AI Governance Framework
Contents
1. Purpose
Our vision is to be the easiest and most inspiring way for financial services providers to effectively collaborate with their clients in the era of GenAI. Our mission is to forge a synergistic alliance with leading financial institutions, creating a specialized GPT solution that embodies innovation, responsibility, and security at its core. In order to do this, AI governance is essential to ensure that the policy and processes are in place to assure that our mission and vision are achieved in a responsible and ethical manner.
Implementing robust, efficient AI governance structures is therefore crucial for overseeing the development, deployment, and operation of AI systems. Effective governance ensures that AI systems perform reliably and ethically, aligning with organizational goals throughout their lifecycle. This requires establishing and continuously maintaining clear frameworks and control management practices. Identifying and mastering AI risks is a central obligation for Unique. It ensures that AI systems can be implemented with confidence, knowing that there are structures in place to manage any potential risks effectively.
2. Why AI Governance?
“With the economic promise and opportunity that AI brings, comes great social responsibility. Leaders across countries and sectors must collaborate to ensure it is ethically and responsibly developed, deployed and adopted.” Jan 2024, AI Governance Alliance: Briefing Paper Series, World Economic Forum
Risk management for GenAI is essential for value creation. GenAI Risks that organizations considered relevant in a 2025 McKinsey survey included: Inaccuracy, cybersecurity, compliance, intellectual property infringement, or explainability. Further, risk management has become increasingly important by mitigating data privacy, ensuring the protection intellectual property and minimizing ethical risks associated with AI.
More information about AI Governance can be found in our blogpost here.
2.1 Unique AI: Harmonizing Value Creation and Risk Control
Unique AI has a built-in AI governance to ensure appropriate risk management.
AI governance at Unique means our AI principles and their operationalization. It encompasses the implementation through processes, procedures, policies, and regulations to ensure that Unique AI aligns with our values.
AI governance principles are ultimately fully integrated into all our work including the Unique AI platform.
3. Key Pillars of the Unique AI Governance Framework
Based on established principles and best practices like the "6+1" Responsible AI Principles, 11 Grundsätze - und eine Weisung für Mitarbeitende, the global landscape of AI ethics guidelines and the supervisory expectations by FINMA, we have created our own AI governance principles. Each principle has been thoroughly operationalized and built in throughout the entire product. More information can be found in our blogpost about our AI governance framework here.
4. Operationalization
Unique’s AI principles are only strong if they are operationalized. Therefore our AI governance framework addresses the need for a robust governance operationalization. Therefore, in close co-development with our clients, each of the pillars has been operationalized to ensure that they are not just principles on paper but that they are fully integrated into the entire product. It is important to note that for all AI governance principles a Shared Responsibility Model is applied, meaning that the client and Unique share responsibility with a varying degree regarding different operationalization strategies.
4.1 Trust
Trust is essential for ensuring that the other pillars can be upheld as it helps to ensure the use of the technology by our customers but also boosts internal trust in the initiative which further improves the outcomes thereof.
Responsible AI guidelines and policies: https://unique-ch.atlassian.net/wiki/spaces/PUB/pages/995131424
Active stakeholder engagement to collectively promote transparency in AI: e.g. AI Roundtable: AI Governance White Paper (Part III): Industry Leaders' Opinions
Unique compliance layer: https://unique-ch.atlassian.net/wiki/spaces/PUB/pages/444957005
Responsible AI culture (e.g. compliance trainings and awareness campaigns): https://unique-ch.atlassian.net/wiki/spaces/Q/pages/35127689
Membership in AI Verify Foundation: https://unique-ch.atlassian.net/wiki/spaces/Q/pages/875462682
Data protection standards for GenAI: https://unique-ch.atlassian.net/wiki/spaces/Q/pages/875659267
4.2 Safety & Security
Safety & Security ensures that financial services are within the legal guardrails set by regulators and further amplifies the trust in Unique AI and specifically in our AI governance framework.
4.2.1 Organisational standards
System and Organization Controls 2 (SOC2/ISAE 3000): SOC 2
FINMA Circular Audit: FINMA Outsourcing Circular 2018/3
ISO 27001, 9001 and 42001: ISO Certifications
EU AI Act Conformity Assessment: EU AI Act: Unique's view
4.2.2 Individual standards
End-User Terms and Conditions (T&Cs)
Legal contracts
4.2.3 Product standards
Adherence to Open Worldwide Application Security Project (OWASP) Responsible AI Framework OWASP Top 10 for LLM Applications 2025
Unique’s Secure Software Development Lifecycle (SSDL):Secure Software Development Lifecycle
4.3 Accountability
Accountability is essential for ensuring that each user has their rights and their obligations and allows for a more traceable trail of responsibilities. This strengthens each individuals’ sense of responsibility to the upholding of proper AI Governance and further strengthens the other principles and includes for example roles & responsibility definitions or definition of access rights.
Workspace concept (easy configurable way to limit access to documents)
Prompt limitation: Prompting Guide Unique AI | Uniques Guidelines for responsible prompting
BYO model to control for weights, training data, etc.
Role concept and Privilege Access Mng. (PAM): Access Role Concept
Clear governance of data owners: Access Role Concept
Audit logs: Architecture | Audit Logs
Data Leakage Prevention (DLP): https://unique-ch.atlassian.net/wiki/spaces/PUB/pages/500105333/Data+Leakage+Prevention+DLP
4.4 Reliability & Robustness
Reliability & Robustness encompasses the ability to review how well models are performing (comparing same use cases with different underlying LLMs as well as comparing across different use cases) and delivering the desired outputs. This allows for systematic reviews of and subsequent corrective measures for these models.
Evaluate use case and risks to find the right LLM for each task: https://unique-ch.atlassian.net/wiki/spaces/PictetUniq/pages/434864191
FSI Benchmarking by use case to avoid model drift and data drift (~200 questions daily): https://unique-ch.atlassian.net/wiki/spaces/PUB/pages/600211471
Fine-tuning of data retrieval (enhanced technical prompt-engineering)
Protect LLMs from jailbreak, prompt injection rambling: OWASP Top 10 for LLM Applications 2025
Prompt Engineering guide: https://unique-ch.atlassian.net/wiki/spaces/PUB/pages/657850384
4.5 Explainability & Transparency
Explainability & Transparency means allowing for users to understand how the model reaches its outputs and ensuring that the model remains human-centered.
Retrieval augmented generation (RAG) with link to source document (doc highlighting) for traceability: https://unique-ch.atlassian.net/wiki/spaces/PUB/pages/446038288/Frequently+Asked+Questions+FaQ#Architecture,-RAG,-Vectors,-and-more
Hallucination score: https://unique-ch.atlassian.net/wiki/spaces/PUB/pages/737280008
Data quality in source documents: https://unique-ch.atlassian.net/wiki/spaces/PUB/pages/620855328
Human-in-the loop concept
User feedback loop: https://unique-ch.atlassian.net/wiki/spaces/PUB/pages/636125233
5. Unique's AI Governance Offering
Unique Solution: The AI governance framework is evaluated use case by use case and can then be adapted, added on to and enhanced as need based on your organization's needs.
Unique Knowledge: With Unique you get a built-in and tailored solution from experts who are paving the way in AI governance in FSI.
Unique Community: You are given access to knowledge on the topic at the forefront and be part of a community of like-minded people and organisations that make up our clientele and who we aim to bring together to share knowledge.
6. Whitepaper Series
https://www.unique.ai/en/blog/what-is-ai-governance-about
https://www.unique.ai/en/blog/unique-ai-governance-framework
https://www.unique.ai/en/blog/industry-leaders-opinions-insights-from-industry-leaders
7. AI Governance Roundtable
Unique hosted its first AI Governance Roundtable in September 2024. This roundtable convened some of the largest private banks (EFG, Julius Bär, LGT, Pictet Group and more) and insurances (e.g. AXA, Zürich) in Switzerland as well as representatives of the State Secretariat for International Finance SIF and SIX Group. The discussions were built around the Unique’s AI Governance Framework and how industry leaders were handling these different pillars in their organizations. A summary of the discussions has been made available here.
The aim of such initiatives is to bring the industry together and exchange ideas and best practices around AI. We hope to continue to host such roundtables regularly.
8. AI Policy
As of November 2024, our AI Policy provides the outline for our internal use of AI. It can be read in full here:
Further helpful resources: https://unique-ch.atlassian.net/wiki/spaces/PUB/pages/995131424
This page is maintained regularly and will be gradually adjusted and extended.
Author | @Sina Wulfmeyer |
---|---|
Date | Jan 20, 2025 |
© 2025 Unique AG. All rights reserved. Privacy Policy – Terms of Service