第17期

AI审计周报 第17期

| ~

编者按:AI审计周报每周一发布,精选AI在审计、合规与监察领域的最新动态。中英文资讯混编,帮助审计人追踪行业前沿。

本期摘要

本期聚焦AI在合规审计领域的深度应用与挑战。影子AI使用引发59%的审计和GRC领导者担忧,而AI代理在金融犯罪合规中的幻觉问题正通过工程化手段逐步解决。同时,法院系统开始应对AI生成诉讼案件激增,ChatGPT推出锁定模式防范数据泄露风险,显示AI治理正从实验走向实用化。企业正加快建立适应性AI治理框架,以平衡创新效率与合规安全。

影子AI与合规风险 / Shadow AI & Compliance Risks

59% of Audit, GRC & IT Leaders Concerned About Shadow AI

  • 来源: Corporate Compliance Insights
  • 摘要: More governance work, same governance team size; UK firms facing new AML requirements. The survey reveals that a majority of audit, GRC and IT leaders are expressing concerns about unauthorized AI usage within their organizations.
  • 标签: 影子AI GRC治理

Canaries in the Coal Mine: Law’s Crashout Over AI Is Coming for Everyone

  • 来源: Corporate Compliance Insights
  • 摘要: Shadow AI & lack of proper guardrails are problematic combination. The article warns that the legal profession’s struggles with AI implementation and governance failures serve as an early warning for other industries facing similar challenges.
  • 标签: AI治理 合规风险

New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

  • 来源: The Hacker News
  • 摘要: OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the risk of data exfiltration arising from prompt injection attacks. The feature is primarily designed for people and organizations that handle sensitive data and require stricter protection guarantees.
  • 标签: 数据保护 AI安全

AI在金融合规中的应用 / AI in Financial Compliance

4 ways we’ve engineered around the AI hallucination problem in financial crime compliance

  • 来源: Unit21 Blog
  • 摘要: AI hallucinations in financial crime compliance have been engineered around with production-tested techniques. Here are the four mechanisms Unit21 uses to make AI agents reliable, auditable, and regulator-ready — and the infrastructure that handles the remaining error rate.
  • 标签: 金融合规 AI幻觉

How Sallie Mae Is Future-Proofing Its Fraud and Compliance Strategies

  • 来源: Unit21 Blog
  • 摘要: Discover strategies to future-proof fraud and compliance in finance from Lindsay Glessner, BSA/AML Officer at Sallie Mae. She dives into how to adopt new technologies and manage risks effectively in her recent webinar discussion.
  • 标签: 反欺诈 合规策略

FinCEN’s Proposed New AML Rules: What You Need to Know

  • 来源: Corporate Compliance Insights
  • 摘要: The rule-making process is a culmination of years of moves toward standardizing financial institutions’ AML/CFT processes. The new rules represent significant changes in how financial institutions will need to approach anti-money laundering compliance.
  • 标签: AML合规 监管政策

AI治理与适应性管理 / AI Governance & Adaptive Management

Scaling AI With Adaptive Governance

  • 来源: MIT Sloan Management Review
  • 摘要: From 2022 to 2025, the authors conducted in-depth interviews with senior leaders responsible for AI governance, risk, compliance, data, and product decisions. The interviews focused on how governance structures must evolve to support AI scaling while maintaining appropriate oversight and control.
  • 标签: AI治理 适应性管理

How courts are coping with a flood of AI-generated lawsuits

  • 来源: MIT Technology Review
  • 摘要: Most days in her chambers, Judge Maritza Braswell sifts through stacks of documents written by people without a lawyer, many of whom are now using AI tools to generate legal documents. The article explores how the judicial system is adapting to handle the increasing volume of AI-generated legal filings.
  • 标签: 司法AI 法律科技

AI安全与威胁检测 / AI Security & Threat Detection

AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs

  • 来源: The Hacker News
  • 摘要: A security startup reported 21 previously unknown vulnerabilities in FFmpeg, all found by an autonomous AI agent. The same week, Google shipped Chrome 149 with patches for 429 security bugs, the most ever in a single release, though only the FFmpeg bugs were discovered by AI.
  • 标签: AI安全 漏洞检测

Only 10% of SOCs Say They’re Getting Excellent Value From AI

  • 来源: The Hacker News
  • 摘要: The category has crossed over from interesting to inevitable, with billions of dollars now flowing into AI-powered security operations platforms. However, the data shows that while SOCs are buying and deploying AI capabilities rapidly, most are not yet seeing excellent value from their investments.
  • 标签: SOC运营 AI投资回报
#AI审计 #合规科技 #内部审计