Learnings from implementing Generative AI pilots

Generative AI (GenAI) has created a huge buzz throughout banking. Each and every person in technology wants to be associated with GenAI projects in some shape or form. In my current role, I implement innovative solutions from Genpact’s technology ecosystem across our banking client operations. ?

Having done several real Generative AI deployments over the last few months, there are some key learnings which banks should consider when planning an implementation:

1.?????? Align on GenAI strategy & Risk Mitigation with Client Leadership: Nowadays, GenAI strategy is on the minds of most senior banking executives. They are keen to see how different GenAI use cases can modernize everyday banking operations. In most cases, they recognize that the fastest way to test concepts is through collaboration with the right technology partners. One of the greatest challenges which I have experienced in our GenAI deployments is in ensuring that clients, operations teams and tech partners are all clear on the scope and goals of a deployment and stay aligned. This is crucial to enable projects to get off the ground and be successful. Defining, well-articulated processes – and regular tracking is needed by most projects, but given the novelty and perceived risk of GenAI, it is more important than ever.

?

It goes without saying that client permissions are required to access any data needed by a Generative AI algorithm. In my experience, clearly explaining GenAI algorithms, risk mitigation and projected benefits to client leadership – and sustaining that engagement, is critical to gain and retain the alignment of Infosec, Compliance and Legal. Project teams need to ensure, in particular, that they articulate the risk mitigations being used. For example, a private cloud may be set up for each client POC so there is no chance of data rigging in any shape or form. In addition, separate commissioning of instances and servers for each POC is usually required. The continual reinforcement of the GenAI strategy and reassurance of the risk mitigations will enable a project to deploy smoothly.?

?

2.?????? Understand the different data rules of each region: I have implemented Tone of Voice Generative AI solution across different regions – including the Philippines, Guatemala and Oregon in the US. It was critical to ensure that different types of data (PII and non-PII) be treated in the specific manners prescribed in local data privacy laws. It is easy to underestimate the complexity of these requirements, specifically for GenAI projects. Client consent along with abiding by local data privacy laws of a region is extremely nuanced and has a long-drawn process to ensure that no individual data in whatsoever shape or form can be misconstrued or misused by any rogue actor in the process. For example, in the Philippines, data privacy laws require companies to register through a form when call data is used for any AI programs. In Guatemala and the US, it is required to have explicit consent each time from every caller if their data is being used, even if it is for their benefit. ?

?

3.?????? Legal Agreements & Documentation for GenAI programs: Data processing includes any operation in which data is collected, translated, communicated, and/or classified to produce meaningful information. When clients hire third parties to process and analyze their customers’ personal data, it usually necessitates a Data Processing Agreement (DPA). To implement data sanity at every possible level of a Generative AI project, it is critical to have signed DPAs. They define who is the controller and the processor of customer data and to what extent each party involved can use the same for the benefit of the end client. DPAs need to be implemented for GDPR compliance but even in non-GDPR scenarios DPAs play a very important role. In my experience, these should be agreed and signed before any Generative AI deployment begins to avoid delays later.

?

4.?????? Size of data sets vs. processing capacity of Cloud infrastructure: As a general rule, when we input data to a given GenAI algorithm, more is better. However, that comes with its own set of challenges. The GenAI deployments I have worked on often received permissions to get year-long data sets. We took time to ensure that the infrastructure that had been rationed for our algorithm to start was sufficient to use the entire data set. It is critical to do this at the outset. If this isn’t done, it would require more business approvals during an inflight project to increase infra capacity - which would likely affect project timelines. Project teams would need to calculate the incremental benefit of putting more data into an algorithm vs the time lost in redoing the infra requirements along with obtaining business approvals to add infra capacity. It may be hard to make this stack up, so it is best avoided with good planning at the outset.

Generative AI is going to change how we work in everyday banking operations. These are just a few lessons – and there will be much more to learn. As the industry starts to understand the capabilities and pitfalls of GenAI deployment, it is imperative to gain knowledge by doing – through the hands on implementation of GenAI POCs and by gaining technical expertise paired with the understanding of optimal infrastructure.