Artificial intelligence (AI)

Identify AI risks, opportunities and governance gaps

Monitor and report on AI strategy, usage and business outcomes

Investigate, manage and resolve AI risks/incidents/control weaknesses

"With great power comes great responsibility” & Risk!

Challenge

Regulators, boards and investors are increasingly demanding that firms demonstrate effective AI governance, oversight and control, not just deploying AI tools and technologies.

Implementing and managing effective AI governance is complicated by the rapid pace of technological change, evolving regulatory expectations and uncertainty over what constitutes “good” AI management. However, firms must be able to demonstrate that they have assessed their current AI capabilities, risks and controls, and implemented a structured plan to ensure AI delivers measurable business value.

Maestro-Solutions

There are a range of Ethics and Culture solutions based on your firm’s requirements:

Financial services firms need to draft their own Code of Ethical Conduct, implement it and then monitor the implementation before periodically reviewing and updating it.

The GRC-Maestro Solution for managing a firm’s ethics/culture includes:

  1. Risk Assessment: Identify the ethical conduct risks by business area and/or location.
  2. Implementation Plan: Record how the firm intends to address the ethical risks identified.
  3. Monitoring: Report and report the results of ethics/code of conduct monitoring.
  4. Hotline: Formally record cases reported to the firm’s ethics hotline, maintain a register of issues reported and report on the resolution status.

Financial services firms need to avoid, where possible, conflicts of interest. Where conflicts of interest can’t be avoided then they have to be carefully managed and minimalized (including apparent conflicts of interests).

The identification/management of Conflicts of Interests should be addressed in the firm’s Code of Ethical Conduct.

The GRC-Maestro Solution for managing a firm’s Conflict of Interests includes:

  1. Register: Identify the various Conflicts of Interests within the firm and ensuring this is complete, updated and accurate.
  2. Management: Each Conflict of Interest should be assigned an “owner” who is responsible for managing the Conflict of Interest.
  3. Classification: Each Conflict of Interest should be assessed by the conflict cause, i.e. firm v client, client v client, employee v client or others.

Financial services firms need to ensure that their customers are treated professionally and ethically, whether the firm is producing financial products, selling products to clients or giving financial advice.

The management of Financial Products (production or sale) or Investment Advice should be addressed in the firm’s Code of Ethical Conduct.

The GRC-Maestro Solution for managing a firm’s Financial Products/Investment Advice includes:

  1. Product Due Diligence (Producer): Each product has to be carefully designed to meet a genuine financial requirement and tested to ensure the firm has the expertise/resources to manage it and that it is performing as expected.
  2. Product Due Diligence (Seller): Before selecting products to sell the financial services firm has to conduct through analysis to ensure they are comfortable with both the manufacturer and the product. Once a firm is selling a financial product they need to periodically reassess if it is performing as expected.
  3. Investment Advice: Firms giving investment advice have to perform a detailed “Know Your Client” so they understand the client’s investment requirements so they can recommend the best product(s).

Human Resource (HR) management is a major risk area for financial services firms because it isn’t possible to enforce the firm’s Code of Ethical Conduct if HR isn’t managed ethically.

The management of Human Resources should be addressed in the firm’s Code of Ethical Conduct.

The GRC-Maestro Solution for a firm’s Human Resource management includes:

  1. Recruitment: Each person involved in recruitment has to be familiar with the firms Code of Ethical Conduct, especially the importance of avoiding discrimination of any kind.
  2. Promotions: The basis for promoting employees has to be formally documented and any deviation from this policy has to be justified. Both the promotion methodology and exceptions need to be legally sanctioned.
  3. Bonuses: The basis for calculating bonuses to employees has to be formally documented and any deviation from this policy has to be justified. Both the bonus methodology and exceptions need to be legally sanctioned.

A firm’s Personnel (Employees/Directors) are on the front line of operating a firms Code of Ethical Conduct, making their role critical!

Employees/Directors need to have their conduct clearly defined in the firm’s Code of Ethical Conduct.

The GRC-Maestro Solution for a firm’s Employees/Directors management includes:

  1. Training: All Employees/Directors need to be trained on firms Code of Ethical Conduct when they join and at regular intervals thereafter.
  2. Personal Conduct: Employees/Directors should notify the firm of any personal issues as soon as they become aware of them, including: taking eternal directorships, personal investments, etc.
  3. Ethics Hotline: Ensure Employees/Directors know they can direct questions direct to the Ethics Hotline or contact Legal/Compliance as appropriate.
  4. Employment Practices: Communicate the clear message that the firm does not tolerate unprofessional/unethical behaviour, including all forms of discrimination, harassment, bullying, etc.

Business Sector

GRC-Maestro

Prove Compliance – Evidence your Governance, Risk & Compliance (GRC)

Automate GRC – Run manual checks and processes automatically

Low Cost – Quick and easy to use + low pricing