AI in Asset Management: Key Legal & Regulatory Essentials

Artificial intelligence is reshaping research, trading, risk, distribution, and operations in asset management. Our white paper, “Legal and Regulatory Considerations for AI in Asset Management,” offers a practical roadmap to address fiduciary, regulatory, contractual, and operational risks. Below are concise takeaways for implementing AI responsibly at scale.

Core Legal and Compliance Themes

AI implicates traditional duties in new ways. Align governance, controls, and disclosures to the use case, data, and applicable regimes.

• Fiduciary duties: Diligence and supervise AI tools and providers; tailor oversight and make clear, accurate disclosures.
• Data governance: Know what data is retained, where, for how long, and why; ensure compliance with recordkeeping and handling of sensitive datasets, including MNPI.
• Privacy and cybersecurity: Consider GDPR, CCPA, Reg S-P, cross-border transfers, vendor security, and consent-to-record alongside enterprise standards and contracts.
• Records and discovery: Anticipate that AI outputs may be records subject to adviser obligations and discoverable; design preservation and search protocols accordingly.
• Confidentiality, privilege, and IP: Mitigate privilege waiver and IP risks with contractual and technical controls, including use restrictions and verification of safeguards.
• Marketing: Avoid “AI-washing”; ensure descriptions are precise, consistent, and substantiated.

Building a Scalable AI Control Framework

Adopt fit-for-purpose policies, contracts, and controls that evolve with use cases.

• Policy and approvals: Define permitted use cases, require pre-approval and ongoing review, and mandate human verification of critical outputs. Tailor by function.
• Vendors and contracts: Diligence providers (including embedded AI), and include compliance, data protection, audit/transparency, incident reporting, and exit rights.
• Data and access: Map data flows and segregate sensitive datasets.
• Testing and documentation: Test for accuracy, bias, and drift; maintain documentation to evidence oversight.
• Disclosure: Align disclosures to AI use, conflicts, and expense allocation; ensure statements match practice and controls.
• Training: Train personnel on the adopted framework and ensure compliance with framework.

Broader Market and Ecosystem Implications

AI adoption will continue to reshape supervisory expectations, operating models, talent, and competitive dynamics across the ecosystem.

Further information

Integrating AI presents opportunities alongside heightened legal and operational complexity. For practical checklists and deeper analysis, see our white paper, “Legal and Regulatory Considerations for AI in Asset Management.”