Executive Summary: FINMA focuses on Governance, Inventory and Risk Classification, Data Quality, Tests & Ongoing Monitoring, Documentation, Explainability and Independent Review. Unique has developed an AI Governance framework with extensive operationalization which covers all of these points. We also have comprehensive systems in place to keep track of our AI use cases and assess their risk (ISO 42001 certified) which includes ensuring high data quality. The definition of performance indicators and the development of systems to allow for continuous monitoring of our applications has also been a central part of our work in the past years. We ensure that our work is extensively documented through both our internal documentation and our public documentation. We ensure explainability by using RAG, offering features like a hallucination score, and having user feedback loops.
More on our operationalization of our AI Governance Principles can be found here.
Background
On December 18, 2024, the Swiss Financial Market Supervisory Authority (FINMA, Swiss regulator for Financial Services) issued Guidance 08/2024, focusing on governance and risk management in the use of artificial intelligence (AI) by financial institutions.
Key aspects of the guidance include:
- Governance and Responsibility: FINMA emphasizes the necessity for centralized governance structures. Institutions should maintain comprehensive inventories of AI applications, clearly define roles and responsibilities, and ensure staff are adequately trained. For outsourced AI solutions, thorough due diligence and explicit contractual agreements regarding liability and responsibility are required.
- Risk Identification and Management: Institutions are expected to proactively identify, assess, manage, and monitor risks associated with AI. This includes addressing operational risks such as model robustness, correctness, explainability, and potential biases, as well as data-related risks like security, quality, and availability. IT and cyber risks, legal and reputational risks, and increasing dependencies on third-party providers are also highlighted.
- Data Quality: Ensuring the completeness, accuracy, and relevance of data used in AI applications is crucial. Institutions should establish internal policies to maintain high data quality and assess the suitability of datasets, especially those from third-party vendors.
- Testing and Monitoring: Regular testing, including stress tests and sensitivity analyses, should be conducted to validate AI functionality. Ongoing monitoring is necessary to detect issues such as "data drift," ensuring the reliability and stability of AI applications over time.
- Transparency and Explainability: Institutions must ensure that AI-driven decisions are understandable and reproducible. This involves documenting data selection processes, model performance, assumptions, limitations, and fallback mechanisms to support transparency and compliance.
FINMA's guidance aims to strengthen the reputation of Switzerland's financial center and assist institutions in safeguarding their business models against risks in a rapidly evolving environment. By investing in clear business strategies, strong risk cultures, robust governance, and proactive risk management, institutions should then be able to better navigate the complexities introduced by AI technologies.
Unique’s Approach
Unique is fully compliant with the most recent FINMA regulations and standards
The expectations laid out by the Swiss Financial Market Supervisory Authority (FINMA), have been at the core of Unique’s work on AI Governance. Not only are we fully compliant with all the most recent regulations on AI, but we also aim to be at the forefront of the development of new standards and regulations. We have obtained the SOC 2 Type 2, ISO 27001 and ISO 9001 certifications and are currently in the process of obtaining ISO 42001 (AI Management System).
Unique is in constant exchange with key stakeholders
Staying in touch with other Financial Service organizations and exchanging best practices is an essential tenant in our AI Governance endeavors. We are a member of the AI Verify Foundation which aims to harness the collective power and contributions of the global open-source community to develop AI testing tools that enable responsible AI. Further, we organize roundtables convening some of the largest private banks (EFG, Julius Bär, LGT, Pictet Group and more) and insurances (e.g. AXA, Zürich) in Switzerland as well as representatives of the State Secretariat for International Finance SIF and SIX Group. A summary of the discussions can be found here. Finally, we are also in exchange with FINMA. Most recently as a participant in their roundtable on AI Governance as a representative of start-ups and the private sector. Through all these engagements we can stay ahead of any legal requirements developed and ensure that we are 100% compliant.
Unique AI Governance Framework nicely aligns with FINMA expectations
Our AI Governance is guided by our framework which covers Accountability, Reliability & Robustness, Explainability & Transparency, Trust and Safety & Security. These principles nicely align with the expectations laid out by FINMA. We have operationalized each principle extensively, which can be seen here.
What does this mean for clients?
Not only are we at the forefront of the development of GenAI including Agentic workflows, but we are also leaders in AI Governance. We are fully compliant with existing regulation, are constantly adapting our governance to the rapidly evolving landscape and we are proactively in exchange with regulatory authorities like FINMA to ensure that we remain at the forefront of any AI Governance developments.
We can therefore support you in implementing GenAI and agentic use cases in a fully compliant manner regarding the FINMA supervisory notice on governance and risk management in the use of artificial intelligence. We can support you on various fronts:
- Data Access Control: We have implemented a comprehensive data access management system to ensure that only authorized individuals can access specific data, meeting FINMA's requirements.
- Responsible AI Culture: We promote a responsible AI culture through training and adherence to guidelines to ensure all stakeholders understand the importance of transparency and security.
Helpful resources:
- Sina Wulfmeyer https://www.linkedin.com/feed/update/urn:li:activity:7275115807456604160/
- David Vasella: https://datenrecht.ch/finma-aufsichtsmitteilung-governance-und-risikomanagement-beim-einsatz-von-ki/
- SIF meeting in December: https://www.linkedin.com/posts/activity-7271793414361255936-1jW5?utm_source=share&utm_medium=member_desktop
Unique Is Fully Compliant With FINMA Guidance 08/2024
Executive Summary: FINMA focuses on Governance, Inventory and Risk Classification, Data Quality, Tests & Ongoing Monitoring, Documentation, Explainability and Independent Review. Unique has developed an AI Governance framework with extensive operationalization which covers all of these points. We also have comprehensive systems in place to keep track of our AI use cases and assess their risk (ISO 42001 certified) which includes ensuring high data quality. The definition of performance indicators and the development of systems to allow for continuous monitoring of our applications has also been a central part of our work in the past years. We ensure that our work is extensively documented through both our internal documentation and our public documentation. We ensure explainability by using RAG, offering features like a hallucination score, and having user feedback loops.
More on our operationalization of our AI Governance Principles can be found here.
Background
On December 18, 2024, the Swiss Financial Market Supervisory Authority (FINMA, Swiss regulator for Financial Services) issued Guidance 08/2024, focusing on governance and risk management in the use of artificial intelligence (AI) by financial institutions.
Key aspects of the guidance include:
FINMA's guidance aims to strengthen the reputation of Switzerland's financial center and assist institutions in safeguarding their business models against risks in a rapidly evolving environment. By investing in clear business strategies, strong risk cultures, robust governance, and proactive risk management, institutions should then be able to better navigate the complexities introduced by AI technologies.
Unique’s Approach
Unique is fully compliant with the most recent FINMA regulations and standards
The expectations laid out by the Swiss Financial Market Supervisory Authority (FINMA), have been at the core of Unique’s work on AI Governance. Not only are we fully compliant with all the most recent regulations on AI, but we also aim to be at the forefront of the development of new standards and regulations. We have obtained the SOC 2 Type 2, ISO 27001 and ISO 9001 certifications and are currently in the process of obtaining ISO 42001 (AI Management System).
Unique is in constant exchange with key stakeholders
Staying in touch with other Financial Service organizations and exchanging best practices is an essential tenant in our AI Governance endeavors. We are a member of the AI Verify Foundation which aims to harness the collective power and contributions of the global open-source community to develop AI testing tools that enable responsible AI. Further, we organize roundtables convening some of the largest private banks (EFG, Julius Bär, LGT, Pictet Group and more) and insurances (e.g. AXA, Zürich) in Switzerland as well as representatives of the State Secretariat for International Finance SIF and SIX Group. A summary of the discussions can be found here. Finally, we are also in exchange with FINMA. Most recently as a participant in their roundtable on AI Governance as a representative of start-ups and the private sector. Through all these engagements we can stay ahead of any legal requirements developed and ensure that we are 100% compliant.
Unique AI Governance Framework nicely aligns with FINMA expectations
Our AI Governance is guided by our framework which covers Accountability, Reliability & Robustness, Explainability & Transparency, Trust and Safety & Security. These principles nicely align with the expectations laid out by FINMA. We have operationalized each principle extensively, which can be seen here.
What does this mean for clients?
Not only are we at the forefront of the development of GenAI including Agentic workflows, but we are also leaders in AI Governance. We are fully compliant with existing regulation, are constantly adapting our governance to the rapidly evolving landscape and we are proactively in exchange with regulatory authorities like FINMA to ensure that we remain at the forefront of any AI Governance developments.
We can therefore support you in implementing GenAI and agentic use cases in a fully compliant manner regarding the FINMA supervisory notice on governance and risk management in the use of artificial intelligence. We can support you on various fronts:
Helpful resources: