Inside the Regulator’s Mind: SEC & FINRA on AI in 2025 Watch On - Demand

‍

‍

Our Expert Panel

• Jeff Kern - [Former FINRA/NYSE Regulator] -Regulators will ask how AI decisions are supervised and who is accountable have a clear ownership model and evidence of review.

• Mimi LeGaye - [President, MGL Consulting] - “Automation is not supervision.” Put human expertise around every critical AI output and prove it with artifacts.

• Sid Yenamandra - [CEO, SurgeONE.ai] - Build a single command center that unifies compliance, cybersecurity, and data so your evidence is one click away.

Key takeaways

• AI will face “traditional” controls. Expect exam teams to apply long-standing expectations (books & records, supervision, documentation) to AI-generated outputs from surveillance alerts to marketing reviews.
• Transparency is the test. Firms should be able to explain what an AI tool does, what data it relies on, how results are reviewed, and how exceptions/escalations are handled.
• Expert-led governance wins. Technology must be paired with experienced compliance judgment clear roles, pre-defined thresholds, and evidence that humans can override models.
• Documentation is your defense. Map policy → model use → controls → evidence so you can furnish a coherent narrative during exams.
• 2025 = targeted enforcement. Expect focused reviews of disclosures, rollover documentation, conflicts, vendor oversight, and the reliability of the data systems supporting fiduciary obligations.
  ‍

What this means for 2025 exams

• Supervision framework: Treat AI outputs like any other supervised activity review queues, QC samples, attestation, and timely escalation.
• Model change management: Track versions, parameters, data sources, and approval history; log reasons for overrides.
• Evidence on demand: Be able to reproduce decisions, show audit trails, and export regulator-ready reports quickly.
• Vendor governance: Maintain due diligence files, SLAs, data-handling terms, and contingency plans for third-party AI tools.

‍

Your 10-point readiness checklist

1. Inventory all AI/ML use cases (surveillance, marketing review, ops).
2. Assign accountable owners; document roles & escalation paths.
3. Define acceptable-use policies and data-quality standards.
4. Implement review workflows for AI outputs (sampling + SLAs).
5. Log model versions, sources, parameters, and approvals.
6. Capture override reasons and post-mortems for false positives/negatives.
7. Map evidence to rules (SEC/FINRA) and keep export templates ready.
8. Validate vendor contracts: security, data rights, audit support.
9. Run an exam drill: produce a full AI governance packet in under 48 hours.
10. Train staff—compliance + business—on when and how to challenge AI results.

If you’d like a short, tailored AI exam-readiness plan for your program, send us your top AI use cases and current supervision approach - we’ll map gaps and quick wins.

‍