When the U.S. Department of Justice (DOJ) released its revised Evaluation of Corporate Compliance Programs (ECCP) earlier this year, it turned some heads. Tucked into a section on risk assessments was a strongly worded series of questions that appeared to shoulder compliance teams with the responsibility for ensuring the safe use of artificial intelligence tools by their firms.
It was a surprising move, in part because AI is so new. Many in the compliance community believe that the DOJ did this to plant a flag about what the government expects from businesses that use AI–because Congress appears reluctant to pass any law that would set guardrails for businesses to follow.
