AI at RadarFirst: Responsible, Secure, and Built for Regulatory Confidence

How We Use AI

RadarFirst uses AI and machine learning to assist with:

Radar AI RIsk

• System risk classification acrosss frameworks and custom policies
• Identification of applicable obligations and mitigation actions
• Structured documentation and audit-ready recordkeeping

Radar Agentic Layer

• Pre-assessment (intake, triage, data readiness, etc.)
• Post-assessment (reporting, coordination, trending, etc.),

These capabilities are designed to enhance decision-making—not to automate it.

AI Use and Limitations

RadarFirst AI features are advisory in nature and are intended to support, not replace, professional expertise.

• Non-deterministic outputs: Results may vary based on context, input data, and evolving regulatory interpretations
• No legal advice: AI-generated outputs do not constitute legal or regulatory advice
• Human review required: Customers are responsible for reviewing and validating outputs before taking action
• Not solely determinative: AI outputs should not be the sole basis for regulatory reporting, escalation, or compliance decisions

While we design our systems for high accuracy and reliability, AI-generated outputs may occasionally be incomplete, incorrect, or misleading. RadarFirst does not guarantee the accuracy of AI-generated results and disclaims liability for decisions made based solely on such outputs.

Responsible AI by Design

Our approach to AI is grounded in clear principles:

• Transparency: We are clear about where and how AI is used within our platform
• Accountability: Customers retain full responsibility for decisions and outcomes
• Safety and Control: We implement safeguards to monitor performance and prevent misuse
• Consistency: AI helps standardize data preparation and analysis across workflows

Human oversight is embedded throughout the system. Users can review, validate, and override AI-generated outputs at any time.

Data Privacy and Security

RadarFirst is committed to protecting the privacy, security, and integrity of customer data in all AI-enabled features.

• Customer data is not used to train external or generalized AI models without explicit consent
• No customer data is shared with third-party model providers
• AI processing occurs within secure, controlled infrastructure boundaries
• Data minimization and purpose limitation principles are enforced
• Systems are subject to access controls, encryption, logging, and audit readiness measures

Our practices align with applicable frameworks, including GDPR, CCPA, and the EU AI Act, and are supported by the broader security controls of the Radar™ platform.

AI Security and Safeguards

We implement specific controls to promote safe and reliable AI operation, including:

• Input validation and prompt injection protections
• Content moderation and misuse detection mechanisms
• Monitoring and logging of AI system activity

These safeguards are designed to reduce the risk of unintended or unsafe outputs and to support ongoing system integrity.

Generative AI Notice

Certain AI features may generate synthetic content based on user inputs.

Customers are responsible for reviewing AI-generated content for accuracy, completeness, and appropriateness prior to use, publication, or submission to regulators.

AI Infrastructure and Model Providers

RadarFirst may utilize third-party large language models delivered through secure cloud infrastructure to power certain AI capabilities.

We implement contractual, technical, and organizational safeguards to ensure that:

• Customer data is not used by model providers to train generalized models
• Data is processed securely and transmitted using encryption
• Processing occurs in isolated environments designed to protect confidentiality

Export Controls and Use Restrictions

Access to certain AI capabilities may be restricted based on jurisdiction in accordance with applicable export control laws.

Customers agree to comply with all relevant U.S. and international laws governing the use of AI technologies.

Continuous Improvement and Updates

RadarFirst continuously monitors and improves its AI capabilities to align with evolving regulatory expectations and best practices.

We reserve the right to update, enhance, or restrict AI functionality at any time. Where required, we will provide notice of material changes affecting system behavior.

Our Commitment

We believe AI should enhance clarity—not introduce risk.

RadarFirst remains committed to deploying AI responsibly, transparently, and in a manner that supports confident, defensible regulatory outcomes.

For more information or to provide feedback, please contact our team.

Alex Layng, VP of Product, [email protected]