PE-Backed Financial Services Firm Captures Greater AI Value with New Application Review Process 

Challenge 

To responsibly kick-start its AI maturity, a specialty financial services firm sought to design an application review process for the implementation of AI models. The firm lacked documentation, standards, or a strategic approach to understanding AI impacts, risks, and use cases when integrating AI applications into existing systems. 

The firm engaged CrossCountry Consulting’s risk, technology, and cybersecurity experts to explore its current-state AI security posture and enhance its AI readiness. 

How We Helped 

The team conducted a comprehensive evaluation of the firm’s existing application review process to identify and implement enhancements and efficiencies. These recommendations culminated in: 

• A structured review template and questionnaire for application owners to complete, including sections on identity and access management (IAM), cryptography management, data security and privacy, malicious code protection, and security compliance management. 
• Inaugural AI application assessment of Microsoft Copilot and ChatGPT. 
• Testing the efficacy of the new review process and its compatibility with other AI applications in use and under consideration. 
• Providing guidance and awareness on data loss prevention and authenticated/unauthenticated LLM use. 
• Advising on vendor risk management programs with comprehensive IT, data, and security perspectives. 

Results 

After implementing the critical findings and recommendations from the assessment, the firm was quickly on its way toward significant AI progress, especially considering evolving AI regulations. Benefits included: 

• Frictionless AI application review: By allowing application owners to provide details upfront in the form of a questionnaire, the firm re-engineered and streamlined workflows that were previously uncoordinated or difficult to act on. 
• Risk-informed enterprise agility: As the AI market continues to expand, the firm has the ability to quickly and proactively anticipate and respond to disruption and competitive opportunities without sacrificing speed-to-value or data integrity. 
• CTO value creation: With a more efficient process for integrating AI systems into the firm’s ecosystem, the CTO was freed up to spend more time on larger strategic initiatives and recouping AI investment returns. 

“Working with CrossCountry allowed us to position the organization for safe and effective AI utilization for day-to-day activities, while educating our staff on best practices and areas for future improvement.” – CTO  

The firm now utilizes multiple AI technologies with secure guardrails in place to ensure secure use and reduced risk of data loss or breach.