Microsoft has released a compliance assessment for the financial services sector to promote the expanded utility of its 365 Copilot in regulated industries.
Partnering with records management consulting firm Cohasset Associates, Microsoft produced an expanded assessment of Microsoft 365 services, including Microsoft Copilot and Microsoft Loop.
This move marks a stride by Microsoft in further empowering highly regulated industries like finance to use its integrated AI products in their operations.
SEC Rules and Regulations
The Securities and Exchange Commission (SEC) regulates the US financial sector.
One such new regulation requires financial services firms to keep detailed transactions and communications records to protect investors and help prevent fraud.
The rules require firms to adhere to
- Recordkeeping – keeping records of all their transactions
- Retention periods – keeping records for a certain period of time according to their specific requirement
- Accessibility – keeping records on hand for quick access if needed for audits or investigations
These rules apply to brokers, dealers, and members of national security exchanges, and they require that certain types of records be preserved for certain amounts of time to facilitate regulatory examinations and compliance checks.
This is where AI used by these companies potentially falls foul.
These firms need to ensure that the products and services they employ within their workflows—like AI copilots—are capable of meeting the requirements of the regulation.
How Microsoft Has Ensured Compliance
To give its financial services customers the confidence to use its 365 Copilot, Microsoft set out to get outside expertise to create the correct setup so these firms can use its AI services without being in breach or creating additional paperwork to validate.
Its partnership with Cohasset Associates dates back to 2022, when they enlisted the company’s help to ensure compliance configurations for new SEC rules.
Released in October 2023, that report ensured that SharePoint, OneDrive, Microsoft Teams, Exchange, and Viva Engage met the new requirements for recording, storing, and managing electronic records in a non-rewriteable, non-erasable format.
This new collaboration has resulted in an independent assessment of Microsoft’s compliance capabilities, providing a comprehensive evaluation of how Microsoft 365 services, including Copilot and Microsoft Loop, align with the new SEC requirements.
This impartial evaluation of Microsoft’s compliance capabilities, released in December 2024, gives financial firms clarity that they can innovate broadly with the new generative AI capabilities of Copilot and explore the unique collaborative workspace capabilities of Microsoft Loop with guarantees that the setup of their copilot system can keep their generative AI use in check.
In addition to SEC Rules, the assessment also applies to Financial Industry Regulatory Authority (FINRA) Rule 4511 and Commodity Futures Trading Commission (CFTC) Rule 1.31, which relate to the maintenance and preservation of records.
By providing these comprehensive solutions, Microsoft is positioning its UC solutions users to harness AI technologies whilst maintaining the highest standards of compliance and data security.
Compliance of Microsoft UC Solutions
With AI remaining a hot topic for 2025, Microsoft has begun the year, with an intense focus on its 365 Copilot services.
Its desire to offer faster and cheaper AI services for its 365 Copilot has reportedly fractured its relationship with OpenAI, its sole AI provider for the service.
Although the cracks have not entirely appeared, Microsoft has shown that it’s serious as it announced an integration with the Chinese DeepSeek R1 AI model into Azure AI Foundry.