AI Code Compliance Poses Challenges in Regulated Industries

A financial sector professional reports that their compliance team is questioning the use of code generated by AI tools like Cursor and Copilot. The raised concerns include auditing code not written by humans, verifying its compliance with security standards, proving it does not violate licenses, and justifying its origin to regulators. The author emphasizes that the explanation “the AI generated it” will not be sufficient to satisfy a compliance audit. They also mention that these tools are being adopted without their regulatory implications being fully anticipated.