CFOtech Australia - Technology news for CFOs & financial decision-makers
Story image

Australian firms lag in AI data compliance, reports Vanta

Today

New research from Vanta indicates that less than one in three Australian businesses comply with regulations when using customer data to train AI.

Vanta's annual "State of Trust" report highlights key concerns for business leaders regarding security and compliance, especially in light of impending changes to privacy legislation in Australia. The federal government is expected to introduce new laws to safeguard customer data and privacy in the coming months.

According to the report, only 28% of Australian businesses currently adhere to existing regulations concerning the use of customer data for AI training. Furthermore, just 24% of businesses ensure that only anonymised customer data is utilised for this purpose.

The research also reveals that a mere 54% of Australian companies have established formal policies to govern AI use, a figure that is 11 percentage points lower than in the UK. Additionally, 50% of Australian organisations have a dedicated team for overseeing AI security and compliance, which is 13 percentage points fewer than in the UK and 9 percentage points fewer than in the US.

Jonathon Coleman, APAC General Manager at Vanta, remarked, "AI has the potential to completely transform the way businesses work, but it comes with a significant amount of risk as well. For example, using customer data to train AI could lead to AI hallucinating or worse, resurfacing personal information inadvertently or damaging customer trust."

He added, "Soon, even more stringent regulation will be in place that forces organisations to take measures to protect their customers' data, and use AI safely and ethically. The issue, though, is that proving compliance with regulation has historically been a headache – it has taken considerable time and effort to put effective measures in place, gather documentation and present it in a way to authorities that meets their high standards."

Coleman also noted, "The good news, though, is that while AI can be the problem, it can also be the solution. AI can now automate up to 85% of compliance processes, saving organisations a huge amount of time and money to focus on what they do best. And once you can prove compliance, you start to foster greater trust with your customers."

The research highlights that only 55% of Australian organisations provide their employees with training on the secure use of AI tools. However, some companies are already adopting best practices. Pierre Bergamin, Chief Technology Officer at global fintech company InDebted, explained their approach.

Bergamin stated, "At InDebted, we use AI to drive performance while delivering the best possible customer experience. To build trust in the market, our use of AI must be fully compliant with laws and regulations specific to each country in which we operate."

He further elaborated, "As part of that compliance effort, we only gather customer behavioural data, and it's completely anonymised before we use it to train any kind of AI model. That way, it's impossible for our AI to resurface any personally identifiable information about any of our customers."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X