How to Prepare for AI Compliance Regulations Starting Now

This IDC Perspective offers guidance on how enterprises can meet the AI regulatory challenge. The landscape surrounding AI compliance remains fluid and complex due largely to the fact that many regulations specific to AI remain in draft form and because different jurisdictions are adopting varying rules related to AI regulation. It is impossible for most enterprises at this time to know exactly which AI compliance mandates they may face just a year or two into the future.However, it is possible to anticipate with reasonable reliability what those requirements may entail. Many are spelled out in existing compliance laws that do not target AI specifically but have ramifications for how businesses deploy and use AI. Other AI-specific regulations that remain forthcoming are likely to promulgate many of the same core concepts related to data privacy, security, and safety.Using these clues as guidance, enterprises must begin adopting measures today to future-proof their AI investments against compliance risks. In many respects, the practices they should follow - such as establishing strong data management capabilities, vetting AI technology vendors, and updating enterprise security policies to reflect AI risks - are straightforward, and businesses can begin taking action immediately."Uncertainty surrounding AI regulation is not a reason to take a wait-and-see approach," says Chris Tozzi, adjunct research advisor for IDC's IT Executive Programs (IEP). "AI adoption is happening now, which means now is the time to take reasonable steps toward aligning with AI compliance rules - including those currently in vigor and those that will take effect in coming months and years."