Risk Assessments – Debevoise Data Blog

Artificial Intelligence

Debevoise Data Blog: Top 14 AI Posts of 2025

By: Charu A. Chandrasekhar, Andrew J. Ceresney, Courtney M. Dankworth, Avi Gesser, Robert B. Kaplan, Gordon Moodie, Jim Pastore, Julie M. Riewe, Jeff Robins, Kristin Snyder, Matt Kelly, Johanna Skrzypczyk, Karen Levy, Diane Bernabei, Michael Bloom, HJ Brehmer, Suchita Mandavilli Brundage, Melyssa Eigen, Joshua A. Goland, Martha Hirst, Gabriel Kohan, Carl Lasker, Jeremy I. Liss, Andreas Constantine Pavlou, Joshua Plastrik, Achutha Raman, Adam Shankman, Stephanie Thomas, Nathaniel Waldman, Annabella M. Waszkiewicz, Stan Gershengoren, William Sadd, Nicholas T. Ziebell, Patty (Virtual AI Specialist) and Sergio (Virtual AI Specialist) December 8, 2025

Why Agentic AI Often Fails and the Enduring Value of Human Judgment (11/4/2025) We’ve been doing a lot of work recently on agentic AI workflows. In this post, we share…

Artificial Intelligence

Agentic AI in Retail Investing: Navigating Regulatory and Operational Risk

By: Andrew J. Ceresney, Charu A. Chandrasekhar, Avi Gesser, Robert B. Kaplan, Julie M. Riewe, Jeff Robins, Kristin Snyder and Achutha Raman October 29, 2025

The Rise of AI-Driven Investing in Retail Finance Generative artificial intelligence (“GenAI”) innovations are rapidly transforming the formulation, analysis, and delivery of investment advice. Many broker-dealers and investment advisers are…

Artificial Intelligence

Lessons for AI Risk Management from Ten Years of Cybersecurity Implementation

By: Charu A. Chandrasekhar, Avi Gesser, Matt Kelly and Andreas Constantine Pavlou May 14, 2025

As AI adoption continues to increase, businesses are looking for familiar risk management protocols for AI governance. One obvious governance framework to use is cybersecurity, which is another area where…

Artificial Intelligence

South Korea Enacts New AI Law

By: Avi Gesser, Mengyi Xu, Martha Hirst, Cameron Sharp, Diane Bernabei and Michelle Shen March 24, 2025

South Korea has become the latest country to pass a national AI law. The “Basic Act on the Development of Artificial Intelligence and Establishment of Foundation for Trust” (the “Basic…

Artificial Intelligence

Treasury’s Post-2024 RFI Report on AI in Financial Services – Uses, Opportunities, and Risks

By: Charu A. Chandrasekhar, Avi Gesser, Erez Liebermann, Gregory Lyons, Jeff Robins, Jeremy I. Liss, Ned Terrace and Mengyi Xu January 23, 2025

On December 19, 2024, the U.S. Department of Treasury (“Treasury”) released a report on The Uses, Opportunities, and Risks of Artificial Intelligence in the Financial Services Sector (the “Report”). The…

Compliance

Cyber Whistleblower Leads to DOJ Civil Settlement

By: Avi Gesser, Luke Dembosky, Andrew M. Levine, Erez Liebermann, Jim Pastore, Stephanie Cipolla and Michelle Shen November 4, 2024

On October 22, 2024, the U.S. Department of Justice (“DOJ”) announced that The Pennsylvania State University (“Penn State”), a public university in University Park, Pennsylvania, agreed to pay $1.25 million…

Artificial Intelligence

Webcast – Tips on Managing Cybersecurity Risks Arising from AI – New Guidance from the NYDFS

By: Charu A. Chandrasekhar, Luke Dembosky, Avi Gesser and Erez Liebermann October 30, 2024

On November 8th, Avi Gesser, Luke Dembosky, Erez Lieberman, and Charu Chandrasekhar from the Debevoise Data Strategy and Security Group discussed the recent NYDFS Industry Letter providing guidance on assessing…

Artificial Intelligence

FINRA Issues Brief Reminder on Managing Generative AI Risk in Supervisory Tools

By: Charu A. Chandrasekhar, Avi Gesser, Matt Kelly, Jeff Robins and Kristin Snyder July 1, 2024

While the SEC made an early foray into proposing rules to govern use of generative AI (Gen AI) by broker-dealers,[1] FINRA has been taking a more traditional approach to emergent…

Artificial Intelligence

Treasury’s Report on AI (Part 1) – Governance and Risk Management

By: Charu A. Chandrasekhar, Avi Gesser, Erez Liebermann, Matt Kelly, Johanna Skrzypczyk, Michelle Huang, Sharon Shaji and Annabella M. Waszkiewicz April 29, 2024

On March 27, 2024, the U.S. Department of Treasury (“Treasury”) released a report on Managing Artificial Intelligence-Specific Cybersecurity Risks in the Financial Services Sector (the “Report”). The Report was released…

Artificial Intelligence

The Revised Colorado AI Insurance Regulations: What Was Fixed, and What Still May Need Fixing

By: Eric Dinallo, Avi Gesser, Matt Kelly, Anna Gressel, Stephanie Thomas, Samuel J. Allaman and Melissa Muse May 31, 2023

On May 26, 2023, the Colorado Division of Insurance (the “DOI”) released its Revised Draft Algorithm and Predictive Model Governance Regulation (the “Revised Regulation”), amending its initial draft regulation (the…