Skip to content
Linkedin
Subscribe
the credit union connection logo white

Finding the Balance with Using AI

Photos of Edward Vincent and Sarah Cooke

AI presents many great opportunities for credit unions, but it also comes with its fair share of risks. AI can be very helpful and save time on certain kinds of tasks, but there are challenges when it comes to ensuring that everything regarding a credit unions’ use of AI is in compliance. In order for credit unions to make the most of this technology, it’s important to have security measures and risk policies and strategies in place in order to keep their member data safe.

CEO of SRA Watchtower sat down with host Sarah Snell Cooke at GAC 2025 to discuss AI and compliance and how credit unions can stay secure while staying competitive. They also talk about the value of looking back at past information in order to look ahead to the future.

Disclosure: Transcript below is automatically generated

Sarah Cooke 0:12
Hello and welcome to 2025 America’s, Credit Unions GAC. I am here today with Edward Vincent. Welcome.

Edward Vincent 0:24
Thank you very much. Great to be here, Sarah.

Sarah Cooke 0:25
Thank you. Yeah, he is the CEO at SRA Watchtower. Why don’t you tell us a little about yourself and the company?

Edward Vincent 0:31
Our business was, was founded a number of years ago as a consultancy. And we, we, we helped, we were helping banks initially set up risk management programs. And after doing that for a number of years, those institutions said, we want some tools to be left behind, so we started building some enterprise risk management tools, and frankly, accidentally started working with a few credit unions along the way. And after picking our heads up out of the sand about a year ago, said all the work which we’re doing for for banks, community banks, regional banks, is equally as applicable for a credit union who should be looking at risk holistically across the organization, especially as you well know, right, seeing a lot of cross pollination now between banks and credit unions anyway. So we really leaned into taking this, this software platform that we built, configuring it for for credit unions, divesting that old consulting business and really going all in on the software.

Sarah Cooke 1:26
Okay, very interesting evolution there. And so, I’m glad you found credit unions. We all, we were just talking earlier with one of the other guests. We all fall into credit unions. It’s all accidental, honestly, and that’s what we need.

Edward Vincent 1:39
I feel better about that.

Sarah Cooke 1:40
Employers of choice, is my thing. So your company deals a lot with AI and compliance, and I know there’s like some scariness around that, ensuring that the AI does what you expect it to do. Could you talk a little bit about how credit unions can use AI in their compliance efforts and ensure it is compliant?

Edward Vincent 2:10
Well, I think you hit the nail on the head there, right from the start, which is step one is, you’ve got a risk team. You’ve got a compliance team. Start there. Go and have that conversation, right? That’s the, that’s the place where you want to make sure you’ve got a risk policy in place to govern, to govern these initiatives, because it can be far reaching, right? It can really be expansive operationally, right, inside your four walls, as well as externally. So, right? You start getting into questions of, where’s the data being stored, who has access to it, right? And, and making sure you’ve got the appropriate security and privacy in place. But I think it all begins with making sure you connect with your risk department or your compliance department and make sure that you start out on solid footing, right? It’s a lot easier, right? An ounce of prevention, right is worth it, right? So you kind of you think about this and say, I’m going to do a little bit of work up front, and then I’m going to get a huge amount of value after the fact.

Sarah Cooke 3:04
Pay off later.

Edward Vincent 3:06
100%, right? Beyond that, right, once you’ve kind of done that as a first step, I think the use cases are right, are plentiful, right? We have a situation today where we’ve had a credit union who was implementing our software. One of the things they have to do is they have to write descriptions for all the key risk indicators, which they are, which they are going to measure, right so the institution identifies a handful of parameters that they want to measure and track to monitor the risk across the organization. They’ve decided on those, those, those indicators. Now they want to make sure they’ve got consistent, robust definitions of those indicators, so they can show those regulators, they can show them to their board. That’s a lot of work though, to go through that process of saying if I’ve got 50 or 100 risk indicators that I’m, that I’m going to track. Now I want to write a description for each of those, and I want it to be done consistently. That’s a great use case of AI. We actually put out a podcast ourselves today with, with a, that happened to be a bank chief risk officer. But it was a, it was a similar situation where he was using AI, he gave it the right prompts. There’s a few cycles that you go through of saying write, drive, draft one of these, identify the the elements that are important. Go back and then teach it to say all right, now I want these three components of my description, and then ultimately, look, there’s some finishing touches, there’s some tweaks that you put on that before, before it becomes a finished product. But in that example, Joel got 80% of the way there using AI, right? And that took him a matter of minutes, or maybe hours, as opposed to days or weeks or months. And so in that example, he had, he had a situation where he was going to go to his CFO and ask for another headcount in his budget in order to fund doing this work. And instead, he was able to go back to that CFO and say, hold on. I’d like to reserve that that budget. I’d like to use it elsewhere, potentially later in the year. But I don’t need it now. I don’t need that person right now. So he saved money, you got a consistent, consistent output, and he got it done a heck of a lot faster as well. So I mean…

Sarah Cooke 5:11
And they don’t take sick days.

Edward Vincent 5:12
And the don’t take sick days. And so, look, I think you have to understand the, the, the, the constraints, if you will, right and make sure again, you’ve got the right security in place. But if you understand that this isn’t going to get you all of the way there in that example, but it might get you 80%, 90%

Sarah Cooke 5:31
Yeah.

Edward Vincent 5:32
That’s, that’s a pretty massive efficiency gain.

Sarah Cooke 5:34
Yeah, I’m looking at it as well, and it’s become ridiculously inexpensive too.

Edward Vincent 5:41
Yes, it’s democratized beyond belief, right? I think that the key though is, again, going back to that security and privacy topic is…

Sarah Cooke 5:48
A little different for banking.

Edward Vincent 5:50
Yes, right? And so, right, in our personal use cases, it’s one thing to kind of draft a plan for a party. It’s another thing to say, look, I’m going to entrust this with information about my institution, right? What is my risk appetite? What are my strategic objectives? What are the controls I have in place inside my organization? So look, that’s pretty simply addressed, though. You put, you put the controls in place where that information sits inside of your four walls. Great! You can realize the benefit of this. So just some small, thoughtful steps that you take up front will allow you to really protect yourself.

Sarah Cooke 6:28
Yeah, it’s interesting, because a couple of years ago, people were going around talking AI, AI, but they really talk about the purpose for the AI. It’s just they knew they had to have it. So I think that evolution, at least the education part, was probably not done, but, you know, get it, definitely getting there. And so this also helps, like automation, so many efficiencies, and, you know, credit unions need, need all that updating, need all the efficiencies. I mean, that’s just, it’s invested, it’s just the same as investing in your members, right? It’s investing and protecting them. But…

Edward Vincent 7:02
I think that’s, I think that’s a great way to think about it, is that right? This is, this is an investment. There is a, there might be some short term benefits, but ultimately, I mean, what we see in our world is that it’s really about the extracting value from your data right, at the end of the day, right? And every institution, right? Every credit union should be able to compete with folks, frankly, that are larger, bigger, stronger, faster, if they can get their hands around their data, and if they can use, you know, step one is, right, getting that into one place, getting it clean, right, getting it, going to go through all those data quality machinations. But if you do that, then you put yourself in a position where you really can unlock the power of it. And so to a certain extent, getting your data clean, getting it in one place, that’s table stakes. The real value is then extracting the intelligence from it. So right? Whether that’s business intelligence tools, it’s AI learning. But that gets you to the point where, we like to use the phrase that you’re moving from hindsight or kind of backward looking information to insight which is slightly more timely and more relevant today, ultimately, to foresight, right, which is when you anticipate what’s going to happen.

Sarah Cooke 8:11
This looks like fraud. Yeah.

Edward Vincent 8:13
This could become fraud, right? Exactly, right. And so what do we need to do differently to stop that right before it happens. So that journey to go from hindsight to insight to foresight, you need technology to accomplish that. So, so yes, it is, it is a game changer, ultimately, for the members who are going to get the value from that, but the credit unions are the ones that are going to have to do the work to put the controls in place and then invest in the technology, as you said.

Sarah Cooke 8:41
And unfortunately, criminals also have access to AI. They’re getting, they’re getting faster. I used to, I was talking to somebody the other day about, you know, they, it used to always be the vendors that got hit with the ransomware attacks or hacking, whatever it was, and now it’s actually the credit unions, because it’s so much easier and faster and cheaper with AI. And so you got to fight, fight fire with fire, right?

Edward Vincent 9:04
And they get right, they get access to right, all of your members instead of one of your members, right? And so, yes, you have to really be on your toes here, right? You’ve got to kind of get it, get on, get on the front, you know, the balls of your feet and and make sure you’ve got the right, again, the right security controls in place. So right, I go back to right the first question which you asked, right? Where do you start, right? You certainly start with security. You start with your right, your risk officer, your information security officer, but, right, you have, you just have to take that as, again, similar to the table stakes comment I made before. You just need to have those things in place, right? You need an AI policy. You’ve probably got an information security officer that is thinking about this stuff. Start there, and then you can push into the use cases, because the use cases are plentiful.

Sarah Cooke 9:52
Oh, yeah, absolutely. And so this, even though it’s all into one place, it is a lot of data coming in together somewhere. Um, how’s an exec look at it? How do you, how do you help them make it more useful in, like a somebody who’s not an AI person, you know?

Edward Vincent 10:09
I think the first step is you have to acknowledge that it’s not one and done. It, you’re not going to get it right coming out of the gate. And so I think the first thing is to set that expectation, right, with with a leadership team, with an executive team that that we’re not going to invest in this and get the answer right away, right? Frankly, investing and failing is is almost as valuable as investing in succeeding, right? You learn what you can’t do, what you shouldn’t do, right, what right, what the limitations are.

Sarah Cooke 10:38
Right.

Edward Vincent 10:39
So, I think, you know step, kind of the first step there is socializing that concept that this is going to be a journey. You’re going to have to iterate. You’re going to, in the example I mentioned there before about writing those risk descriptions, you’re going to ask the AI to write it for you. Then you’re going to look at it and say, Well, hold on, It gave me these 5, 5, 5, areas. I only need these three. So I’m going to go back and say, ignore these two areas. Just include these three, these three elements. Then you’re going to get a set of results back and say, All right, well now I want, I want to be able to drill down deeper into one of those areas. So I think iteration is, is, is the, is the key concept there. There’s not a quick fix. That being said, right, as you iterate, you’re going to get better and better and better each time, right? And so that you know, the power of AI, right, is that it does learn, and it builds upon itself. And so you, you will start realizing that the, the return on investment is going to increase, right? You, you have to be willing to make that investment up front. But the returns will, you’ll see them kind of accelerate over time.

Sarah Cooke 11:46
Yeah. And that’s certainly going to be accelerating faster and faster, faster. So I always give my guests final thoughts. What do you will leave our credit union audience with today?

Edward Vincent 11:55
I think I would say that harnessing the power of your data is really the only way to survive, right? You, it used to be, I think maybe two or three years ago, you’d say, I’ve got to lean into my data that’s going to differentiate me in the marketplace. You actually need to lean into your data just to, just survive at this point in time right?, The differentiation then comes from extracting value from that. And so, AI is a great way to extract value, but there’s other steps along the way, right, pure kind of business intelligence tools are right, are a great starting point as well, right? Getting your data into a into a single repository, putting BI tools in place. Those are kind of, crawl, walk, run, steps.

Sarah Cooke 12:38
Right.

Edward Vincent 12:38
You do that, then you can lean into the AI. So I think that the final word I’d say is, you know, it’s it’s never too late to get going, but you do have to get going now and so, and so, if folks have not leaned in, that’s okay. Start by going have a conversation with your CISO, with your risk officer. Make sure you understand the guide posts. But then lean in and be ready to iterate. Be ready to try and understand that this is going to be a multiple cycle journey, but ultimately the value is absolutely there.

Sarah Cooke 13:11
Yeah, awesome. Thank you so much for your time today. Edward,

Edward Vincent 13:13
Thanks Sarah. Appreciate it.

Leave a Comment

Your email address will not be published. Required fields are marked *

The Credit Union Connection: The tools and insight you need to help credit unions advance your communities and movement.

Spreading knowledge for brand awareness, career and leadership development, and the plethora of business partners that can help credit unions remain relevant. Oh, yeah, and we actually have a personality.

@2025 The Credit Union Connection, LLC.

the credit union connection logo white

Contact Us

About Us

Advertise With Us

Scroll to Top