Dec 01, 2024
For the third year in a row, MIT Sloan Management Review and Boston Consulting Group (BCG) have assembled an international panel of AI experts that includes academics and practitioners to help us gain insights into how responsible artificial intelligence (RAI) is being implemented in organizations worldwide. Last year, we published a report titled “Building Robust RAI Programs as Third-Party AI Tools Proliferate.” This year, we continue to examine organizational capacity to address AI-related risks but in a landscape that includes the first comprehensive AI law on the books — the European Union’s AI Act. To kick things off, we asked our experts and one large language model to react to the following provocation: Organizations are sufficiently expanding risk management capabilities to address AI-related risks. A clear majority (62%) of our panelists disagreed or strongly disagreed with the statement, citing the speed of technological development, the ambiguous nature of the risks, and the limits of regulation as obstacles to effective risk management. Below, we share insights from our panelists and draw on our own observations and experience working on RAI initiatives to offer recommendations on how organizations might leverage organizational risk management capabilities to address AI-related risks.
Many of our experts cited the speed of AI-related technological developments as testing the limits of organizational risk management frameworks. As Stanford CodeX fellow Riyanka Roy Choudhury contends, “The rapid expansion of AI, particularly generative AI, has exceeded the operational capabilities of most organizations, [resulting in deficient] AI risk mitigation strategies.” Land O’Lakes CTO Teddy Bekele notes that “the overall preparedness to tackle AI-related risks is insufficient, mainly due to the fast-paced advancements in AI that outstrip the development and implementation of effective risk management practices.” In addition to AI’s fast-evolving capabilities, its pace of adoption is also challenging organizations. As AfroLeadership’s Belona Sonna explains, “AI systems are among the fastest-growing applications in the world. The associated risks are therefore equally dynamic.”
While Sameer Gupta, chief analytics officer at DBS Bank, and Linda Leopold, H&M Group’s head of AI strategy, argue that organizational risk management capabilities need to “keep pace” with the “rapid evolution of AI capabilities” and “the speed of tech development and the spread of usage,” they also acknowledge the challenge of doing so in practice. Leopold observes that “even for organizations that do have a solid responsible AI program in place, keeping up with the speed of development and continuously addressing new risks requires effort.”
