Artificial intelligence (AI) has evolved from an experimental concept to a central catalyst for global transformation. Entering this decade, AI emerged as a leading disruptor, promising unparalleled efficiency, intelligence at scale and the potential to re-engineer foundational business processes. Today, that promise is playing out in real time. AI-driven systems are changing how work gets done; how decisions are made; how risks are assessed; and how firms think about competitive advantage across the financial services ecosystem.
As AI systems and tools further gain traction across the financial services industry, investment advisers and particularly, private fund managers, are increasingly exploring ways to leverage AI in their operations. While these technologies offer significant benefits for research, investment analysis, improved client experiences and administrative efficiency, they also introduce complex legal, regulatory and fiduciary challenges.
For private fund managers, implementing these technologies could pose challenges under the Investment Advisers Act of 1940 (the “Advisers Act”) and other areas under the SEC’s watchful eye. Advisers must understand the unique risks of the rapidly changing technology to navigate the regulatory framework. Before integrating AI into an advisory business, advisers should consider a range of factors, including technological limitations, regulatory compliance, governance frameworks and more. The speed at which AI is evolving, combined with the intricacies of capital markets regulation, has created a new frontier of risk that demands stronger diligence, governance and transparency.
The SEC has made clear that while it supports responsible innovation, it will not tolerate ambiguity, misinformation or insufficient controls around AI. As advisers increasingly incorporate AI into their operations, they must recognize that they are entering a regulatory environment defined by heightened expectations, broad exam priorities and an unmistakable focus on oversight. At the same time, firms that implement AI responsibly may unlock efficiencies and strategic advantages that competitors will struggle to match. The question is no longer whether firms should adopt AI, but whether they can document and govern it at the level of rigor regulators now expect.
As a follow up to our “Where Innovation Meets Oversight: Managing Artificial Intelligence, Crypto and Cybersecurity Compliance”, Silver’s Regulatory Compliance Team and Sustainability Risk and Strategy (SRS) Team outline a pragmatic, risk management-based playbook and key considerations for private fund managers that seek to use, or are using, AI tools, with a focus on compliance obligations, governance practices and practical steps to help mitigate legal and regulatory risk.
Where Do We Begin? The New Frontier
AI is not simply another tool competing for a place in the adviser’s tech tool bag. It represents an entirely new class of analytical infrastructure, one capable of ingesting vast data sets, generating insights autonomously and influencing decision-making at a scale like never before.
As AI-driven tools expand into functions such as portfolio modeling, due diligence, market analysis, compliance monitoring and client communication, firms must understand that every AI-generated output has regulatory implications. For example, AI-generated investment commentary may inadvertently constitute marketing content subject to the SEC’s Marketing Rule. AI-generated insights may rely on alternative data sources the adviser does not control or fully understand — raising concerns around data provenance, bias or accuracy. Even the use of ChatGPT-like tools for basic research can trigger recordkeeping requirements under Rule 204-2, which mandates the retention of any communication related to recommendations, portfolio advice or client interaction.
To adopt AI responsibly and maintain superior risk management, leadership must translate policy into proof with clear rules, validated safeguards and auditable outcomes that align with fiduciary duties. If your organization handles regulated or confidential information, AI adoption must be paired with genuine oversight.
On the ESG investing front, private fund managers are facing tighter ESG enforcement and growing scrutiny around greenwashing and more, with AI-driven monitoring reshaping the entire regulatory landscape. When AI-generated ESG messaging outpaces evidence is when following the correct AI and risk management protocols becomes even more important and vital to avoid repercussions.
The SEC’s Expanding Focus: What Regulators Expect Today
The SEC has consistently emphasized the importance of transparency, risk management, disclosure accuracy and supervisory controls over automated systems. Its interest in AI is not based on speculation but on concrete ways AI can impact investor protection, data integrity and market stability. Even though a broad rule related to how advisers use predictive data analytics was withdrawn earlier this year, the SEC has reiterated that AI remains a cornerstone of its regulatory priorities. Rather than stepping back, the SEC has embedded AI oversight into examinations, disclosure expectations and future rulemaking signals. For example, the SEC’s Fiscal Year 2026 Examination Priorities specifically note an ongoing focus on the use of automated investment tools, AI technologies and trading algorithms or platforms and the risks associated with the use of emerging technologies and alternative sources of data.
One area of particular focus is disclosure accuracy, as the SEC expects firms to provide specific, contextualized details about how AI is being used within advisory operations. Generic descriptions such as “advanced AI capabilities” or “proprietary algorithms” are considered inadequate and potentially misleading. Disclosures must accurately describe the role AI plays in investment analysis, client servicing, trading or risk management. Firms must also disclose material risks associated with AI, including operational risks, model inaccuracies, data bias, reliance on third-party systems and limitations inherent in the underlying technology.
Another focus area is the rise of “AI washing,” in which firms exaggerate the sophistication or effectiveness of AI tools or where they imply capabilities the technology does not actually possess. The SEC views AI washing similarly to greenwashing, an area already subject to heightened enforcement.
A third SEC emphasis area is recordkeeping. Under Rule 204-2 of the Advisers Act, certain AI-generated content may constitute a “record” subject to retention requirements. This includes prompts, outputs, decision support materials, client-facing messages, research summaries, investment recommendations, marketing content and any AI-assisted documentation used in the advisory process. The SEC views AI-generated content similarly to emails or research notes: if it relates to the firm’s advisory activities or communications, it may require retention. This remains true even if the AI system is external or cloud-based. Platforms with integrated archiving or vendor-supported capture capabilities may streamline compliance, but the firm, not the vendor, remains accountable for ensuring SEC retrieval.
Additionally, the SEC has stringent risk management and compliance expectations. The SEC expects advisers to develop risk management programs specifically tailored to the challenges of AI tools. This includes identifying operational, data and model risks; building processes to evaluate AI-produced recommendations; and ensuring AI outputs cannot compromise fiduciary obligations.
Advisers must adopt robust practices to guard against model failures, hallucinations, misinterpretation of data or unintended algorithmic biases. These risks can impact investment decisions, client or investor communications and portfolio due diligence. Firms should maintain policies and procedures that include how the adviser documents review processes, tests protocols and employs human oversight of all AI-driven activities.
Advisers can and should also demonstrate their AI risk management controls through well-documented, AI-specific components of their Rule 206(4)-7 annual compliance reviews. Each component of the adviser’s policies related to AI usage can be tested, on at least a sample basis, during the annual compliance review. This may also require integrating AI oversight into more routine testing frameworks, internal audits and supervisory procedures. Upon the conclusion of the annual compliance review, advisers should consider how to incorporate relevant findings to annual, or targeted and functional, compliance training.
Additionally, advisers must conduct due diligence on AI vendors or other service providers that provide their services using AI, particularly if the vendor handles nonpublic personal information covered by Regulation S-P. This includes reviewing the vendors’ governance practices, data sources, information security protocols, model documentation and bias mitigation controls. Overall, internal testing, including testing during the annual compliance review, employee training and vendor due diligence, can help demonstrate alignment with the SEC’s expectations and the adviser’s fiduciary duty.
In short, the SEC expects advisers to demonstrate a clear understanding of the risks associated with AI tools, the data driving those tools and the controls in place to prevent harm. This requires a level of oversight many firms have not historically applied to technology.
Responsible AI
Responsible AI refers to designing, developing and deploying AI systems in ways that are transparent, fair, accountable and aligned with societal values. Although no universal definition exists, the concept reflects convergence across international bodies, standards organizations and industry groups. The aim of responsible AI is to minimize risks such as bias, privacy violations, opacity and security vulnerabilities while maximizing societal and organizational benefits. Frameworks like the OECD AI Principles and ISO guidance emphasize fairness, transparency, robustness, privacy and inclusiveness, supported by practices such as representative training data, traceability of model decisions, human oversight and continuous monitoring. Ethical AI complements this by addressing broader societal impacts, including employment, social equity and environmental considerations. ISO guidance underscores the need to embed these values throughout the AI lifecycle through strong data governance and clear accountability. Together, these frameworks provide a foundation for operationalizing trustworthy AI.
AI-Related Regulation
The UK has adopted a sector-led, principles-based approach rather than a single comprehensive AI law. The Department for Science, Innovation & Technology and the Office for Artificial Intelligence’s 2023 White Paper instructs existing regulators to apply high-level AI principles within their domains, while the Office for Artificial Intelligence continues to support the implementation of the 2021 National AI Strategy. Political pressure has spurred proposals such as the Artificial Intelligence (Regulation) Bill, reintroduced in March 2025, which would create an AI Authority and codify principles into statute, if passed.
The EU has taken a different path with the EU AI Act, which was finalized in 2023 and is the world’s first comprehensive AI law. The Act applies to any company operating in or supplying AI to the EU, and establishes a risk-based structure: minimal-risk systems face no obligations; limited-risk systems (e.g., chatbots) must meet transparency obligations; high-risk systems (e.g., credit scoring) must meet strict testing, documentation, data-governance and oversight requirements; and unacceptable-risk systems (e.g., real-time biometric surveillance in public spaces) are banned. The Act also creates obligations for General Purpose AI (GPAI) providers, including documentation, training-data summaries and copyright compliance, with additional systemic-risk obligations for large-scale GPAI models. Implementation is phased: prohibited-system bans took effect in February 2025; GPAI obligations begin August 2026; and high-risk requirements roll out from August 2026 to August 2027, overseen by a new EU AI Office.
In the U.S., as of December 2025, there is no comprehensive national AI law. Federal policy has shifted toward promoting innovation: Trump’s Executive Order 14179 rolled back the Biden-era AI governance framework and replaced it with directives aimed at accelerating federal AI adoption. In the absence of federal mandates, states have created a growing, but inconsistent patchwork of rules addressing transparency, discrimination, deepfakes and high-risk model governance, most prominently California’s 2025 Transparency in Frontier AI Act. This state-by-state approach is expanding, but inconsistent, which creates operational and compliance complexity for organizations with nationwide exposure. Importantly, existing federal laws and regulations in the U.S. impact the use of AI. For example, laws related to data privacy, discrimination, civil rights and consumer protection have and will continue to apply to the use of AI.
Implications for Asset Managers
Asset managers operate in a rapidly evolving AI landscape. In the EU and UK, responsible AI expectations are strengthening through formal regulation and supervisory focus, while the U.S. has moved toward deregulation and innovation-first policy. Global firms integrating AI into investment research, trading, risk management and client servicing must navigate these divergent regimes and ensure compliance with both AI-specific and foundational legal obligations.
Takeaways for Silver’s clients with global operations:
- Ensure AI models are traceable and governed with sufficient oversight to mitigate risks such as bias, data misuse and operational vulnerabilities
- Strengthen model-risk management
- Enhance due diligence of third-party AI providers
- Embed thorough and well-documented AI processes to maintain trust and meet regulatory obligations in different jurisdictions
What This Means for Private Fund Managers – Key Takeaways
For private fund managers, the implications of AI adoption extend far beyond operational efficiency. AI introduces regulatory, fiduciary and transparency obligations that advisers must manage with the same rigor applied to any core component of their business. The following key takeaways summarize the practical steps, and supervisory expectations, that firms should keep top of mind as they integrate AI into their investment, research and operational processes.
- Advisers are accountable for EVERY aspect of AI use: From the data that enters the AI system to the recommendations or insights that exit it, managers bear responsibility for all inputs, outputs and decisions influenced by AI systems, which requires comprehensive governance, rigorous due diligence and continuous oversight of all tools, workflows and outside vendors.
- Firms must establish clear AI governance structures: This includes developing clear policies and procedures on permissible use; ongoing compliance training; defining roles and responsibilities for AI supervision; performing detailed evaluations of data sources; creating continuous documentation around model assumptions and limitations; and ensuring that all AI-generated content is archived in accordance with regulatory expectations.
- Responsibility cannot be outsourced to vendors: Vendors can provide tools, but they cannot bear fiduciary duty. If the AI vendor path is taken, ensure all contracts have strong confidentiality provisions to protect client, investor and other firm data from being used inappropriately, with particular attention to nonpublic personal information. And be sure to implement strict access controls and data segregation within the firm to limit data visibility by role or department. No matter what, the firm must ensure that AI systems align with client and investor interests those systems are appropriately supervised; and AI systems do not introduce hidden risks.
- Transparency is becoming a competitive and regulatory expectation: Regulators and industry analysts are also noting that AI is increasingly affecting how investors evaluate private fund managers, which further prioritizes transparency. This means accurately describing in the Form ADV, marketing materials, ESG claims, investor communications and due diligence questionnaires how AI tools are used; what their limitations are; what human oversight is in place; and how the firm monitors risks such as bias, inaccuracies or operational failures. Transparency is not merely about compliance; it is about trust and trust will be the differentiator for advisers who rely on advanced AI technologies.
- Regulators expect documented, proactive oversight: The SEC will look for evidence not just that oversight exists, but that it is deep, frequent and tailored to AI-driven risks. Firms should assume that AI governance will be evaluated through the same lens as other technology-related compliance obligations.
- Programs must evolve alongside technology, regulations and firm operations: Effective AI risk management requires ongoing updates, cross-functional coordination (compliance, legal, tech, investment teams and leadership) and integration into the firm’s core business strategy, not a static or check-the-box approach.
- AI can enhance performance only when supported by strong governance: The most successful private fund managers will be those who pair innovation with a control framework that is as sophisticated and future-proof as the AI systems they deploy.
Overall, the best programs are not static. They evolve in tandem with the technology, the regulatory landscape and the firm’s own operating environment. They incorporate cross-functional collaboration among compliance, legal, technology, investment professionals and senior leadership. And most importantly, they embed AI risk management into core business strategy, not as a box-checking exercise, but as a necessary component of fiduciary excellence. The message to private fund managers is unequivocal: AI may enhance performance and efficiency, but only if supported by a governance framework that is as sophisticated as the technology itself.
AI Will Define the Future, Yet Only Responsible AI Will Endure
The rise of AI represents one of the most profound shifts the financial services industry has ever encountered, offering private fund managers the ability to unlock new insights and achieve unprecedented efficiency. It also introduces complex risks that require thoughtful, disciplined governance.
The firms that succeed in this new world will not be those that adopt AI the fastest, but those that adopt it the most responsibly. They will be the organizations that balance innovation with oversight, speed with scrutiny, and ambition with accountability. They will understand that AI is not simply a tool, but a strategic asset that must be managed with the same rigor as any other core component of their business.
As AI continues to evolve, so too will the expectations of regulators, investors and the broader market. This is not a temporary trend; it is a long-term transformation of how advice is formed, how decisions are made and how fiduciary duty is upheld. The private fund managers and firms who recognize this early, and who build resilient and responsible AI governance frameworks accordingly, will be best positioned to lead the industry into the next era of innovation.
Silver helps advisers turn uncertainty into strategic advantage. Whether you are evaluating new AI tools, tightening supervisory controls or preparing for evolving exam priorities, our Compliance Team can help you build and maintain a governance framework that meets regulatory expectations. To discuss your firm’s needs, contact [email protected].
For ESG considerations, especially where AI intersects with sustainability data, disclosures or reporting, Silver’s SRS Team can guide you through year-end checks, 2026 readiness and global regulatory developments. Reach out to [email protected] to learn how we can support your ESG and sustainability initiatives.