the most powerful forms of assertiveness is knowing when to say no. Or not yet. Or not like this.

As founders, we’re often wired to keep giving—to clients, to our team, to the business itself. But that constant giving, without boundaries, leads to burnout. And more than that, it models a kind of unsustainable leadership where overextending becomes the norm.

Boundaries, when set with intention, are not walls. They’re signals. They say, “This is how I work best,” or “This is what I need to stay at my best,” or “Here’s the line where my role ends and yours begins.” And far from pushing people away, they create the safety and trust needed for real collaboration.

Not everyone will like it—and that’s okay

Here’s the part that might sting a little: not everyone will like your assertiveness. Some people will bristle when you stop bending over backwards. Others may be used to you saying yes to everything, and might struggle when you start to reclaim your space.

Let them. Your job isn’t to be liked by everyone. Your job is to build something honest, sustainable, and true. And the people who are meant to walk alongside you? They’ll stay, in fact, they’ll probably thank you for the clarity.

Practice before you need it

Like any skill, assertiveness gets easier with practice. Start small. Have that conversation you’ve been avoiding. Say no to the next thing that doesn’t feel aligned. Express a need clearly without over-explaining. And then do it again. Not perfectly, just consistently.

If you’re not used to it, it might feel clunky at first. That’s okay. Clarity is a muscle. The more you use it, the stronger it gets.

The most powerful leaders are not the loudest

They’re not the ones who dominate meetings or chase visibility for its own sake. They’re the ones who know who they are. Who can sit in discomfort without losing their footing. Who can say the hard thing with softness and stay true to their vision when the noise gets loud.

Assertiveness isn’t about power over others—it’s about being in your own power. And when you lead from that place, it changes everything.

For your business. For your team. And most importantly, for you.

Continue Reading

Business

Innovation in banking must go hand in hand with security, and here’s why

Dean Clark, Group Chief Technology Officer for GFT

The banking sector is transforming more and more, with banks under pressure to meet customers’ evolving expectations. This means that even the most traditional institutions have to move away from legacy systems and adopt modern technologies such as cloud computing and AI. The aim of this shift is not just to keep pace with digital-native competitors, but also to improve operational efficiency and deliver better customer experiences.

However, innovation brings new challenges. Transitioning from centralised mainframes to cloud-based platforms is a complex process that can’t happen overnight. Amid this transformation, banks must ensure that security remains a top priority. Striking the right balance between modernisation and robust security is essential to building and maintaining consumer trust in the digital age.

Balancing agility with security

Multicloud is a key component of digital transformation strategies in the financial sector. Many banks are relying on hybrid multicloud to modernise and keep up with the evolving tech landscape. In the meantime, new digital banks are launching entirely on cloud-native platforms, which helps support agility and scalability from day one.

Cloud technologies offer many advantages, including improved performance, flexibility and faster innovation. However, despite these benefits, they do come with security challenges. Cloud infrastructure, often built and managed using Infrastructure as Code (IaC), can include some vulnerabilities and give an entry point into a bank’s system to malicious actors. As such, ensuring that IaC adheres to best practices is essential to avoid misconfigurations or exploitable vulnerabilities as early as possible.

The protection of consumer data must also be central to any digital transformation strategy. Security must be deeply embedded not only in backend infrastructure but also in the user-facing layers such as web portals and mobile applications. This is critical to maintain consumer trust and improve retention.

Why a unified security platform is essential

When undergoing digital transformation, financial institutions need a unified security solution to help streamline the security management process by having all the necessary tools in one place. In fact, a unified security solution is built on three interconnected pillars. First, security must be embedded directly into development pipelines. This integration helps identify and mitigate risks and misconfigurations early, before they can impact production. Second, through continuous monitoring and management of cloud assets, banks can gain more visibility and control over their security posture. Third, runtime protection safeguards cloud workloads, web applications and APIs through tools like cloud threat detection, host security, container security, serverless security, and web application & API protection. Together, these pillars help to establish a robust security framework. This way, digital banks can minimise risks, streamline operations and ensure compliance with regulatory demands.

The benefits of ‘zero trust’

Modern cloud-native banks rely on ‘zero trust’ security models more and more. ‘Zero trust’ refers to the principle according to which every request to access an organisation’s system should be carefully reviewed. This means that no user or system is trusted by default. They’re all subject to identification and authentication checks. This helps set clear boundaries between the applications the users are accessing and the resources available in the cloud. And even after access has been granted, all activity is monitored on an ongoing basis to identify potential malicious behaviour that could compromise digital banking systems. This continuous verification enhances visibility into potential threats and facilitates compliance with regulatory standards.

To further reinforce security, mutual transport layer security (TLS) can be implemented as a core design principle, enabling secure authentication with third-party entities over the internet. By adopting such measures, digital banks can build a resilient security foundation that safeguards against evolving threats whilst preserving customer trust and operational integrity.

The example of Salt Bank

Salt Bank is a next-generation digital bank launched in Romania. It serves as a good example of a financial institution that embedded security into its digital banking platform from the start. Salt Bank was built and launched in under 12 months, showcasing the power of an approach to innovation that heavily relies on security.

Salt Bank implemented a range of advanced security measures, including zero trust architecture, threat modelling, cloud security posture management, and automated security operations, guided by this security-by-design philosophy. These tools helped the bank implement a strong defence against cyber threats whilst still focusing on improving customer experience.

Central to Salt Bank’s strategy was Engine by Starling, a SaaS platform designed specifically for digital banking, paired with Palo Alto Networks’ Prisma Cloud. Prisma Cloud played a key role in securing the bank’s cloud infrastructure, offering capabilities such as misconfiguration monitoring, risk detection, remediation and compliance management. Together, these technologies provide a unified and efficient approach to managing security in a complex cloud environment.

The future of modern banking is all about security

As digital transformation accelerates across the financial sector, companies must keep security at the top of their agenda. Whilst innovating is key to keeping up with evolving trends and changing customer expectations, it can’t be done without prioritising security. If security isn’t embedded in every layer of an organisation’s digital infrastructure, vulnerabilities may be introduced within the system and easily exploited by malicious actors. And once cyber attackers are in the system, everyone knows it can lead to chaos.

But security isn’t just for defensive purposes, it’s also a strategic advantage. In a climate of growing digital distrust, the most secure bank doesn’t just win compliance, it also wins customers. By choosing to turn advanced security into a visible product feature, not just an internal practice, banks can build marketable trust and differentiate from fintech challengers who may cut corners in pursuit of speed.

Continue Reading

Business

Why heat pumps are the future of heating and cooling

Drew Tozer

We live in a technologically advanced world with artificial intelligence, electric cars, and advancing space travel.

But our primary strategy for heating homes is still “burning stuff”.

We pump gas, propane, or oil into a traditional furnace and light the fuel on fire to keep houses warm. It’s an archaic solution—like sending a fax instead of an email.

Furnaces are popular because the majority of HVAC is replaced in emergency “no heat” situations. The default option becomes a like-for-like replacement (swapping an old furnace for a new furnace) because it’s quick and easy.

HVAC is a top 5 most expensive purchase that a homeowner will make in their lifetime, and we rush the decision by ignoring equipment until it breaks.

Choosing the right HVAC system is an opportunity to improve homes. HVAC is the biggest factor for indoor comfort and air quality, and the chance to pick the right system only comes around every 15 to 20 years.

Heat pumps operate like two-way air conditioners. In the winter, they take heat (energy) from the outside air and use it to heat homes.

So, what makes heat pumps the right decision?

Because electric products are just… better

Consumer experiences matter, and electric products create better experiences. The quality of electric appliances (like heat pumps, electric vehicles, induction cooking, and electric yard tools) surpassed gas alternatives in recent years.

For now, there continues to be a place for gas appliances in niche situations. But the overwhelming consensus is that electric products are better than gas products

A few examples:

  1. Oversized furnaces are the primary cause of comfort issues. Heat pumps are the direct solution—they can be properly sized to match the heating and cooling needs of a house, improving comfort and eliminating hot and cold rooms.
  2. EVs are more fun to drive, while being quicker, quieter, more convenient, and lower maintenance. The stress of “range anxiety” has largely disappeared with better infrastructure and battery performance.
  3. Electric yard tools are quieter, safer, and lower maintenance than gas tools.
  4. Gas stoves increase the risk of asthma in children. Induction is safer and healthier while offering similar control and faster boiling times.

The performance gap of electric over gas is growing. Every generation of electric products takes a leap forward while gas appliances stay largely the same.

Over the last decade, gas furnaces have increased from 90% to 97% efficiency. That’s the only change.

By comparison, cold climate heat pumps achieve efficiency ratings above 300% by moving heat instead of burning fuel to create heat. Heat pumps continue to improve, both in efficiency, reliability, and cold weather performance. They’re a proven success in cold climates like Canada, Sweden, Denmark, and Norway.

Heat pumps can also be sized to provide the right amount of heating and cooling at any given time, and the lack of combustion eliminates the risk of carbon monoxide poisoning, gas leaks, and explosions.

A sustainable world is an electric world

The cost of ignoring climate change continues to grow.

There’s no way around it. Ignoring climate change won’t solve it.

The frequency and severity of wildfires in North America are a key example. Large parts of the US are becoming uninsurable as the damage risk becomes untenable for banks and insurance companies.

These aren’t political choices, it’s the free market working: climate change is bad for business.

When we choose to not take action, it increases pain and suffering without decreasing the economic burden. We’ll have to implement the same solutions, but we’ll have to pay more to rebuild and replace more infrastructure and homes along the way.

Delaying action is the more expensive choice.

Heat pumps are part of the solution because they create a path to sustainable heating. They can be powered by renewables, either on-site or within grids.

We have access to the cheapest source of electricity in human history: solar. We choose not to embrace and scale renewables for political reasons. It’s a people problem, not a technical one.

We’re fortunate that the sustainable option (heat pumps) is also the choice that improves the comfort, health, and safety of homes.

Energy (in)dependence matters

Heat pumps and renewables allow homeowners and countries to heat and power their homes with local energy. It makes homes and communities resilient against geopolitics and global energy costs.

A house can be entirely energy independent by combining a heat pump and electric appliances with rooftop solar and battery storage.

Conversely, you can’t extract and refine oil in your backyard. If you rely on combustion heating, then you’re dependent on the person or country that supplies your oil and gas. A situation that played out with Europe’s reliance on Russian gas.

In the tenuous landscape of global politics, energy dependence is a risk.

Heat pumps are the future of heating and cooling because they create a path to sustainable heating powered by renewables. They create comfortable, healthy, sustainable homes that benefit from energy independence and improve consumer experiences.

Continue Reading

Copyright © 2021 Futures Parity.