AI is rapidly becoming a core participant in workplace communications, creating a new class of “aiComms” that traditional compliance tools weren’t built to handle
Key insights:
-
-
-
Growing pains with expanded AI use — The surge in AI adoption is creating new compliance, governance, and security challenges for businesses, with nearly all firms planning to expand AI use.
-
Many compliance teams are faltering — Current compliance approaches are falling short, with 88% of firms struggling with AI governance and data security, and 37% reporting gaps in their search and e-discovery capabilities.
-
New communications tech tools might help — To address these challenges, organizations need to invest in innovative digital communications governance and archiving platforms that can handle the complexity of AI-generated content and provide forensic-level insight into potential issues.
-
-
Human-to-AI communication is accelerating across the workplace, creating new compliance, governance, and security challenges for modern organizations. The rise of AI assistants, generative AI (GenAI) tools, and agentic AI introduces a new category of communications — known as aiComms — and a new workplace participant: AI itself. Organizations now face added complexity as they work to manage, monitor, and retain these evolving forms of communication.
Surge in aiComms as firms plan to expand AI use
The results of Theta Lake’s 7th annual Digital Communications Governance Report, based on independent data gathered from 500 IT and compliance leaders in the financial services sector, highlights both the scale of AI expansion and emerging governance challenges.
Nearly all respondents (99%) say their firms plan to implement or expand AI features within their unified communications and collaboration tools, including GenAI assistants (with 92% saying this), AI-powered meeting notetakers and summarization (81%), and customized agentic AI (77%).
Indeed, the widespread adoption of popular GenAI capabilities such as summarization, prompts, and responses is transforming productivity and offering opportunities for firms to realize numerous efficiency gains and improvements. However, the volume of communications is set to accelerate, which will require entirely new approaches to governance, compliance, and content inspection.
In fact, 88% of respondents say their firms already report challenges with AI governance and data security, with the top challenge, identified by nearly half of respondents (47%), is ensuring that AI-generated content is accurate and compliant with regulatory standards. Respondents also cited factors such as difficulties in detecting whether confidential or sensitive data has been exposed in GenAI output (45%), concerns around identifying risky end-user behavior with AI tools (41%), and their ability to track where problematic AI content is shared and with whom (40%).
Fragmented communications compound risk
The report also reinforces the idea that AI is only one part of a broader compliance challenge. Firms are continuing to use multiple unified communications and collaboration platforms, many of which rely on multiple compliance, surveillance, and e-discovery solutions that in turn create inefficiencies, complexity, and gaps in oversight.
Fully 82% of survey respondents say their firms use four or more communication and collaboration platforms. Most organizations also rely on at least three different vendors or repositories for recording, archiving, and supervising communications, the survey shows.
These single-purpose compliance solutions are increasingly inadequate for today’s meshed communications environments, in which text, audio, video, and AI-generated content are created and consumed simultaneously. The limitations of these platforms result in incomplete capture, viewing, and reconciliation, the survey shows, including:
-
-
- 37% of respondents say their firms report search and e-discovery gaps, up from 31% last year
- 36% cite surveillance gaps that affect risk detection, remediation, and controls
- 62% report their firms have difficulties reconstructing and replaying conversations that span multiple communication tools and include textual, voice, visual, and AI-generated interactions
-
Another continuing concern is the use of off-channel communications, respondents say. Despite more than $4 billion in global fines from government regulators for organizations’ recordkeeping and supervision failures in recent years, more than two-thirds (67%) of respondents say they remain concerned about employees using unmonitored channels.
The findings align with the United Kingdom’s Financial Conduct Authority’s multi-firm review into off-channel communications, released in August, which found that most firms in its sample continue to identify breaches of internal communication policies.
Regulatory expectations
Regulators have made it clear that AI tools are encompassed by existing compliance frameworks. For example, FINRA’s Regulatory Notice 24-09 reminds member firms that:
FINRA’s rules — which are intended to be technology neutral — and the securities laws more generally, continue to apply when member firms use GenAI or similar technologies in the course of their businesses, just as they apply when member firms use any other technology or tool.
This means that highly regulated organizations must be able to confidently enable AI tool while continuing to maintain full oversight of how those tools are used, what they produce, and how their outputs are managed.
Innovative digital communications governance and archiving platforms now include features designed to support AI compliance and security guardrails, helping organizations maintain oversight and transparency in their use of GenAI tools.
Investing in the future
As the report illustrates, confidence in existing compliance approaches remains extremely low at just 2%, down from 8% last year. This underscores the recognition that traditional compliance systems cannot accommodate the volume, diversity, and dynamic nature of today’s digital communications.
As a result, firms are significantly increasing their investment in communications compliance to keep pace with the growing complexity of digital communications, including aiComms. In fact, 86% of respondents say their organizations are already investing more — up from 65% last year — and a further 12% plan to do so.
As human-AI collaboration becomes an integral part of business communication, governance frameworks must evolve to ensure accountability, transparency, and trust. Organizations will need forensic-level insight into AI-generated content to detect potential issues, confirm appropriate use, and respond quickly — all without slowing productivity. Platforms can better support safe GenAI adoption by ensuring AI-generated content aligns with internal policies and regulatory obligations, enabling swift action on risky or non-compliant content, and allowing firms to retain only what’s necessary to meet oversight and recordkeeping requirements.