Using artificial intelligence, but responsibly: paths to comprehensive AI governance

Have you already worked with AI-based programmes such as ChatGPT, Midjourney or Dall-E? The rapid development of artificial intelligence is impressive - and we are only just experiencing the beginning of a technical revolution.

It's not just the opportunities that generative AIs offer that need to be considered, but also the risks. This was recognised, for example, by companies that tested an AI recruiting system that scanned CVs and identified the most promising profiles. It quickly became clear that the AI had discriminatory tendencies towards women. The use of AI for this purpose was subsequently discontinued.

This shows that Comprehensive AI governance is essential for companies to ensure trustworthy, responsible use of AI-based solutions and to avoid compliance risks - especially as the complexity of applications will increase and the transparency and traceability of results will decrease as AI development continues.

The experts from KPMG and KPMG Law Rechtsanwaltsgesellschaft mbH describe what a suitable target operating model (TOM) for AI governance can look like in the new white paper "AI risks at a glance".

AI governance is more complex than conventional IT governance. AI governance should therefore be a key item on the agenda of top decision-makers (management, supervisory board): It must be clarified for which purposes AI solutions are actually suitable within the company, which framework conditions are required and how autonomous systems will affect processes.

To this end, our experts explain the AI risks that need to be identified and classified in the white paper. They also discuss new regulatory developments relating to the use of AI: the planned EU AI Act, IDW EPS 861 as the relevant German standard for auditing artificial intelligence and the Global Partnership on Artificial Intelligence (GPAI) at international level. The focus is on the EU AI Act with its three risk classes ("unacceptable", "high", "low/minimal").

Finally, the authors present the KPMG approach "ABC for AI", in which compliance and performance are considered together in order to fully utilise the potential of AI.