With a legacy marked by manually intensive tasks prone to error and delays, compliance and risk management are the perfect use cases for pushing large language models (LLMs) to their limits. Anyone who has had to identify and update compliance clauses across thousands of contracts or quantify and manage risks welcomes the many time and efficiency gains LLMs can deliver.
Governance, risk and compliance (GRC) process workflows are bottlenecks in any organization that slow down their response times to customers, suppliers, departments and divisions. The challenge is automating complex workflows and being smart about where and why to add contextual intelligence using LLMs while preserving the confidentiality and security of data.
Based on a recent series of interviews VentureBeat has done with two leading companies setting a quick pace of innovation in this space, LLMs are proving their value by being able to process and analyze unstructured data at scale. Companies leading the race to integrate LLMs into compliance and risk management are using smaller, more accurate models to revamp long-held processes that defied re-engineering with robotic process automation (RPA) efforts in the past. Protecting sensitive data in LLMs is a core design requirement of the companies VentureBeat interviewed.
Any given organization’s GRC workflows defy easy categorization and resist efficiency gains. RPA took on the challenge years ago and delivered efficiency gains, yet lacked the depth of contextual intelligence and modeling LLMs are capable of delivering as a core part of their architectures.
Reflecting the latent needs organizations have for greater GRC knowledge and efficiency gains, the GRC automation market in this area is projected to grow at a double-digit compound annual growth rate through 2028. Gartner notes that the GRC market was valued at $39.4 billion in 2022 and is projected to grow to $76.4 billion by 2028, attaining a compound annual growth rate (CAGR) of 11.6% from 2023 to 2028. The research firm predicts that by this year, legal departments will have automated 50% of legal work related to major corporate transactions. By next year, legal departments will triple their spending on technology.
To gain a greater understanding of how the leading software providers are taking on the challenge, VentureBeat reached out to 4CRisk and Relativity, two companies whose approaches to revolutionizing compliance and risk management using LLMs are noteworthy. Relativity turned to WinWire, one of the world’s leading Microsoft partners, for help unleashing the power of Azure and generative AI to streamline e-discovery, compliance and risk management in their Relativity aiR suite. WinWire’s generative AI Center of Excellence (CoE) brings industry-leading generative AI and Azure Open AI expertise to clients globally. Their AI experts are known for having industry-leading gen AI integration expertise.
WinWire proved instrumental in helping Relativity modernize its IT architecture, including migration of its on-premises applications to Azure Cloud. By partnering with WinWire, Relativity has improved the flexibility, security and speed at which they deliver services to customers.
Keith Carlson, Chief Technology Officer at Relativity, explained during a recent interview with VentureBeat how the company’s tech stack relies on Azure cognitive and real-time services to ensure every customer receives an excellent experience across the aiR suite. Carlson says the user experience is enhanced by having Azure cognitive and real-time services available to deliver 24/7 global support and faster service turnaround times.
Relativity says the cloud-based improvements that WinWire helped them attain continue to pay off with lower infrastructure costs. “By adopting cloud technologies and moving away from on-premises solutions, we’ve seen a drastic reduction in both infrastructure and operational costs—by approximately 40% and 150%, respectively,” Carlson noted. These changes have not only simplified operations but also greatly increased the scalability of Relativity’s services, crucial for handling their extensive document loads.
Carlson explained that LLMs are revolutionizing every aspect of GRC, with stepwise gains already happening in his company’s core area of e-discovery. Carlson says that LLMs are proving their value already with the predictive accuracy they provide in identifying risks which is essential for proactive compliance management. Relativity’s partnership with WinWire has significantly enhanced system and service reliability, crucially supporting the large-scale data processing needed for e-discovery. This improvement is key in an industry where downtime can be particularly costly and disruptive.
“Being in a cloud, making sure your technology is agile and making sure that we can deploy and adapt is critical for us. Having Open Azure AI services integrated with sentiment analysis in addition to the LLM, their cognitive services, and translations for being able to do foreign language as part of the whole eDiscovery process,” Carlson told VentureBeat. Relativity’s collaboration with WinWire has been instrumental in utilizing Azure’s power to streamline e-discovery, compliance, and risk management processes effectively.
4CRisk founder and CEO Venky Yerrapotu is at the forefront of creating and fine-tuning LLMs for the specific challenges of compliance and risk management. In a recent interview with VentureBeat, Yerrapotu explained, “We build language models for the Risk and Compliance domain that can be private but equally efficient as any large language model out there, ensuring that data privacy and security are never compromised.”
Carlson and Yerrapotu defined integration and gaining practical results from implementation as two of the more challenging aspects of getting LLM to scale for compliance, risk management and the broader challenges of GRC. Carlson added that it’s important to take a holistic system integration approach.”Our goal with an effective LLM deployment enhances our existing systems’ accuracy and efficiency, integrating into legal and compliance frameworks and delivering value,” Carlson said.
Yerrapotu noted that the adoption of LLMs in GRC workflows has enabled the automation of complex data processing that previously relied heavily on human intervention. He relies more on a tailored, domain-specific approach to deploying LLMs. “By developing domain-specific models, 4CRisk maintains efficiency and ensures robust privacy, crucial for sensitive GRC tasks,” Yerrapotu said.
“Utilizing smaller, specialized models allows us to scale our compliance solutions globally without significant financial outlays. These models are not only more manageable but also quicker to adapt to regulatory changes,” Yerrapotu said.
“Our privacy-by-design philosophy incorporates encrypted data and operates within secure cloud environments to comply with the strictest privacy laws,” ensuring that LLMs adhere to international privacy standards,” says 4CRisk’s Yerrapotu.
Both 4CRisk and Relativity have designed their product architectures to be resilient against LLM, data poisoning and attacks targeting their models’ integration points. With regulatory compliance being table stakes for each company to stay competitive, their approach to LLMs has centered more on ensuring compliance across jurisdictions and handling variations in regulatory and customer-specific compliance requirements.
WinWire’s integration expertise has prepared Relativity to efficiently handle various international legal requirements, an essential feature for their global operations. Carlson highlighted how Azure’s global reach has facilitated compliance with local laws, which is often a complex challenge for tech companies.
The need for LLMs to adapt to varying regulatory landscapes is more urgent than ever – and more challenging to achieve at scale, too. As enterprises deploy LLMs across different jurisdictions, the ability to handle diverse compliance requirements becomes table stakes for international operations.
Carlson emphasized this point, stating, “At Relativity, we are constantly fine-tuning our LLMs to be agile and compliant across borders. Our technology is designed to evolve as quickly as the regulations do, ensuring that our global clients are always supported no matter how disparate their compliance needs might be.”
Carlson elaborated on the complexities involved in maintaining such high standards: “Navigating through the maze of international data privacy laws is immensely challenging. Our LLMs utilize a dynamic framework that adjusts to new regulations in real-time, which is crucial for maintaining uninterrupted service to our clients worldwide.”
Yerrapotu shared insights into their specialized models, telling VentureBeat, “We focus on creating smaller, domain-specific LLMs that not only perform with greater precision but also integrate seamlessly into various regulatory frameworks. This targeted approach helps us deploy LLMs that are both efficient and adaptive to changes, providing scalable solutions that do not compromise on privacy or security.”
Both firms and others comparable to them VentureBeat interviewed to gain insights into the future of LLMs in compliance and risk management point to the need to build trust with clients and maintain it with transparency of how LLMs are created, updated and scaled for unique customer needs.
Core to Relativity’s strategy is building a comprehensive strategy to deliver privacy and security over and above meeting legal obligations. As Carlson puts it, “Trust is the cornerstone of our client relationships. By ensuring our LLMs are not only powerful but also secure and compliant, we instill confidence in our clients that their sensitive information is well protected.” Through their rigorous adherence to privacy standards and their innovative use of LLMs to manage compliance and risk management in real time, 4CRisk and Relativity are setting new benchmarks for security in the quick-moving generative AI age of GRC.
