AI Governance for Fund Managers: Why Policy Can’t Wait
AI Governance for Fund Managers: Why Policy Can’t Wait
https://www.cbiz.com/insights/article/ai-governance-for-fund-managers-why-policy-cant-wait
Publish Date: 2026-05-26 13:13:00
Source Domain: www.cbiz.com
-
AI Integration in Asset Management:
AI tools are deeply embedded in nearly every operational workflow of asset management, raising the necessity for a formal AI policy as part of an AI governance program. Regulators expect firms to maintain oversight structures addressing data privacy, model risk, and information security. -
Importance of AI Policy:
An AI policy is a best practice demonstrated by good governance. For registered Investment Advisers (RIAs), it is also a regulatory requirement under Rule 206(4)-7 of the Investment Advisers Act. Even Exempt Reporting Advisers (ERAs) benefit from having a documented policy as a risk management tool. -
Limitations of Generic AI Policies:
Most generic AI policies lack specificity and fail to directly address day-to-day operational implementation. Off-the-shelf templates often provide vague statements that don’t fit the unique needs of each firm. -
Critical Components of an Effective AI Policy:
An effective AI policy should include a comprehensive tool inventory and approval process, clearly defined permitted and prohibited uses, human review requirements, accurate disclosure controls, vendor due diligence, recordkeeping protocols, and thorough training for employees. -
Starting the Process:
Initiate by taking an inventory of current AI usage, identify gaps between current use and policies, and develop a policy that defines approved tools, prohibited uses, and other essential components. Regular policy reviews are necessary to keep up with evolving AI tools, risks, and regulations. -
Consultation with Legal Counsel:
For legal implications and to ensure compliance with laws such as the EU AI Act and Colorado’s AI Act, firms should consult qualified legal counsel for the development of AI policies and practices. -
Holistic AI Governance Approach:
An AI policy must be part of a broader AI governance program that includes compliance with international frameworks, including the NIST AI Risk Management Framework and ISO 42001, and addresses the fast-evolving landscape of AI technology and regulatory expectations.
