Building AI governance for the next compliance era

WorkAI.TV Editorial Desk
3 Min Read

Share with your CISO

Theta Lake is positioning its communications compliance platform as the connective tissue for AI governance in regulated industries, arguing that firms can’t govern what they can’t see across tools like Microsoft Teams, Zoom, and Webex. Chief product officer Dan Nadir made the case in a FinTech Global interview that auditable AI interaction trails, unified risk frameworks, and defined investigation workflows are now table-stakes for compliance teams, not optional upgrades. The company also launched a Financial Services AI Governance Series targeting IT, risk, and legal teams.

What this means for your business

The firms most exposed here aren’t the ones using the most AI. They’re the ones whose AI usage has outrun their audit infrastructure. If your organization has deployed AI assistants inside communication platforms but your compliance team still reviews interactions the same way it did before those assistants existed, you have a documentation gap that a regulator will eventually find more interesting than you do. The question isn’t whether you’re using AI; it’s whether you can reconstruct what it said, to whom, and why.

Nadir’s framing, delivered through a vendor whose business depends on enterprises believing their current tooling is insufficient, still points at a real structural problem. Communications compliance was already hard before AI assistants started participating in meetings, drafting summaries, and suggesting responses inside the same channels regulators expect to be archived. The addition of AI outputs to those channels creates a new category of content that most legacy capture systems weren’t designed to handle, and the regulatory expectation that firms govern it is materializing faster than most governance roadmaps anticipated.

The practical call here lands on a budget decision most CISOs are already circling: whether AI governance is a new line item or something that gets absorbed into existing compliance tooling. The honest answer is that existing capture and supervision platforms almost certainly need either replacement or significant extension. The vendors making that argument loudest are, naturally, the ones selling the extension. But the regulatory direction in financial services, particularly around MiFID II, SEC recordkeeping rules, and the incoming EU AI Act obligations, makes the underlying case regardless of who’s pitching it. I’d revisit this position only if regulators signal a longer runway than current enforcement actions suggest.

Based on reporting from Building AI governance for the next compliance era, originally published 2026-06-29 07:08:00.

TAGGED:
Share This Article