Business Wire
Recent Smarsh compliance industry survey reveals a thoughtful approach to AI adoption, with AI governance and risk management use cases topping financial firms’ priorities for 2025
Today, Smarsh, the global leader in communications data and intelligence, published the results of its 2025 Communications Compliance Survey, revealing financial services firms’ top priorities as they balance the potential opportunity of artificial intelligence (AI) with uncertain regulatory requirements and risk management objectives in the year ahead.
The survey, conducted in October 2024, found that while 79% of firms view AI as critical to the sector’s future and 81% of large firms feel pressured to adopt AI to stay competitive, only 32% have formal AI governance programs in place today. Cases of ‘shadow AI,’ where AI infiltrates an organization through un-sanctioned employee use, emphasize the need for firms to continue building the guardrails in 2025 to harness AI, while implementing the controls to mitigate the operational, compliance and reputational risks.
“Financial services firms are navigating an increasingly complex landscape,” said Neva DePalma, General Counsel at Smarsh. “While regulation often lags innovation, the absence of established AI governance poses significant risks. At Smarsh, we are committed to partnering with our customers to help them utilize the transformative potential of AI responsibly, without compromising their data security and IP. We believe in responsible AI that can deliver immense business value and enhanced productivity, while simultaneously preserving the integrity of the firms that leverage it and the entire financial system.”
Read More : Navigating the Future: Key IT Trends in Financial Services
With the recent passing of the EU AI Act and uncertainty around US regulations under the incoming presidential administration, 32% of firms using GenAI expect regulatory ambiguity to impact their compliance objectives in 2025. Another 22% acknowledge GenAI will make regulatory compliance more complex due to the features embedded into approved firm communication tools. With this in mind, 33% of firms plan to continue restricting GenAI use entirely in 2025, while the vast majority expect to pursue GenAI adoption around specific use cases, where risks are known and controllable. Additional key findings from the research include:
- AI-Related Risks: Exposure of proprietary information to AI systems (45%) and AI-powered cyber threats (44%) were identified as the top concerns, followed by AI model risk (11%).
- AI for Compliance: Despite the risks, the majority (67%) of firms aim to leverage GenAI in 2025. Executive leadership teams have prioritized improved risk management and compliance efficiency as a top use case, second only to employee productivity. Of the risk and compliance use cases, automation of document search and retrieval is the highest priority (36%), followed by communications surveillance (31%).
- Top Use Cases: Beyond compliance efficiencies, organizations are increasingly interested in utilizing AI for proactive outcomes, including uncovering revenue opportunities (18%), insider threat detection (16%), and monitoring for violations of HR policies (7%).
While respondents recognize the potential that comes with adopting new technologies like GenAI, they also express concern.
The survey also revealed other persistent risk management challenges, with cybersecurity and off-channel communications cited as major concerns. Roughly 42% of respondents report cybersecurity as a primary concern, while 29% express significant worry over off-channel communications.
“As we look ahead to 2025, off-channel communications, AI-driven risk, and cybersecurity are emerging as the top compliance priorities,” said Sheldon Cummings, President of Corporate Business, Smarsh. “Firms must proactively establish guardrails, leverage advanced technologies for risk detection and management, and create a culture of vigilance and understanding to stay ahead of these challenges.”
While 66% of firms permit text messaging for business, up from 47% in 2023, only 16% allow WhatsApp, on par with 17% that permitted use of WhatsApp in 2023. These low authorization rates suggest firms may be creating compliance blind spots by restricting widely-used communication tools, potentially driving business conversations underground rather than bringing them into monitored channels.
Read More : Global Fintech Series Interview with Tanya Thomas, EVP for EMEA, Q4
[To share your insights with us, please write to psen@itechseries.com ]
