• Leverage AI and use client communication platforms that are smartphone-based to lock in clients and streamline secure customer interactions. • Use AI to screen for problems and opportunities across client portfolios — see around corners so your financial advisors do not need to. Step 5: Strategy Is AI and AI Is Strategy What was bank strategy just a few years ago? Control costs? Try to gather assets? Acquire or be acquired? Soon, strategy is AI and AI is strategy. AI can control costs, gather assets and perhaps make your bank the acquirer instead of the acquired ... • AI can control costs in myriad ways. • As previously mentioned, AI can help gather assets more efficiently. • AI can not only be part of your strategy, but it can also help guide your strategy. It’s that good now. • You need a 24/7 strategy and AI is the answer: cybersecurity, customer service and fraud monitoring. Safety and Security First Before I talk about implementation, I will talk about safety and security first. Management, the board of your bank, and especially the risk and compliance committee will want to make sure anything you do with AI will not put the bank at risk, from a regulatory, reputational or stakeholder standpoint. To do this right, you need four pillars: governance, risk, compliance and cybersecurity. The term I have coined goes beyond AI trust and safety: AI GRCC. • Governance determines what core and other data the AI can use, what AI is and is not allowed to do, what AI models can be used, and who at your bank can do what with AI. Actively choose these items; do not let them happen to you. No governance means AI can read the CEO’s emails. That would not be good. • Risk management focuses controlling both the novel risks of AI, like the AI providing wrong answers or spouting toxic language, as well as existing risk management tools applied to AI — encrypting everything in motion and at rest, as well as sensitive data before it goes to AI, like personal or personal health information. • Compliance will go from easy to hard over the next few years as the regulators catch up with the technology. Right now, it is imperative to align with existing compliance rules for AI and learn how “model risk management” applies. I strongly suggest following the NIST AI Risk Management Framework as well. That guideline is currently acting as a “safe harbor” from upcoming AI rules in certain states, such as Colorado. • Cybersecurity is going to get tougher with the adoption of AI — by the bad guys. You will need to fight AI with AI, or you will lose the battle. While many banks are already screening emails with AI tools for malicious intent, the newer, more complex task is spotting attacks on AI itself, to prevent manipulation of the AI or data exfiltration. Implementation Of course, everything previously stated is nice, but without a team of AI experts like the largest banks have at their disposal, this sounds difficult. Buying a few AI “apps” or using SaaS tools probably only covers a couple of the bases. I recommend private cloud deployment of private AI and tools, surrounded by the AI GRCC layer just described. Buy it, don’t build it. Customization Every bank is different. If you think you can take a copilot built for any company in the world out of the box and have it solve your problems, it will not. While an AI GRCC layer and a number of bank-specific AI tools are a great starting point, you will almost certainly need help and customization across a number of areas: • Data needs to be connected to your AI: core data, your CRM, other APIs and databases. • Agents, or custom AI tools, need to be created that align with what your bank’s processes need. • Workflows combined with agentic AI will change the world — doing the repetitive work that AI is great at, and humans find boring. Mark Twain said, “The secret of getting ahead is getting started.” Start your AI journey soon. It is easy to be paralyzed with “where do we start” or “we need to fix ______ first.” Don’t be. You can start using AI anytime, no matter the shape of your technology stack. In my opinion, it is more important to bring your people along than to get your IT ready. Of course, I could be wrong. Maybe AI is a fad (like the internet was). Colorado Banker 8
RkJQdWJsaXNoZXIy MTg3NDExNQ==