# Hummingbird AI: Security & Privacy Overview

Hummingbird is committed to building AI products that are safe and secure and meet the strict standards of risk & compliance organizations. Below is an overview of Hummingbird's AI functionality and related security and privacy practices.

Keep in mind that Hummingbird AI falls under the same security program as the rest of Hummingbird. For general and additional information, visit our [Trust Center](https://trust.hummingbird.co/).

### What is Hummingbird AI?

Hummingbird offers a suite of AI-powered tools for risk & compliance teams, integrated directly into the platform. Hummingbird AI takes a dual approach: AI Agents automate routine casework, while the AI Assistant helps your team accelerate complex investigations.

**AI Agents**

AI Agents handle routine compliance work end-to-end, with human oversight built in. Every action is explainable and reviewable, and your team stays in control — accepting, refining, or overriding AI outputs before anything moves forward.

* **Case Narratives:** Generate accurate, consistent narratives based on your case data, following your approved templates. Automated checks help ensure nothing is missed, and narratives are reliable enough for mission-critical work, including SAR and STR reporting.
* **Entity Research** *(experimental)*: Automatically compile information on subjects from intelligence sources, watchlists, past case history, and internal systems — surfaced and cited directly in the case.
* **Reviews** *(experimental)*: Automatically fill in review fields and document what's already in the case data, so your team can focus on verifying reasoning and approving.
* **SAR Filing** *(experimental)*: Prepare SARs for review, then — once approved — populate the form and submit electronically to the FIU.

**AI Assistant**

The AI Assistant is an always-on co-pilot that works alongside your team on active investigations. Analysts can ask questions, follow threads, and uncover patterns across case data through an interactive chat experience. The Assistant can also guide investigators through your procedures and help answer key questions that need to be addressed in a case.

### Where is my data processed?

Hummingbird AI currently uses OpenAI's large language models to power our AI features. We have an enterprise agreement with OpenAI that includes Zero Data Retention (ZDR), meaning no customer data is stored or retained by OpenAI — requests pass through and responses are returned without any data being kept on their systems. All data is processed within the United States. For a small number of features that require temporary data storage to function, that storage happens within Hummingbird's own secure cloud environment, not on OpenAI servers. This approach helps keep your data safe, prevent unauthorized access, and minimize the risk of data breaches.

AI features operate on the same customer data already retained within Hummingbird — using AI does not change how your data is stored or expand where it lives. This includes case data that may contain PII or other sensitive information (such as data associated with SARs, STRs, or KYC workflows), which is handled under the same access controls and security practices as the rest of the Hummingbird platform.

We continuously evaluate models and model providers, and may leverage additional LLM providers as capabilities evolve in order to deliver the best possible product experience for our customers.

### Which models power Hummingbird AI?

Hummingbird AI is built on a mix of commercially available, industry-leading models — not models that Hummingbird has trained or developed in-house. Different features call on different model types depending on the task, including:

* **Reasoning models** for multi-step investigative logic
* **Foundational / general-purpose models** for narrative generation and summarization
* **Multimodal models** for interpreting mixed content types
* **OCR models** for extracting text from images and documents
* **Embedding models** for retrieval and matching
* **Smaller, lower-latency models** for fast, targeted tasks

For more sophisticated features, multiple models are used in combination within a single workflow. Rather than mapping one model to one feature, we select the most effective model — or combination of models — for each step of the work, and refine that mapping over time as better options become available.

The model landscape evolves rapidly, so we continuously evaluate new options and test them against our own benchmarks. At present, our primary model providers are OpenAI (for LLMs) and AWS (for OCR via Amazon Textract).

### How are Hummingbird AI models customized?

Hummingbird does not fine-tune or train models on customer data. Instead, we customize model behavior through:

* **Prompt engineering** — carefully designed prompts that guide model outputs for compliance-specific tasks
* **Tool calling** — giving agents controlled access to the specific case data and systems they need
* **Retrieval-augmented generation (RAG)** — providing relevant context to models at runtime so they can produce grounded, accurate outputs
* **Customer-managed templates** — for some features (such as Case Write-ups), customers can define their own templates that shape the specific prompts and expected outputs

We have found that these approaches are sufficient to deliver high-quality, compliance-grade outputs with frontier models, and they have the added benefit of keeping customer data fully isolated between tenants.

### How does Hummingbird test AI accuracy and guard against hallucinations?

Hummingbird has built an internal evaluation and testing framework around open source [Langfuse](https://langfuse.com/) tailored specifically to the compliance domain and our customers’ needs. This framework extends well beyond standard unit testing and includes:

* **Accuracy benchmarks** built from real customer use cases and hand-curated compliance-specific datasets
* **Task-specific evaluation criteria** such as faithfulness and completeness
* **LLM-as-judge evaluators** for scaling qualitative assessment across large test sets
* **Pre-deployment testing** of every prompt, model, or software change before it reaches production
* **Ongoing monitoring** of model performance in production

These evaluations are domain-specific to compliance and are designed to catch hallucinations, regressions, and accuracy drift before they affect customers.

### How does Hummingbird manage AI security risks?

AI features are developed and maintained under the same SDLC and DevSecOps controls as the rest of the Hummingbird platform. This includes automated and manual testing, code review, and inclusion in our regular penetration testing program.

In addition, we apply AI-specific security practices:

* **Red team exercises** to identify potential vulnerabilities specific to AI features
* **MITRE ATLAS framework** to assess adversarial risks across attack vectors relevant to AI systems
* **Prompt injection defenses** such as those described for the Entity Research Agent above, including isolation of untrusted inputs and structured validation of agent outputs
* **Review of flagged misuse** as surfaced by our model providers
* **External auditing** by an information security consultancy for penetration testing and general security reviews

Together, these controls help us identify and mitigate risks specific to AI — including prompt injection, jailbreak attempts, and adversarial inputs — alongside our existing security program.

### How does Hummingbird protect against third-party prompt injection risks?

To protect your data and guard against prompt injection from untrusted web content, our research agent follows the principles of the [Agents Rule of Two](https://ai.meta.com/blog/practical-ai-agent-security/), a framework developed by Meta for designing agents that deterministically reduce the impact of prompt injection. In practice, this means open web searches are isolated and run with only limited context about the subject. A separate entity resolution step — with access to fuller subject context — then confirms that the retrieved information actually relates to the entity in question. Verified results are summarized, cited, and surfaced directly in the case for your review.

### Is my Hummingbird data used to train AI models?

No. Hummingbird does not use customer data to train or fine-tune AI models, and our third-party model providers are contractually and technically configured to prevent retention or training on customer data.

Note that Hummingbird engineers may occasionally view customer data for troubleshooting purposes or to fix bugs in our AI products (for example, to investigate a prompt issue reported by a customer). This access follows the same controls and least-privilege principles that govern all engineer access to the platform.

### How does Hummingbird AI keep my data safe?

Hummingbird AI is designed to comply with Hummingbird's standard security practices and compliance standards, which include SOC 2 Type 2 certification. This is in addition to the AI-specific security practices described above and detailed here.

To learn more or request additional information, visit our [Trust Center](https://trust.hummingbird.co/).

### Can I turn off Hummingbird AI for my organization?

Yes, the use of Hummingbird AI is optional for all organizations. Admins can request to disable AI features. Visibility and access to some Hummingbird AI capabilities can also be managed using badge permissions.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.hummingbird.co/features/hummingbird-ai-security-and-privacy-overview.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.