利用这些关键功能应对合规风险

Objectives The Gartner Legal, Compliance and Privacy Risk Hot Spots illuminate the key risk trends and opportunitiesthat legal and compliance leaders should anticipate during the next 24 months. The report can be used to: Assess Future Demands —Compare currentcapabilities and structure against the trends drivingfuture legal, compliance and privacy demands. Educate the Board and Executives —Educate the audit committee or board on trends affecting your business with material legal,compliance and privacy implications that will impactoversight responsibilities and organizationalperformance. Inform Legal, Compliance and PrivacyPlanning —Guide team discussions, develop2024 and 2025 plans and allocate resourcesagainst the most significant risks. Assess Key Risks —Use the report to assess how the implications of the hot spots impact your risk profile as an input intolegal, compliance and privacy risk assessments. Executive Summary To help legal leaders understand emerging risks and opportunities in the current environment, we’ve identified 12 trends featuredin this report as hot spots. The report focuses on the implications of these trends through the end of 2025 and the action itemsleaders will need to take to better prepare legal, compliance and privacy functions to respond. While individual hot spots may affect some industries, markets or geographies more or less significantly, all apply broadly acrossindustries and corporate operating models. These 12 hot spots compose three macro trends that are significantly affecting legal,compliance, and privacy teams in the coming two years. 1. The Arrival of Generative AI 3. The Corporate Impacts ofSocietal Rupture 2. Growing Demands for CorporateTransparency and Fairness Increases in capability and usability haveprompted widespread company adoption ofGenAI. However, while AI regulation is beingdeveloped, uncertainties and unforeseen risksabound. Businesses will have to contend withthese challenges to ensure ethical and legaluse of this powerful new technology. Supply chain sustainability, poor corporatecitizenship, fears of critical infrastructurevulnerability and concerns about anti-competitiveness are creating new demandsfor more requirements for the company tocollect and report ESG metrics in new areas.Legal leaders must take a leading role inpreparing the company to meet these newdemands in the coming years. Greater societal polarization and thefraying of a global, rule-based orderunderwritten by norms of free trade andcommon institutions are imposing greaterenterprise challenges. Business leadersnavigating these ruptures are being forcedto contend with “zero-sum situations” inwhich expectations of corporations fromdifferent societal and governmentstakeholders are in direct conflict. …of Organizations areCurrently inExplorationMode with Generative AI.1 …of Americans agreethatcompanies need todisclose moreabout theirbusiness practices andimpact on society.2 …of individuals globallysay theircountries aremore dividedthan inthe past.3 Rapid Generative AI Adoption Rapid advances in the sophistication and usability of GenAI tools willprompt rapid, widespread adoption within companies over the nextseveral years. OpenAI’s Chat GPT 3.5 launched in November 2022.Its simple user interface and impressive ability to construct naturallanguage text in response to user prompts made it the fastest-growingapp ever.4Tools such as DALL-E for visual output and Voicebox for voiceaudio show similarly impressive results. Drivers •Increased Accessibility and Ease of Use:While GenAI tools have become more powerfulin recent years, huge leaps in usability and accessibility tonontechnical professionals have increased adoption. Whereas many AI tools lend themselves to narrow applications, GenAI’sability to deliver synthesized text, audio or visual output in response tosimple user prompts can be used for a wide variety of business tasks.Gartner research shows that 72% of companies are already usingGenAI, with 45% of them using it across two of more business functions.5 •Proliferation of GenAI Products:The largest providers of enterprisesoftware, including Google, Microsoft and IBM, have invested inbuilding foundational models and are currently integrating GenAI intotheir services. By 2026, more than 70%of independent software vendors will have embedded GenAIcapabilities in their enterprise applications.7 While rapid adoption of this technology is promising, it poses newlegal and privacy risks. GenAI output is imperfect, often amplifying biaspresent in the datasets used to train the model or outputting fabricatedinformation. Furthermore, users that input personal data or sensitiveinformation, particularly in publicly available tools, leave the companyopen to IP, privacy risks or cyberattack. While 68% of companies alreadyhave a task force managing AI privacy, security and/or risk, and legalleaders will need to steer this governance to better manage legal risksand generate