Navigate the minefields of generative AI

Amassing 1 million users within a week following its launch in November 2022, ChatGPT made its mark as one of the most rapidly adopted emerging technology solutions. Developed by artificial intelligence research company OpenAI, ChatGPT catapulted to infamy for its ability to generate and simulate human conversation as a generative artificial intelligence tool. Generative artificial intelligence (AI) refers to an emerging form of AI that could not only evaluate and operate on existing data but also generate content such as text, imagery and audio for its users. With its capability for unprecedented speed and efficiency in delivering outputs with minimal human direction, it comes as no surprise that generative AI has entered the vocabulary of C-suite executives and boards alike

The most common generative AI solutions can be categorized into five types: content generators, information extractors, smart chatbots, language translators and code generators. Generative AI models are being used across various business functions, from IT, human resources and operations to finance, audit, legal and marketing, bringing an infinite number of advantages just from a user’s prompt alone. It has even broken into the entertainment industry, as demonstrated by the recent development of Malaysia’s first AI-generated radio DJ.[1] From automating routine tasks such as data entry and report generation, it is undeniable that generative AI has redefined the way professionals in the business sphere work.

Generative AI has powered solutions across multiple business functions, allowing businesses to save time and resources through automation. Here are some common and potential use cases for generative AI tools:

• Audit and compliance: Generative AI has fundamentally transformed auditing procedures with its capacity to evaluate huge quantities of data and identify patterns, trends and anomalies that may need deeper scrutiny. This allows auditors to perform more audit procedures on areas identified to be of greatest risk, essentially shifting their focus to providing more value-added and client-facing services, proactive risk management as well as enhancing audit quality.

Generative AI can also be leveraged to evaluate audit engagement independence requirements to help simplify the approval process for certifying independence.

• Finance and operations: Generative AI’s ability to sort through massive volumes of data makes it a useful tool to hasten the contract process by reviewing contracts, highlighting potential conflict of interest clauses and drafting clauses to suit. As for customer support operations, they have become more developed in terms of generative AI interfaces, such as simulating human-like conversations in chatbots and virtual assistants. This further improves the service quality of organizations as personalized assistance and the analysis of consumer sentiment and behaviors become automated.

The AI analysis in financial modeling can be used to simulate financial scenarios and create forecasts on market trends. Using existing datasets that resemble real data, they can generate potential future financial outcomes. Generative AI can also be used to detect fraud by classifying existing data patterns. This enables organizations to make informed decisions and incorporate strategic foresight.

• ESG: Generative AI has helped companies contextualize ESG data and support reporting operations, including creating strong statements that outline their ESG initiatives and performance. This is especially impactful considering that more than one third (38 percent) of CEOs globally struggle to articulate a compelling ESG story. [2]

Sustainability reporting has been mandatory for all publicly listed companies in Malaysia since 2016. Bursa Malaysia has since enhanced sustainability reporting requirements to include climate change-related disclosures that are aligned with Task Force on Climate-related Financial Disclosures (TCFD) recommendations and corporate governance performance. As for greenwashing concerns, generative AI can not only track and report ESG progress but also address the challenges and opportunities in a way that is transparent, thereby retaining the trust of relevant stakeholders.

• Tax and legal: AI provides a competitive advantage with analysis assistance, such as forecasting tax scenario outcomes. It can also enhance the efficacy of data processing on technical issues such as tax legislation and legislative changes to tax laws. For example, generative AI can search for relevant legal citations and case examples, helping to identify reputable sources. This provides greater visibility in tax research and accelerates the decision-making process.

Generative AI can help organizations improve tax transparency by categorizing and validating large volumes of payments.

• Marketing and strategy: From drafting emails and preparing requests for proposals to running competitive analysis and research, generative AI has been heavily used in this function. The tool’s ability to learn the basics of financial due diligence, digest complex content and build strong strategic plans has contributed to the development of more effective marketing campaigns that resonate with targeted stakeholders. This enables organizations to channel their resources into initiatives that will deliver the greatest return on investment.

The opportunities and potential use cases of generative AI continue to be unveiled as the technology evolves. However, it’s important to note that this expanded use across all functions in business also poses risks that organizations need to be aware of.

Depending on the use and implementation of generative AI models, your activities could expose your organization to risks. Generative AI relies on data inputs or parameters to constantly learn and build knowledge. However, that data could also ingest confidential intellectual property, which could be used to respond to another user’s prompt outside the organization, inadvertently running the risk of exposing sensitive, personal and confidential data to the public. This breach will deteriorate trust among customers and wider stakeholders and potentially impact the organization’s bottom line negatively. Hence, an all-encompassing guide to AI security protocols such as access controls, encryption and secure storage is vital to ensure that organizations do not contravene applicable laws (including privacy laws), client agreements or professional standards.

Generative AI has also revealed a concerning level of misinformation that potentially bypasses ethical and compliance regulations. Due to the data input, generative AI could be trained on biased data and untraceable data lineage, which will then perpetuate stereotypes and unintended outcomes. For example, when used for ESG reporting, the data input could instigate systemic and unintentional bias algorithms in quantifying ESG impacts, marking inaccuracies and a lack of transparency in the report. Without human oversight to evaluate the output to help control for bias, this can cause the organization legal and reputational harm. Continuous monitoring efforts of model performance metrics such as interpreting the causes of the AI’s outputs and understanding the overall governance of the algorithm should also be considered for organizations to navigate AI bias.

There are also talent implications in the use of generative AI tools. Professionals need to be aware that they are not just using the solution but are also contributing to this technology’s self-learning evolution. Generative AI may be a game changer for organizations, but human intervention is still required for the unique insights that generative AI alone can’t replicate. The contribution of human intellect provides critical feedback to refine and improve generative AI models over time and ensure the output is accurate, fair and meets the intended goals.

In this context, there is a serious implication to the responsibilities of Chief Information Security Officers (CISOs), where they have to shift from problem solving to problem defining. CISOs will need to create new approaches for teams to work alongside machines to enhance business efficiencies in a way that doesn’t contravene applicable laws or professional standards. As part of their overall generative AI strategy, CISOs should consider having a dedicated team in place for risk evaluation measures as well as incorporating innovation strategies that are sustainable and anchored on ethics.

Generative AI is certainly worth exploring to uncover new ways to help your organization grow. However, it's also clear that its use has many limits and potential pitfalls. To mitigate the risks, organizations should create and implement safe usage guidelines, as this can help ensure the proper and effective use of generative AI applications that will engender trust in employees, their organizations and across external stakeholder groups. With the implementation of a responsible generative AI program, organizations can advance in developing the work processes and procedures surrounding the use of generative AI, thereby accelerating the organization’s value for their stakeholders further.

Optimizing this transformative technology can be crucial for organizations to progress, but it will entail incorporating guardrails prior to implementation to ensure that AI can operate within the boundaries of ethical, regulatory and legal requirements. It will take time and human expertise to unlock the full potential of generative AI in a way that’s responsible, trustworthy and safe. But don’t let this stop us from exploring the possibilities and opportunities just waiting to be unlocked.