Blog
Artificial Intelligence and Plan Governance Considerations
By: Scott Miller, Segal
Even with the rapid adoption of Artificial Intelligence, many plans are delaying taking action to incorporate AI guidance into their governance documents. Learn why that is a potential problem and what steps plans should take right now – even if they do not want to adopt AI as a tool.
This is an excerpt from NCPERS Winter 2025 issue of PERSist.
Advances in Artificial Intelligence (AI), particularly generative AI, are moving quickly and in ways we cannot foresee. For some public pension plans, working through the decision of whether and how to incorporate AI into the workplace seems to be a daunting task better left for another day. However, there are many reasons to replace “delay” with “immediate action,” not the least of which is the fiduciary responsibility to the members and beneficiaries.
The phrase “nature abhors a vacuum” is especially true for plan staff in the absence of AI guidance. One study found that 55% of surveyed employees had used unapproved generative AI tools at work. Even worse, 69% of those employees had never received training on how to use generative AI safely and ethically at work.1
Clearly, providing no guidance to your employees is not the answer.
Prohibiting the use of AI
Merely deciding not to allow AI use in the workplace is not sufficient. Plans that choose not to allow AI use should carefully develop a policy that specifically prohibits staff from using AI. The policy should include examples of common AI sites to inform staff about what the policy prohibits. Plans should also have their IT departments implement restrictions on website access to AI sites and tools.
Don't forget your vendors. Incorporate policy requirements in vendor contracts and require vendors to disclose any AI usage. Plans must also require their vendors to maintain the confidentiality and security of sensitive information. Everyone must agree on what data can and cannot be used.
Embracing AI
If you accept the fact that AI is here to stay and decide to incorporate it into the workplace, there are several best-practice steps to take:
- First, get legal involved. Now. You need the help and guidance that only legal can provide. There is simply too much at stake to not take advantage of good counsel.
- Second, educate yourself. Talk to other plans or consultants. You do not need to reinvent this wheel. Many other plans have already implemented this decision. Use the wisdom they gained by going through the process. Then, take it another step to make it your own.
- Third, determine what AI use cases are appropriate for your plan. Examples include real-time AI-augmented analytics, call monitoring and chatbots. But be careful using AI for personnel decisions. Bias concerns are a very real thing, and typically limit AI use for personnel decisions.
- Finally, develop an AI use policy. Consider creating a cross-functional pilot group whose assignment is to become educated and help guide the organization's policy creation. Evaluate the breadth of a possible AI policy, and keep in mind that “everything” is too broad. Develop the guiding principles that the policy should reflect, including minimizing bias and maximizing security. Prohibit unauthorized use of AI -- both the people who cannot use it and the tasks for which it cannot be used. Require authorized users to receive appropriate training, including education regarding AI-related scams. Remember to include vendor requirements in your policy, as well.
Make sure everyone understands the policy
When the policy is complete, you should require all staff to read and affirm their understanding of the AI policy, whether they are authorized users or not. Your IT department should maintain an inventory of AI uses and audit compliance with the AI usage policy. Again, IT should lock down access to unauthorized AI sites and tools for unauthorized users.
Prepare to keep the policy up to date
Both AI users and non-users need to remember one very important thing about their new AI policy: You cannot just “set it and forget it.” You need to keep informed as laws, technology and AI tools evolve over time, and modify your policy accordingly. Expect changes to that policy as new issues arise.
Make a choice sooner rather than later
In the wise words of Teddy Roosevelt: “In any moment of decision, the best thing you can do is the right thing, the next best thing is the wrong thing, and the worst thing you can do is nothing.” Remember that whichever decision you make for your plan, doing one or the other is infinitely better than sitting back and doing nothing.
Endnotes:
1 SalesForce, “More than Half of Generative AI Adopters Use Unapproved Tools at Work” November 15, 2023
Bio: Scott A. Miller, JD is a Senior Consultant in Segal's Administration and Technology Consulting practice. Scott has more than 25 years of experience working with pension and benefits systems to help create operational efficiencies, improve member services, reduce administrative costs and compliance and increase internal controls.
Comments
There have been no comments made on this article. Why not be the first and add your own comment using the form below.
Leave a comment
Please complete the form below to submit a comment on this article. A valid email address is required to submit a comment though it will not be displayed on the site.
HTML has been disabled but if you wish to add any hyperlinks or text formatting you can use any of the following codes: [B]bold text[/B], [I]italic text[/I], [U]underlined text[/U], [S]
strike through text[/S], [URL]http://www.yourlink.com[/URL], [URL=http//www.yourlink.com]your text[/URL]