By now, most enterprises have deployed some form of unified communications as a service and workers have learned how to use the applications to improve their productivity. Today, with the advent of AI, workers' expectations about UCaaS are rising. Meeting these demands helps support the rationale to invest in AI even as it accelerates the UCaaS innovation roadmap. But it's important to remember: Innovation does not occur in a bubble.
Technology leaders may embrace the promise of AI, but business leaders must manage other realities that come with transformational change. Compliance is especially challenging, as the rapid pace of change with AI creates expectations to innovate faster in support of competitive advantage.
On a business level, this is understandable, but in regulated markets like finance or healthcare, maintaining compliance can be an obstacle. With UCaaS, AI broadens options for communications as well as automation -- not just for workflows, but also for compliance.
Compliance is costly for all businesses, and if AI can make the cost of governance more manageable, its use case becomes even stronger.
However, compliance leaders must trust in AI, as compliance requirements are complex in ways for which AI has little track record. Let's examine four ways business, technology and compliance leaders should consider when using AI to balance compliance and innovation with UCaaS.
1. Human in the loop
This principle underscores most AI use cases. Associated technologies are not yet mature enough to be fully trusted to automate anything other than basic or routine tasks. The stakes are especially high with compliance, given the types of outcomes regulated sectors are responsible for, as well as assessing the financial impact when penalties and fines arise.
Regulatory language is complex and industry-specific. Most large-language models have yet to be trained at this level. Automation still brings value here, but having actual people involved should be viewed as a necessary layer to ensure compliant workplace communications.
2. Question AI outputs
Automation may help manage onerous workloads and communication flows with UCaaS, but in terms of compliance, blind acceptance invites dangerous risk. Even under routine conditions, AI is susceptible to hallucinations, false positives and incorrect conclusions. Add to that a lack of transparency and explainability -- aka black box -- and it should be clear why trust with AI must be earned.
For that to occur, as a best practice, compliance leaders need to instill the questioning of AI outputs. AI can certainly be a valuable tool as compliance requirements become ever more complex and costly, but it is far from being definitive or authoritative enough to be used in an agentic manner -- where outputs and actions can occur without human supervision.
3. Compliance by design
This approach is gaining traction, especially in regulated markets, where compliance requirements are embedded in technology platforms from the ground up. In pre-cloud times, compliance was less rigorous and could be applied post-deployment in a bolt-on fashion. With cloud becoming the dominant deployment model, and AI making all forms of data -- including communications -- more valuable, compliance is more challenging to address.
AI fuels balancing compliance with innovation in UCaaS, and these platforms need to have compliance built in.
AI fuels balancing compliance with innovation in UCaaS, and these platforms need to have compliance built in. Not only is continuous monitoring needed -- especially since most communications are real time -- but data sovereignty is now a strategic priority. There is a growing interest in using private or hybrid cloud deployments to manage data locally. Outside the U.S this has become particularly important given that most UCaaS providers manage customer data from U.S.-based data centers.
Other factors also make compliance more complex now, such as meeting green IT requirements or adopting a zero-trust approach to protect the network against cybersecurity, fraud or deepfakes. Adopting AI with UCaaS needs to be viewed with a broader lens, where compliance is a core strategic requirement, not a project-based afterthought.
4. AI regulations are coming
Balancing innovation and compliance represents a fundamental challenge that cannot be managed reactively. Taking a light touch to regulation moves innovation forward, but if unchecked, the risks will only proliferate. Strategies like having a human involved help manage this, but technology leaders must also think holistically about AI adoption.
There is no shortage of scenarios where AI can do more harm than good, and this is where the regulatory climate can shape deployment plans. The EU market remains at the forefront of responsible regulation, with GDPR, the EU AI Act and the Digital Operational Resilience Act. No such regulation exists in the U.S; the Executive Order on Safe AI has yet to be passed into law.
Regardless, AI will require some level of regulation to prescribe safeguards to ensure trust. The intent is not to quash innovation, but rather to manage it to ensure compliance in ways that are more economical, as well as enable businesses to move at the pace of their customers.
To do so, technology leaders need to view the regulatory climate at the market level, where all businesses will be affected continuously. Just as innovation is constant with AI, so will the need for some level of ongoing regulation. By extension, this applies to compliance, where the requirements can no longer be viewed in terms of standalone projects, but as platform-based, as with UCaaS.
Jon Arnold is principal of J Arnold & Associates, an independent analyst providing thought leadership and go-to-market counsel with a focus on the business-level effect of communications technology on digital transformation.
