This is the 5th blog in a series about Artificial Intelligence (AI) in the context of credit union risk and compliance. This series is designed to provide auditors and compliance professionals with a clear understanding of how AI can be applied and managed within their operations.

Artificial Intelligence (AI) is making its debut in just about every industry. Many credit unions have been using AI-powered technologies for years, such as for loan decisioning and cybersecurity.

However, it’s important to understand the risks of using emerging technologies. Auditors and executives in particular must align about credit union AI risk.

AI risk alignment starts with a simple conversation. Here’s how it can start, for both auditors and executives:

How Auditors Can Begin a Conversation about AI Risk

The easiest way for auditors to begin a conversation about credit union AI risk is through the risk assessment process.

You already send out risk assessment questionnaires that ask business units to self-rate on risk. This is a good opportunity to begin a conversation:

Add an open-ended question about AI. This could cover anything from where they think it could benefit them to what issues they think it brings.

Ask business units to self-rate on AI risk. This could prompt them to evaluate their exposure to AI risks and rate their preparedness to deal with that risk.

Simply by including questions about AI in your risk assessment questionnaires, you’ll get the credit union thinking—and talking—about AI and risk.

However, you may want to push things even further. If so, you could work with risk management to pinpoint where AI is currently being used in the credit union. This will help you understand the scope of AI deployment and find areas that may require closer scrutiny.

Finally, you may want to interview key executives, such as the COO, VP of Operations, or even the CEO. Direct discussions with these leaders can provide valuable insights into the strategic vision for AI, as well as the perceived risks at the executive level.

How Executives Can Begin a Conversation about AI Risk

If you are a credit union executive and you want to be proactive about AI risk, here are a few ways to start that conversation:

Begin a dialogue with audit, compliance, and/or risk teams. Reach out to your internal audit and risk management departments to discuss your AI initiatives. Share your vision for AI implementation and seek their input on potential risks and management controls.

Carefully consider and provide context. Offer a clear overview of the AI technologies being considered or used. List their intended benefits and note any concerns you have. This will help auditors provide more targeted feedback.

Ultimately, setting the credit union’s direction and overall appetite for risk lies with the executive team. Taking the first step and leading that conversation is a good way to get started.

To see where strategy and risk converge with AI, read about the first steps in AI risk and compliance here.

After that, you’ll know whether you’re playing offense, defense, or both.

The Ideal Outcomes of AI Risk Conversations

There are many wins to be had by talking about AI at your credit union. We’ll list a few of them, briefly:

  • Better risk profile. A proactive look at AI risk will limit your overall risk.

  • Action plan. A roadmap for risk mitigation, including controls, monitoring processes, and clear responsibilities for each line of defense.

  • Ongoing dialogue. Opening the door to continued conversation ensures that all stakeholders remain aligned, even as AI technologies and the credit union’s policies evolve.

With AI quickly entering the credit union mainstream, we recommend having these conversations early and often. Good luck!

Next Steps and Takeaways

When working with new AI solutions, it’s important for credit unions to do the following:

    1. Define whether their AI strategy is for offense, defense, or both;
    2. Understand the goals of the AI strategy or solution;
    3. Set intention behind the stated AI strategy or solution; and
    4. Run the AI strategy or solution through this AI Assurance Agenda.


Subscribe now to see further installments of this series on AI and credit union risk and compliance.

If you’d like to see how Redboard can save time and improve visibility and accountability in your audit process, schedule an assessment here.

Posted in: