ISITC TALKTIME: Can AI Act Compliance be automated by AI Agents?
TalkTime Podcast: Can AI Act Compliance be Automated by AI Agents
A provocative conversation with ISITC Europe and Genbounty
As AI systems grow more powerful, a new question is emerging across financial services, technology, and regulatory circles: Can AI compliance be automated? In this compelling episode of ISITC Europe’s AI podcast series, Gary Wright sits down with Bob Morel, CEO of Genbounty, to explore whether AI agents can truly manage EU AI Act compliance—and what happens when machines start checking the work of other machines.
Bob explains the rapid rise of AI agents capable of research, decision‑making, and autonomous action. These agents can already test AI models, benchmark them against frameworks like NIST, OECD, and OWASP, and even generate risk reports or propose fixes. In some development pipelines, AI is already reviewing code, flagging vulnerabilities, and halting deployments. But this innovation comes with a warning.
Bob highlights the fundamental flaw: AI validating AI directly contradicts the core principles of the EU AI Act, which demands transparency, explainability, and—critically—human oversight. Allowing AI to certify its own safety risks creating systemic blind spots, cascading errors, and the very “AI‑checks‑AI” loop regulators are trying to prevent.
The conversation dives into:
- Why automation is attractive—but dangerous—when applied to AI safety
- How human creativity and motivation still outperform AI in uncovering novel risks
- Why mandatory logging, explainability, and human‑in‑the‑loop controls are essential
- How Genbounty blends automation with human expertise to keep AI accountable
- Why financial‑sector regulations like MiFID, DORA, and consumer‑protection rules reinforce the need for human command
Gary and Bob make a powerful case: AI should enhance compliance, not replace human judgment. Firms must use AI wisely—not let AI use them.
Viewing time: 13 mins
Bob Morel is an AI security and Cybersecurity SME available for consultancy roles. Bob is the CEO of AIRTA Systems, an AI Risk Management platform designed to facilitate market access for AI-driven applications, and Co-Founder of Genbounty.
With a robust background in thought leadership, Bob previously served as the Head of Application Security at Centrica and the Application Security Lead for a cryptocurrency exchange. He is an active contributor to the cybersecurity community as an author for Infosec, creating learning paths on topics such as Breaking LLMs and AI-driven Applications, and the ChatGPT for offensive security. His expertise is supported by a B.Sc. in Computer Science, and industry certifications including CISSP, CompTIA Security+, and SecAI+.
Leave a Reply
You must be logged in to post a comment.