The use of artificial intelligence is quickly advancing in all areas of life, and wealth management and financial services are no exception.
AI can assist with a wide range of tasks, from automating repetitive data entry to creating personalized marketing campaigns for potential clients and running simulations for various types of accounts. And while more advisors are turning to AI (one recent survey found that 74% of firms are using AI, including 95% of RIAs), the need to stay compliant remains crucial.
However, it can be challenging for firms and advisors to stay up-to-date with the most current AI regulations while also adopting the new technology itself. Here are three ways firms can stay current on AI compliance regulations.
1. Know the Basics
FINRA and the SEC have taken a measured approach to AI regulation. They are observing how firms adopt the technology before creating prescriptive rules, a strategy similar to how they approached social media a decade ago. The absence of AI-specific rules does not mean firms can move fast and break things. Regulators will evaluate AI use through the lens of existing rules, giving them wide latitude. A communication rule violation does not become acceptable just because AI generated the content.Consider this scenario. An advisor uses an AI tool to draft a quarterly market commentary for clients. The AI generates compelling content but includes a statement like “stocks have never declined over any 20-year period,” almost true but technically inaccurate. Under FINRA Rule 2210, that communication must be “fair and balanced.” The advisor is responsible for the content, whether written by them or AI.This is where human oversight is critical. Someone with market knowledge must review, fact-check and approve AI-generated content before it reaches clients. The same principle applies to AI-assisted portfolio recommendations, client onboarding documents or automated responses to client inquiries. The technology can draft, but humans must verify.Understanding these existing rules is the foundation. Firms should run any AI-related activities through the same compliance framework used for non-AI content. Key rules include:
- FINRA Rule 2210 All communications must be fair and balanced with regulations for approving, reviewing and maintaining records.
- SEC Rule 17a-3 (Books and Records) Establishes record-keeping requirements for client information, communications and related records.
Following these rules ensures that AI-generated content meets the same compliance standards as traditional content.
2. Create Internal Frameworks
Without major guidance from FINRA and the SEC, firms are largely on their own to set the tone for their AI usage and compliance. When firms develop internal frameworks and guidelines, they can adopt a more cadenced approach to AI, setting them up to stay compliant when FINRA and the SEC release AI-specific rules.
That means that, as tempting as it may be to turn to AI for everything, it still needs guidelines and human oversight. Before rushing to use AI, firms and advisors need to conduct thorough due diligence on AI tools and establish effective governance frameworks.
To stay compliant, firms should consider internal guidelines and frameworks for the following:
- Audit trail capabilities: Can the tool document who prompted it, what output it generated, and who reviewed/edited that output?
- Explainability: If the AI recommends a portfolio adjustment, can you explain the reasoning to a client or regulator?
- Data handling: Where does client data go? Is it used to train the model? Does it meet your BAA requirements?
- Vendor due diligence: Has the vendor undergone SOC 2 audits? What’s their incident response plan?
Internal frameworks tell you what to do. But compliance ultimately depends on people following those frameworks. That’s where culture becomes the final piece.
3. Build a Culture of Innovation + Compliance
Compliance should be a top priority for every advisor and firm employee, regardless of whether it involves AI. To create effective compliance efforts, advisors must foster a culture of compliance.
Building a compliance culture means empowering employees with an understanding of current regulations, identifying key red flags and knowing what to do if something falls out of compliance. Future-proof compliance training is continually updated to incorporate the latest technology, industry changes and new regulations, especially around AI. Every employee should be current on compliance training and understand their role in protecting the firm and client data. As everyone focuses on the future of compliance, firms must have all hands on deck to ensure they are prepared for whatever comes next.
However, it’s important to add elements of innovation and flexibility into that compliance culture. Adopting AI means staying agile in the face of new developments and continually finding ways to improve. With a strong compliance culture, advisors can also encourage innovation that falls within the firm’s guidelines.
Preparing for What's Next
While FINRA and the SEC haven’t issued AI-specific rules yet, signs point to increased scrutiny. The SEC’s recent exam priorities mention “emerging technologies,” and FINRA has issued guidance on algorithmic trading and digital communications. Forward-looking firms should expect:
- Disclosure requirements: You may need to tell clients when AI assists with advice or communication
- Model governance standards: Similar to how quantitative models require documented methodologies
- Heightened supervision: Proving that humans meaningfully reviewed AI output, not just rubber-stamped it. Firms building strong internal frameworks now will adapt more easily when — not If — specific rules arrive.
AI compliance ultimately comes down to documentation and audit trails. When an AI tool generates client communication or assists with account management, can you show regulators the full chain of custody — who created it, who reviewed it, who approved it, and where it’s stored? Docupace’s platform automatically maintains the record-keeping required by SEC Rule 17a-3, creating audit trails for every workflow — whether AI-assisted or not. Docupace leadership is also actively involved in the FSI AI committee that is supporting the outcomes and education for legislation. As your firm adopts new technologies, make sure your compliance infrastructure keeps pace. Schedule a discovery call to see how Docupace supports AI-ready compliance. Click here to schedule a discovery call.
?>)
?>)
?>)