Main Content

Casebook Read Credits
Corporate Risk and Compliance: Theory and Practice
Section 10 . 2 . 1

Objectives and Discussion Questions

Kim Otte

AI will impact the profession of compliance. It will not only introduce new ways of working. It will introduce a new risk area for the business that requires controls and governance.

The September 2024 DOJ Guidelines for an effective compliance program added this:

Management of Emerging Risks to Ensure Compliance with Applicable Law – Does the company have a process for identifying and managing emerging internal U.S. Department of Justice Criminal Division Evaluation of Corporate Compliance Programs (Updated September 2024) 4 external risks that could potentially impact the company’s ability to comply with the law, including risks related to the use of new technologies? How does the company assess the potential impact of new technologies, such as artificial intelligence (AI)4 , on its ability to comply with criminal laws? Is management of risks related to use of AI and other new technologies integrated into broader enterprise risk management (ERM) strategies? What is the company’s approach to governance regarding the use of new technologies such as AI in its commercial business and in its compliance program? How is the company curbing any potential negative or unintended consequences resulting from the use of technologies, both in its commercial business and in its compliance program? How is the company mitigating the potential for deliberate or reckless misuse of technologies, including by company insiders? To the extent that the company uses AI and similar technologies in its business or as part of its compliance program, are controls in place to monitor and ensure its trustworthiness, reliability, and use in compliance with applicable law and the company’s code of conduct? Do controls exist to ensure that the technology is used only for its intended purposes? What baseline of human decision-making is used to assess AI? How is accountability over use of AI monitored and enforced? How does the company train its employees on the use of emerging technologies such as AI?

These readings consider some of the risks AI may introduce and then turn to early attempts in the law and in industry to manage these risks. 

Discussion Questions:

1. What is the argument against federal or state regulation of AI?

2. How might a seven element compliance program best apply to the risk of AI?

3. Where do you think AI Governance should best "live" in a corporation?

 

This book, and all H2O books, are Creative Commons licensed for sharing and re-use with the exception of certain excerpts. Any excerpts from the Restatements of the Law, Principles of the Law, and the Model Penal Code are copyright by The American Law Institute. Excerpts are reproduced with permission, not as part of a Creative Commons license.