One key area of focus for regulatory agencies such as the SEC and FINRA is the responsible use of adopted technology, in particular, Artificial Intelligence (AI). AI is accelerating productivity across the industry with firms implementing AI tools to manage and automate tasks. However, it is critical that firms pair its use with stringent and tailored policies and governance.
Jacko Law Group has a range of posts and articles on Artificial Intelligence and provides practical tips for requirements and guidelines from regulatory authorities.
This blog post delves deeper to discuss the risks and mitigation tools of AI integration in four areas of operation: marketing, client communications, portfolio management and investment research.
1. AI in Marketing
Firms marketing practices are held to strict regulatory obligations because the potential for harm to investors through misrepresentation or misleading information is exponential. SEC Marketing Rule 206(4)¹ and FINRA Rule 2210² pursuant to clear parameters are provided around how a firm may market compliantly, such as substantiating performance claims, providing necessary disclosures for testimonials and endorsements, and avoiding misleading statements.
However, the integration of AI into marketing activities inadvertently makes violations to the Marketing rule possible in new ways, including AI hallucinations and exaggerated claims. Internal controls should also address protection of a client’s personally identifiable information in order to avoid violations of Regulation SP.
Best Practices for Mitigating AI-related Violations in Marketing
To reduce the risk of AI-related marketing violations, it is important to have strong human oversight. Every piece of AI-generated content should be reviewed and approved before it goes out, using clear and consistent review processes across the firm. Facts must be verified, and any claims must be substantiated. This ensures that messaging is transparent, accurate and supported.
In addition, it is important to maintain detailed records of AI activity, including prompts, outputs, and marketing strategy decisions. This not only supports transparency but also makes regulatory examinations much smoother.³
Finally, protecting client data is critical. Avoid using non-public client information without explicit approval and rely on anonymized data whenever possible to safeguard privacy.
2. AI in Client Communications
Client Communications is a vital part of the adviser-investor relationship. Correspondence beyond check-ins can range from drafting meeting summaries, follow-up emails and portfolio reports or updates, generating reminders, alerts or meeting agendas.
AI can also be used for re-wording complex financial information into more lay-friendly language to assist with explaining decisions or strategies to clients.
Firms in the financial industry have integrated AI to manage and automate more client communications however, with AI capabilities comes AI risks, which are even more impactful when it comes to clients.
RIAs, BDs, PF managers and others in a financial advisory role have a fiduciary duty to protect their clients. Mitigating accidental leaks of personally identifiable client information into public airways can occur if communications are not run through a closed system, thus, taking precautions and training staff is critical.
Best Practices for Mitigating AI-Related Risks in Client Communication
Every use of AI should be mapped to internal controls including policies and procedures.
All client marketing collateral generated by AI should be reviewed and approved by Compliance before it is sent out. This is especially important for sensitive content like performance updates, market outlooks, or recommendations to ensure the AI generated information is accurate.
All outputs should be fact-checked against firm-approved data to avoid errors like incorrect fund names or performance figures.
Safeguard confidential client information by never inputting confidential information into AI platforms without secure, compliant processes. Maintain thorough documentation and audit trails of all AI-assisted communications, including prompts, iterations, and reviewer approvals, to support compliance and regulatory examinations.
Additionally, it is important to continuously train AI models to reflect updated regulatory guidance and firm policies, incorporating feedback from compliance reviews. Ensure messaging is consistent, unbiased and remains professional and inclusive across all channels. Run scenario testing to identify potential misstatements before they reach clients.
3. AI in Trading Strategies & Investment Research
AI tools are increasingly being used to support trading strategies and investment research across the industry. These tools can analyze vast amounts of data quickly, pinpoint market patterns, identify anomalies and predict scenarios based on the information analyzed.
However, using AI in this capacity carries significant risk. For one, output greatly depends on input. If the data has errors, or biases, the output will reflect that. In addition, AI-generated recommendations may fail to account for client investment profiles and objectives which can lead to investor harm if the recommendations do not align with the client’s objectives or capabilities.
Best Practices for Mitigating AI-Related Violations in Research and Investment Strategies
Risks associated with flawed AI output can lead to potential breach of fiduciary duty ) and/or Regulation Best Interest⁴.
The strongest line of defense is governance and human oversight. Firms should prioritize governance protocols to ensure that all data input and output undergoes review before any information is shared with clients.
Firms should perform regular testing, bias reviews and maintain comprehensive documentation that demonstrates how AI tools are used and steps taken to make sure the output is accurate.
4. AI in Portfolio Management
AI tools can help make portfolio management efficient. It can run fast and expansive risk monitoring, liquidity forecasts, identify tax opportunities, suggest strategies and optimize asset allocation. However, predictive AI may be one of the most vulnerable tools in the finance industry as its capacity for fast and vast data processing makes it especially prone to potential errors.
Failure to disclose how AI is being used (or overstate its use) can lead to breach of fiduciary duty for RIAs, moreover if the recommendations driven by AI analytics are not aligned with client investment profile. This can create unsuitable allocations, or lead to misleading advice.
Across firm types, failure to supervise, document the process or maintain consistency can result in compliance deficiencies and violations.
Best Practices for Mitigating AI-Related Violations in Portfolio Management
Human oversight and strong supervisory protocols are extremely important when using AI for portfolio management.
All AI-generated output related to portfolio management should be reviewed before implementation. Firms should perform ongoing AI model testing to ensure information is pulled from accurate data, that client information is protected, and ensure that AI hallucinations or biases are addressed.
In addition, firms should provide comprehensive disclosures to clients about their AI use. Ongoing training should also be performed to make sure all teams are working together to meet operational and regulatory obligations.
AI implementation is expanding exponentially, leaving firms who do not adapt competitively vulnerable. It offers speed and efficiency, providing an opportunity for financial services providers to serve their clients better.
Firms who take steps to manage the potential risks of using AI tools by establishing a strong governance framework and human oversight can reap the benefits while protecting their clients and upholding regulatory obligations.
To review AI implementation in your firm and identify any areas of risk, please contact us at 619.298.2880 or email
[email protected].
¹
https://www.sec.gov/newsroom/press-releases/2020-334
²
https://www.finra.org/rules-guidance/rulebooks/finra-rules/2210
³
https://www.sec.gov/files/investment/pfa-vacatur-reverted-rule-text.pdf
⁴
https://www.finra.org/rules-guidance/notices/24-09 
