Chertoff Group’s Dan Sutherland Highlights ‘Fast GRC’ in Evolving AI Landscape
Organizations developing and deploying artificial intelligence tools are urged to establish governance foundations now, as regulatory frameworks continue to evolve. With the rapid changes in the AI regulatory landscape, governance and risk management remain central considerations for industry leaders.
The Importance of Governance in AI
As discussions around AI oversight and responsible deployment gain traction across governments and the contracting community, it becomes imperative for companies to prepare transparency reports outlining data sources and AI usage. Sutherland emphasizes the need for:
- Performing security and safety risk assessments
- Developing policies for managing AI development and deployment
- Establishing executive governance forums for rapid, risk-based decisions
What Is the ‘Fast GRC’ Approach?
Traditional legal and compliance processes can take months, which often does not align with the pace of AI development. The Fast GRC model allows companies to accelerate governance decisions through:
- Reusable templates
- Cross-functional review groups
- Executive support
This structure enables leadership teams to quickly evaluate risks and benefits as AI products evolve during development. Sutherland describes a guardrail-based governance model that allows business units to operate freely within established safety and security boundaries.
Emerging AI Regulatory Approaches
Sutherland outlines three broad approaches shaping AI regulation:
- Restrictionist: Supports heavy oversight to address safety and security risks.
- Pro-innovation: Favors minimal regulation to accelerate technological development.
- Guardrails: Calls for targeted transparency and sector-specific rules without broadly constraining innovation.
The Fragmented AI Regulatory Landscape
The AI regulatory landscape remains fragmented, with states like California and New York advancing differing laws. Additionally, former President Trump’s executive order could lead to federal action addressing restrictive state laws.
In the short term, companies must navigate multiple jurisdictions and quasi-regulatory pressures, including emerging industry standards and litigation outcomes. The evolving landscape calls for adaptive governance strategies that can keep pace with innovation while ensuring safety and compliance.