...

1. Document Purpose and Structure

Purpose

The Unique AG, a Swiss technology (SaaS) provider, is developing and advancing GPT-technology for the Financial Services Industry. Our flagship product “Unique FinanceGPT” is a tailored solution for the financial industry that aims to increase productivity by automating manual workload through AI and ChatGPT solutions.

Generative artificial intelligence (GenAI), like GPT models, has experienced swift progress, and its capacity to revolutionize various industries has generated a mixture of enthusiasm and concern. For example, Accenture’s 2023 Technology Vision report asserts that the impact of large language models (LLMs), the basis of GenAI’s output, on businesses is not a matter of “if” but “how.” They also highlight the transformative potential of these foundational models in reshaping human-AI interactions.

At Unique, our foremost objective is to build and execute the most secure GPT-based solutions for the financial services industry (FSI) and emerge as a leading partner for GPT-driven use cases in this sector. Ensuring the security of sensitive data entrusted to us by our financial services customers (mainly banks and insurances) is our leading commitment. Therefore, we prioritize the security and resiliency of our IT systems, applications, and business processes. We foster a highly secure IT setup and adhere to the principle of data minimization, incorporating the most robust compliance setup in the industry.

This proactive approach enables us to reduce any potential misuse of credentials, securely store and manage client data, adhere to highest privileged access standards, and respond swiftly to emerging threats. Our system is designed to provide exceptional resistance to data exfiltration, and we recognize that security has to be integrated across the company within the development life cycle, IT operations, and business processes.

Unique closely partners with Microsoft to offer GenAI solutions in a secured and controlled environment: when working with Unique and using Microsoft Azure OpenAI Services, users are using an enterprise and private instance of OpenAI’s GPT model packaged and hosted by Microsoft Switzerland (prompts and answered are not shared with OpenAI nor Microsoft; to be precise: Microsoft processes the data but never stores the data). Unique is also able to integrate other type of LLMs, e.g. self-trained open-source models like Mistral. We also offer different deployment options like cloud-based solutions hosted by Unique or the bank or on-prem deployments are also possible.

This paper outlines the most important measures and processes that are in place to safeguard our customers’ valuable information. Collectively, we refer to these measures and processes as the Unique Compliance Layer.

In addition to this document, we encourage you to review our public documentation (https://unique-ch.atlassian.net/wiki/spaces/PUB/pages/445612410/Security+Compliance+Data+Protection) and our Technical and Organizational Measures (Data Processing Addendum (unique.ch)).

Unique is also dedicated to a comprehensive AI Governance program that aligns with its clients' values and regulatory compliance while also meeting high integrity standards. We employ a variety of strategies for AI Governance, including automated benchmarking for quality and correctness checks, the implementation of principles and operationalisation encompassing processes, procedures, policies, and regulations, and risk mitigation for GenAI. Further information can be found in our public documentation (https://unique-ch.atlassian.net/wiki/spaces/PUB/pages/512360474/AI+Governance). . These measures detail the security attributes, procedures, and safeguards relevant to our cloud services. They also encompass customizable options for customers, all of which adhere to established industry best practices for information security.

Structure

The document starts with describing the challenges when working with GPT-based technology in the FSI space where the reader is guided along the path of data processing and storage, prompt review and legal setup when working with GPT-based technology. Following this, we explain the 7 key pillars of the Unique Compliance Layer in detail.

2. Challenges When Working with GPT-Technology in FSI

Although GPT-technology offers numerous advantages, it’s important to recognize that banks and other regulated financial services face significant hurdles due to stringent industry regulations. Presently, financial services encounter challenges stemming from the absence of specific regulations, as well as concerns regarding data privacy and confidentiality. These factors collectively pose difficulties in incorporating client identifying data (CID) or proprietary knowledge into the LLMs and other models.

AI models, including GenAI, are exposed to existing risks like bias, lack of transparency, and potential misuse. But GenAI also adds further risks, such as model confabulations and unclear data inputs. As GenAI models continue to advance, several challenges arise when financial institutions, such as banks and insurance companies, seek to leverage ChatGPT and similar tools and technologies.

• Data storage by OpenAI or comparable GPT services

• Data processing and access by OpenAI or comparable GPT services

• Prompt review and data storage for training purposes of LLMs

• Regulatory compliance, e.g. not in line with GDPR when data is sent to a US-based API/ LLM

• Unclear legal framework regarding DPA, privacy statement and Terms of Service

• No citations available to check for factual correctness

• Outdated information as OpenAI model is trained with data only until 2021

• Training data, in the context of GenAI models, amplifies concerns related to privacy, confidentiality, and copyright.

• Risks associated with LLMs (see for example list of risks by OWASP: https://owasp.org/www-project-top-10-for-large-language-model-applications/)

Unique FinanceGPT offers a secure and regulatory-compliant approach to effectively leverage GPT-driven use cases. In the forthcoming sections, you will discover in-depth insights into Unique’s innovative approach to constructing an advanced compliance framework that encompasses data protection, IT, and cybersecurity considerations.

3. How Unique Protects Client Data: Introduction to the Compliance Layer

In the given context, the compliance layer refers to a set of principles, processes, and control structures established by Unique to comply with legal, regulatory, and internal requirements for our banking financial services customers. It is a mechanism that protects the organisation organization from compliance breaches and ensures that it adheres to generally accepted market standards and codes of conduct and data protection principles, in Switzerland and Europe.

Overview

...

Details on different layers

...

The compliance layer includes measures such as data minimization, encryption/anonymization/pseudonymization of data, classification of data, access control, and responsible prompting. It also involves leveraging banks’ compliance models and obtaining informed consent. By implementing Unique’s compliance layer for FinanceGPT, FSI can strengthen the security of applications, increase protection against potential threats, and ensure compliance with Swiss data protection laws and GDPR.

Image Added

3.1 Enterprise setup via Microsoft Azure OpenAI API

No Model Training

Unique uses the pre-trained base models provided by Microsoft and does not train any models on data provided by the customer. Unique uses RAG technology to give context to the model when prompting.

Deployment Models

Different deployment models are available:

1. Multi-tenant SaaS on Unique cloudSingle/bank-specific

2. Separate single tenant on Unique cloud Single/bank-specific tenant on bank cloud (customer-managed tenant)(data storage and processing physically separated from other customers)

3. Deployment on customer Azure tenant (data storage and processing on your own cloud environment)

4. On premises

Clients can choose from the most appropriate deployment model and incorporate

...

their security and data protection requirements

...

On-premise

...

. Depending on the deployment, various security and data protection options can be chosen and customized to account for client needs (see https://unique-ch.atlassian.net/wiki/spaces/~6246b27ef3824d006a593faa/pages/edit-v2/715849812#5.-Feature-overview).

FSI Amendments

We also have in place recommended FSI amendments for our contracts with Microsoft. In detail:

• M453 – FINMA. This is the financial service amendment (FSA) and jurisdictionJurisdiction-specific companion amendment (Switzerland) including FINMA requirements like audit rights.

• M744 – bank secrecy. This includes professional secrecy and industry-specific terms regarding banking secrecy.

• M329 – CH data protection. This is the amendment for Switzerland regarding Microsoft products and services Data Protection Addendum

• For other countries (e.g. Germany), Unique also has respective amendments with Microsoft in place (e.g. German Data Protection Amendment).

...

No data storage by Azure

...

OpenAI services and opt-out of human review process

Unique closely partners with Microsoft to offer GenAI solutions in a secured and controlled environment: when working with Unique and using Microsoft Azure Open.AI Services, users are using an enterprise and private instance of Open.A’s ChatGPT packaged and hosted by Microsoft Switzerland (prompts and answered are not shared with Open.AI nor Microsoft).Unique chose has an agreement with Microsoft to opt out of the logging and human review process in Azure Open AI service by MicrosoftOpenAI service for its clients (details can be found here: https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/abuse-monitoring ). This option is available for highly sensitive industries like FSI. This means that , and in this case no data (prompts or responses) is stored by Microsoft Azure Open.AI OpenAI services. If this opt

...

Content filtering

Unique uses content filtering (https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/content-filter) on prompts to prevent the output of harmful content on all OpenAI model deployments.

Activating this filter enhances compliance and safeguards users from the documented risk categories.

Unique follows Microsoft’s Responsible AI Principles:

1. Privacy & Security: AI systems should be secure and respect privacy

2. Inclusiveness: AI systems should empower everyone and engage people

3. Accountability: People should be accountable for AI systems

4. Transparency: AI systems should be understandable

5. Fairness: AI systems should treat people fairly

6. Reliability & Safety: AI systems should perform reliably and safely

More information can be found here: https://www.microsoft.com/en-us/ai/responsible-ai

Model Retirement and PTU Services

Unique also wants to provide the latest innovation to its clients. As part of this strategy, Unique has wants to transition to newer models as offered by Microsoft Inc., in line with its commitment to service improvement and technological advancement. Models are subject to scheduled retirement dates as determined by Microsoft, which routinely retires older models to introduce newer versions. In the event of a model switch, Unique will make every reasonable effort that the replacement will occur within the same designated region (e.g., Switzerland) to maintain regional consistency.

In the event that certain versions of GPT models are no longer offeredin the designated region (e.g. Switzerland) by Microsoft as a Pay-As-You-Go (PAYG) service, the SaaS provider reserves the right to deliver GPT services via its own Provisioned Throughput Units (PTUs) powered platform.

3.2 Data hosting location is Switzerland (or any other location the client may chose)

Microsoft Azure Open AI services are available in Switzerland, Europe and other countries (more information can be found here https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/models#gpt-4-and-gpt-4-turbo-model-availability ).

All client data (including CID) is stored and hosted in Switzerland (Microsoft Cloud cloud in Switzerland North) if the client chooses so via a contractual agreement (other locations are also possible). For Azure OpenAI services, data is only processed and no data is stored at all times (see also opt-out of human review process)north) or any other location offered by Microsoft and chosen by the client (details agreed during contractual discussions).

We also performed a Transfer Impact Assessment for Microsoft Inc. according to the method of D. Rosenthal (leading Tech Lawyer in Switzerland). Results can be shared upon request.

3.3 DLP (Data Leakage Prevention

...

)

...

DLP: Unique offers an API to connect your Unique provides a powerful API designed to seamlessly integrate with customers existing Data Leakage Prevention (DLP) to check if any CID data or PII data has been inserted by users. For details, please refer here.

When working with Microsoft Azure OpenAI Services no data (incl. client data) is stored by Microsoft or OpenAI.

Unique chose to opt out of the logging and human review process in Azure Open AI service by Microsoft. This option is available for highly sensitive industries like FSI. This means that no data is stored by Microsoft Azure OpenAI services. If this opt-out is not chosen, the general data storage period from Microsoft is 30 days. Microsoft Azure Open AI services are currently available in Europe and Switzerland.

Unique and Microsoft do not use any client data for training purposes of AI or any other neural network models.

In addition, Unique also follows Responsible AI Principles:

• Privacy & Security: AI systems should be secure and respect privacy

• Inclusiveness: AI systems should empower everyone and engage people

• Accountability: People should be accountable for AI systems

• Transparency: AI systems should be understandable

• Fairness: AI systems should treat people fairly

• Reliability & Safety: AI systems should perform reliably and safely

...

program. This integration enables monitoring and protection of sensitive information, specifically focusing on client identifying data (CID) and personal identifying data (PII).

Key Features:

• Seamless Integration: Unique’s API connects directly with clients’ current DLP solution, enhancing its capabilities without the need for additional DLP software.

• Monitoring: Continuously track and check for the insertion of CID and PII, ensuring any potential data leaks are detected and addressed promptly.

• Enhanced Protection: Strengthen clients’ data protection measures by leveraging existing DLP system to guard against the unauthorized dissemination of sensitive information.

For more details please check Data Leakage Prevention (DLP).

3.4 Restricted access to data

We have built an access concept including processes and controls to ensure who users can only see what . In addition, clients can also choose how the processes and controls are auditable (e.g., via audit logs). they are authorized to see, and support personell and administrators of Unique can only have temporary access to the separated tenant of a customer. Access to the environment is fully auditable via an audit log.

Unique’s restricted access concept involves the following parts (which can be customized and adjusted to customer-specific setup and needs):

...

customizable parts:

• SSO using SAML or OIDC

• Privileged access management (PAM), privileged identity management (PIM) with temporary access to data only, no permanent roles

• Key management (done by Unique or bring your own keyBYOK)

• Encryption of data in transit and at rest (using HSM-backed key)

• Audit logs

• 2-Factor authentication

• Strong password and login Enforced 2FA with strong password policy

• Terms and Conditions for end-users

• Regular threat modelling workshops

• Enrolled in a bug bounty program

• Additional security measures possible: e.g., MS Lockbox, Confidential Computing

...

• -modeling workshops and continuous Bug Bounty Program.

3.5 Privacy by design and default

Privacy by design and default are fundamental principles for Unique, guiding our commitment to protecting client data. From the inception of our software solutions, during software development and also for UI/UX design, we prioritize the integration of robust privacy measures, ensuring that data protection is built into in our products and services. This approach not only complies with Swiss and European data protection regulations but also fosters trust among our clients. By default, our systems are configured to prioritize user privacy, granting individuals control over their data while minimizing the need for additional user intervention.

We further place high importance on responsible AI and our AI-generated content is protected in several ways:

1. Content Protection through AI-Generated Watermarks: Employ AI-generated watermarks to safeguard content integrity.

2. End-User Terms and Conditions (T&Cs): Provide comprehensive Terms and
   Conditions for end-users, ensuring legal clarity.

3. Client and Employee Training: Deliver training programs for both clients and
   employees to enhance security awareness and competence.

4. Awareness Campaigns and Security Knowledge Sharing: Execute awareness campaigns and promote the sharing of security insights and best practices.

5. AI Policy Implementation: Enforce a robust AI policy to govern responsible AI use within the organization.

6. Adherence to OWASP Responsible AI Framework: Comply with the OWASP
   Responsible AI framework, ensuring ethical and secure AI practices.

6. Feedback loop

...

3.6 Ensure accuracy of LLM output

Unique has built in a feedback loop (following the human-in-loop concept) in all our Gen-AI based features. This is twofold:

1. Empowering User Control (“Human "Human in the Loop”Loop"): Users have the option to
   modify AI-generated output, ensuring control and also adding a personalized
   touch.

2. Soliciting User Feedback on AI Output:•

   1. We encourage users to provide feedback on the AI-generated content to

   
   

   1. gauge its alignment with their expectations.

   •

   1. To maintain security, we caution users not to share any confidential information when providing feedback.

7. Skillset and training

Unique possesses specialized expertise in Swiss local law, demonstrating a comprehensive understanding of the legal landscape – both from a legal and IT security perspective. Our proficiency extends to the intricate realm of data protection specifications, ensuring compliance with stringent Swiss regulations at all times. Furthermore, our in-depth knowledge of FINMA guidelines underscores our commitment to offering solutions aligned with the intricacies of Switzerland’s financial regulatory framework. The accuracy of these claims will be validated through an external audit process, substantiated by both SOC 2/ ISAE 3000 Type 1 and 2 assessments and a FINMA report

Whitepaper on Compliance Layer

...

Link:

...

Author

...

In addition, Unique offers benchmarking to enable the clients to test prompts and answers. By using the benchmarking feature, clients can on a large scale ensure a high quality (accuracy) of the output (answers) by automatically comparing answers to the ground truth and creating a score using LLMs and vector distance as well as detections of hallucinations to make sure data and model drift is detected early on.

Further details can be found at Benchmarking.

3.6 Risk Management of LLMs

Unique ensures continuous improvement of vulnerability management to maintain the integrity, availability, and confidentiality of large language models (LLMs). By regularly updating security protocols and addressing potential vulnerabilities (as guided by the https://owasp.org/www-project-top-10-for-large-language-model-applications/ ), Unique safeguards the performance and reliability of LLMs. This proactive approach minimizes risks and enhances the overall security posture.

More information can be found at OWASP Top 10 for LLM Applications.

4. Further information

• Public Documentation: https://unique-ch.atlassian.net/wiki/spaces/PUB

• Homepage: https://www.unique.ch

• LinkedIn: https://www.linkedin.com/company/unique-zurich

• Whitepaper on Security and Data Protection (on request)

5. Feature overview

Overview of feature availability depending on deployment model

6. Disclaimer

The content contained herein is correct as of August 2024, and represents the status quo as of the time it was written. Unique’s data protection and security policies and systems may change going forward, as we continually improve standards for our customers.

7. Abbreviations