Hummingbird AI: Security & Privacy Overview
Last updated
Was this helpful?
Last updated
Was this helpful?
Hummingbird is committed to building AI products that are safe and secure and meet the strict standards of risk & compliance organizations. Below, you will find an overview of Hummingbird AI functionality and related security and privacy practices.
Keep in mind that Hummingbird AI falls under the same security program as the rest of Hummingbird. For general and additional information, visit our Trust Center.
Hummingbird offers a suite of AI-powered tools for risk & compliance teams, which are integrated directly into the platform. Current Hummingbird AI capabilities include:
Case Insights: Quickly get a summary of the most important details about a case. Hummingbird AI analyzes case data, looking across both first and third party data sources to present a concise summary of the subjects, transactions, and more, along with highlighting the potential risks that may indicate suspicious activity.
Narrative Generation: Speed up regulatory reporting by using AI to generate SAR/STR narratives. Hummingbird AI delivers an accurate, complete first draft for investigators to review and edit. Narratives are generated using your case data and can be delivered in a standardized format using templates.
Narrative Validation: Improve the quality of your SARs by validating that narratives are accurate, error-free, and comply with FIU guidelines. Hummingbird AI instantly checks that SAR narratives include all necessary information, are free from spelling mistakes, and reflect your case data.
File Summarization: Quickly glean key details from case files with AI summaries. From onboarding questionnaires to legal records, AI summaries help investigators get the essential information they need, without having to search for it.
Hummingbird AI uses third-party large language models (LLMs), which are hosted within Hummingbird’s own secure instances in our Azure cloud, benefiting from the enterprise-grade security benefits that come from hosting in Azure. Each Azure instance is locked down, and no customer data is stored in Azure. The models that Hummingbird uses are stateless, meaning no data is retained from the requests made to the LLMs. This helps to keep your data safe, prevent authorized access, and minimize the risk of data breaches.
Hummingbird utilizes a mix of foundational and reasoning models to analyze different parts of the case data. This is then merged together into a dynamically generated, concise summary.
Depending on the specific details of the narrative being generated, Hummingbird sends several different custom-engineered prompts to the LLM along with the relevant case data. Customer managed templates allow for customization over the specific prompts sent to the LLM.
When you validate a narrative using AI, Hummingbird sends a host of custom-engineered prompts to the LLM along with your composed narrative and relevant case data. The LLM then checks your narrative against the various prompts and case data, and Hummingbird AI returns the responses to you as either failed or successful validation checks.
When you request an AI summary, Hummingbird uses our standard AWS architecture and third-party models, hosted within our own Azure instances, to extract and summarize the text. Hummingbird AI then returns the response to you.
No. Hummingbird does not use customer data to train or fine-tune AI models.
In the future, Hummingbird may train our own models using aggregated and de-identified data from customers who have explicitly granted Hummingbird the right to use their data. At no point will Hummingbird use customer PII or other sensitive data to train models.
Hummingbird AI is designed to comply with Hummingbird’s standard security practices and compliance standards, which includes SOC 2 Type 2 certification. This is in addition to the AI-specific security practices described above and detailed here.
To learn more or request additional information, visit our Trust Center.
Yes, the use of Hummingbird AI is optional for all organizations. Admins can request to disable AI features. Visibility and access to some Hummingbird AI capabilities can also be managed using badge permissions.