AI and SEC Exams – Fred Teufel and CJ Schaible Insights
Vigilant Insights
Introduction
Artificial Intelligence (“AI”) and Cybersecurity are major areas of focus for the SEC.
Registered Investment Advisers (“RIAs”) could be expected to discuss their policies and procedures related to the use of AI at their Firm.
It is important that RIAs take the time to ensure that the technology that enables their policies and procedures meets the overarching fiduciary expectations established by the Investment Advisers Act of 1940.
Our Director, Fred Teufel, and Vice President of Sales and Business Development, CJ Schaible, were quoted in a recent Ignites article about the topic.
Fred Teufel and CJ Schaible Insights
The article highlights a recent AI Sweep Exam Letter that asks about information to be provided about AI supervision. It may not be a coincidence that the SEC’s sweep comes shortly after they proposed new rules that would require Broker Dealers and Investment Advisers to take certain steps to address conflicts of interest associated with their use of predictive data analytics and similar technologies to interact with investors to prevent firms from placing their interests ahead of investors’ interests.
Looking forward, CJ notes that this AI Sweep could hint that the SEC may increase their focus on AI. There is a potential for SEC sweeps heading into 2024, when considering the enforcement priorities from 2023, CJ said.
When the SEC is investigating this topic, Fred Teufel explains what they are most likely looking for. Any technology used for portfolio management or investor decision making will be assessed to determine if any inherent bias in the programming creates conflicts of interest for the firm. Fred notes that at this time, most RIAs do not use AI per se for portfolio management but that most firm’s use devices that would be considered covered technologies and/or produce information that might create the appearance of a conflict of interest.
In future Examinations, Adviser’s will need to demonstrate an understanding of what goes on “behind the scenes” and that they have evaluated the inputs and IT processes to ensure that they do not create in an intentional or unintentional conflict of interest.
Vigilant’s Conclusion
AI and Cybersecurity are expected to remain a major focus for the SEC heading into 2024.
It is important that your policies and procedures address the use of technology, especially AI, and identify, evaluate, and potentially eliminate any inherent bias or conflicts of interest that could exist in the inputs or algorithms that are currently being used or in machine learning models that will be used in the future.
The contractual agreements you have with technology vendors may also come under scrutiny, so we remind Firms that of their due diligence requirements.
There must be written agreements to meet compliance standards. As this technology emerges, we suggest Firms perform a gap analysis to ensure that their policies and procedures meet industry standards.
Reach out to Vigilant today if we can be of any assistance.