Financial planning software experts say practice management tools are increasingly touting AI-powered improvements, and advisors need to have the right knowledge and internal controls to use them properly.
“Customer protection should trump convenience,” Dave Faulkner, founder of financial planning software VibePlan and RazorPlan, said last month at the Canadian Independent Financial Brokers annual virtual conference. “It’s not worth risking your license for a privacy violation to save 15 minutes on email.”
He stressed that from a regulatory perspective, AI is allowed, but human involvement and appropriate guardrails are needed to maintain compliance.
AI chatbot and CIRO rules 3600
Companies using AI chatbots must set up their chatbots in a manner that complies with industry regulations.
Under Regulation 3600 of the Canadian Investment Regulatory Organization (CIRO), digital platforms for real-time or near real-time public communications, including customer-facing AI chatbots, must be held to the same standards of accuracy, fairness, and truthfulness as all other forms of communication.
For example, Faulkner explained that AI chatbots can provide general education and information to customers, such as explaining how a registered account works, but cannot make specific investment recommendations.
Companies can set up closed AI environments where chatbots can only answer client questions using pre-approved training documents, such as market commentary or company-specific libraries.
Faulkner said that after a conversation, these chatbots can flag risky terms like “Bitcoin” or “Profit Guaranteed” for human review, allowing advisors to follow up with clients and provide further education.
Black Box Traps and CSA Staff Notification 11-348
Similar to the requirements for human advisors, the reasoning and data that led to the AI’s decisions must be recorded so that the output can be explained.
According to CSA Staff Notice 11-348, “black box” systems with opaque decision-making processes are inappropriate and fail to establish trust.
“‘I didn’t know that AI suggested it’ is not a defense,” Faulkner said. “You need to be able to explain the logic of your algorithm to regulators. If you don’t, you’re not fulfilling your duty to know your product.”
Advisers must also disclose the scope and depth of their use of AI to clients so that they understand the material risks associated with its use, the staff notice states.
Think carefully before uploading
Clients may be using AI to double-check advisors’ work by uploading account statements to publicly accessible algorithms such as ChatGPT, which could put private information at risk.
“Your client uploaded an investment statement. How do you prove you’re not the cause of the breach?” He pointed out that public AI systems do not promise confidentiality.
So advisors should have conversations about AI safety with their clients, telling them not to upload personal information online, and then documenting it in a memo to protect themselves, Faulkner said.
Another risk to consider is that criminals could use AI to target advisors’ personal financial information.
For example, an advisor might post on LinkedIn about plans to attend an upcoming conference, and a bad actor could use AI to create a fake email that tricks the advisor into uploading receipts or bank account information for refunds.
“The AI is doing spear phishing, and it’s intentional, it’s personal, it’s direct,” Faulkner said. “The next thing I knew, I was behind on my rent payments. [the fraudster created] A one-time website to collect personal banking information. ”
Source link
