Regulatory compliance for responsible innovation in the Age of AI

Regulations and regulatory compliance are not currently topics that AI innovators look forward to waking up to each day with their highest spirits :-) Compliance tax, burden, red tape, and innovation inhibitors are some of the terms used commonly by AI innovators to describe their sentiments for the growing regulations and regulatory compliance requirements. Yet, regulations are joined at the hip with AI innovation, and non-compliance with regulatory requirements will gate the velocity and reach of AI innovation. The labyrinth of current and evolving regulations, the legal vocabulary used to describe their requirements, and the high-stake penalties for non-compliance, collectively rationalize the draining sentiments on the surface. There is, however, a deeper perspective, one when seen through a wider lens of societal contexts that matter to each of us as people, can raise our thoughts and actions to a higher plane for the intents that regulations seek to serve and uphold in the age of AI.

It starts with a shared purpose for AI innovation. AI innovation serves societal good. People form societies. Societies are housed in environments. People, societies, and environments connect, collaborate, and transact for the greater good in shaping welfare and economies, with trust as the shared foundation. AI innovation can scale people, societies, and environments for the greater good in ways yet to be achieved. To achieve such, AI must be trustworthy. The shared intent of the emerging regulations and regulatory requirements for the age of AI is to scale trustworthy AI innovation.

What constitutes trustworthy AI innovation? Interpreting the law bound requirements of fast emerging regulations to form an understanding of AI trustworthiness can feel daunting and disconnected from growing innovation. Reasoning instead with a relatable societal lens can help create clarity and generate energy for a greater and aligned purpose, resulting in forethought for trustworthy AI innovation, responsible actions that are natural, and compliance with regulations as a seamless outcome. Let’s consider a few everyday contexts for such reasoning, first and foremost as responsible people.

• Would we board a flight if the pilot and the copilot were not trained and certified to fly commercial aircrafts? Regulations for contextual training of AI models foster similar standards and trust.
• Would we repeatedly eat at our favorite restaurant if we did not trust that the ingredients used were safe and of high quality? Regulations for the governance of data used to train AI models foster similar trust.
• Would we accept a credit card statement without a listing of transactions (or) with fraudulent transactions? Regulations for auditing and reporting foster similar visibility.
• Would we approve recommendations for a vehicle service without an understanding of the work to be performed and the vehicle parts affected? Regulations for model interpretability and explainability foster similar transparency.
• Would we accept inappropriate digital content being served to our children (or) ignore harmful fake content featuring us or a loved one? Regulations for digital safety aim to prevent such mishaps from occurring.
• Would we accept distribution and use of our personal data for unauthorized purposes? Privacy regulations aim to safeguard us from such by placing us in control of our data.
• Would we accept being discriminated against at a critical life juncture due to our diversity? Regulations to guardrail against bias in AI systems exist to prevent such.
• Would we accept risks that compromise our safety in the digital experiences we consume and rely on? Cybersecurity regulations safeguard us from safety risks.
• Would we consciously purchase and use products that negatively impact our environmental sustainability over eco-friendly product options? ESG regulations hold product manufacturers accountable to environmental sustainability.

Similar reasoning as above can also be applied to everyday professional contexts. If trust is severely compromised in our everyday contexts, we are likely to disassociate ourselves from the brand(s) in context and seek measures to defend our rights. We expect our everyday brands to be trustworthy in their intents and their actions. As AI users, we should expect greater from the AI innovators shaping our future and the future of the brands we rely upon, at far greater scale. The AI innovators amongst us must energize for trustworthy innovation. Regulations and regulatory requirements provide us with the frameworks and the guidance to innovate responsibly and establish durable trust in the age of AI.

Navigating compliance with regulations can be complex on the surface. Reading and interpreting the language of law used to define regulatory requirements can be daunting and draining amidst the furor to innovate with AI. When distilled to the essence, the requirements are largely what one would view as common sense essentials for a trustworthy product (or) service. Prioritizing forethought and proactive action to address regulatory requirements is a discipline to energize for, not by viewing as compliance tax, but as value created for customers, the brand(s) we represent, and the purpose(s) we serve.

In my next post, I will unpack the essence of the top line global regulations and regulatory requirements for the trust domains of responsible AI, privacy, cybersecurity, and digital safety. For now, let's try to think about and approach regulations as "Regulatory compliance for responsible innovation in the age of AI", and not as a mutually exclusive "Regulatory compliance or innovation" choice that we need to make :-)

If you are a Microsoft customer and would like to learn more about how we are scaling our internal regulatory governance and compliance practices for global regulations to deliver trustworthy products for innovation in the age of AI, reach out to your Microsoft account director to schedule a session with our regulatory governance team. We would welcome and be happy to share our applied practices and learnings with you, as well as learn from you. If you are currently not a Microsoft customer and would like to learn more, direct message me here on LinkedIn and we can figure out path to do a sharing session.

As always, all thoughts and feedback are welcome and much appreciated. You can share them as comments, and I will address all clarifications.