How can large models empower fund companies' investment research and risk control? The industry's first application standard has arrived!

Ask AI · How do standards address the security and compliance challenges of large models in asset management?

Everyday Economic News reporter: Li Lei Everyday Economic News editor: Xiao Ruidong

According to reports, as AI technology becomes widely used in the public fund industry, related boundaries and regulations have always been a focus of industry and institutional attention. Now, the industry’s first specialized group standard for the application of large model technology in fund management institutions has officially been implemented.

On the evening of April 3, the Asset Management Association of China (hereinafter referred to as AMAC) announced the “Guidelines for the Application of Large Model Technology in Fund Management Institutions” (T/AMAC 0004-2026, hereinafter referred to as the “Application Guidelines”), jointly drafted by AMAC and organizations including E Fund, CICC Wealth, ICBC Credit Suisse Fund, Huaxia Fund, Jiukun Investment, Alibaba Cloud, Zhituo Huazhang, Huawei, China Academy of Information and Communications Technology, among others.

The “Application Guidelines” state that as important participants in the financial market, fund management institutions are actively exploring and applying large model technology. However, the application of large models in asset management still faces a series of challenges and difficulties, including insufficient understanding of financial knowledge, model hallucinations, and technical issues, as well as security and compliance concerns in practical applications.

To promote the digital transformation and innovative development of the asset management industry, guide fund management institutions to standardize and rationally use large model technology to improve service levels, and effectively protect personal financial information security and investor rights, this group standard has been developed.

Large models empower asset management but face challenges; group standards fill industry gaps

The issuance of the “Application Guidelines” is rooted in a clear era and industry context.

In 2023, the Central Financial Work Conference first proposed the goal of building a strong financial nation, making digital finance one of the five key areas of finance, emphasizing that financial institutions need to accelerate digital transformation to enhance competitiveness. The China Securities Regulatory Commission issued the “14th Five-Year Plan for Science and Technology Development in the Securities and Futures Industry,” which states, “Promote technological empowerment and financial technology innovation, and greatly improve the industry’s digital application level”; and in 2024, “Artificial Intelligence+” was included in the government work report for the first time, further accelerating the application of large model technology across industries.

Against this backdrop, fund management institutions, as key players in the financial market, are actively exploring the implementation of large model technology, but pain points in technology and compliance need urgent resolution. Specifically, the industry faces technical challenges such as insufficient understanding of financial knowledge and model hallucinations, as well as core issues like security and compliance in large model applications. The development of the “Application Guidelines” aims to respond to these practical industry needs.

Overall, the “Application Guidelines” are drafted in accordance with GB/T 1.1—2020 “Standardization Work Guidelines Part 1: Structure and Drafting Rules for Standardization Documents.” The full text includes 12 core chapters, 2 appendices, and references. The chapters cover scope, normative references, terms and definitions, abbreviations, general principles, reference framework, infrastructure, data management, model services, application technology, security management, and scenario applications.

The reporter notes that the appendices also include risk analysis and countermeasures for large model technology applications, as well as case studies in the fund business domain, providing comprehensive guidance from basic standards to practical implementation. The standard was released and implemented today (April 3), applicable to fund management institutions using large model technology for system platform construction and application services.

Multi-dimensional application guidelines, full-chain regulation of large model implementation

The “Application Guidelines” establish a comprehensive regulatory system for the application of large model technology in asset management, from infrastructure to scenario implementation, from technical application to security management. Here are some key points:

1. Building the application system foundation with a six-level reference framework

The “Application Guidelines” clarify that the reference framework for applying large model technology in asset management consists of six core components: infrastructure layer, data management layer, model service layer, application technology layer, security management layer, and scenario application layer.

The infrastructure layer is the foundation, providing data, computing, storage, and network support; the data management layer supplies high-quality data for training and application; the model service layer ensures high performance and stability; the application technology layer offers tools and methods for implementation; the security management layer guarantees security throughout the entire process; and the scenario application layer translates technology into specific business scenarios, realizing value.

2. Four-dimensional security management to uphold risk control and compliance

Focusing on the industry’s most concerned aspect—compliance and risk control in large model applications—the “Application Guidelines” emphasize that security management is a core focus, constructing protection systems from four dimensions: infrastructure security, data security, model security, and business security.

For example, infrastructure security involves comprehensive protections for hardware, operating systems, and network environments supporting large models. Data security requires full lifecycle protections, including data masking or encryption for sensitive data, and prohibits the direct use of unmasked customer personal information, core transaction instructions, or unreleased research data for training or fine-tuning large models.

Model security should be addressed from internal governance, external supply chain, and ongoing operation perspectives, including establishing content review rules and violation detection mechanisms.

Business security mandates that synthetic content generated by large models must comply with the “Artificial Intelligence Generated Content Identification Measures,” and multiple safeguards such as identity verification, API security, and compliance audits should be established.

3. Full-process data management to ensure quality and compliance

Data is the core asset of large models. The “Application Guidelines” specify standards for data collection, processing, and knowledge base construction.

For example, data collection should clarify ownership and usage rights, comply with privacy laws, and support multiple data modalities such as text, tables, and audio. Data processing must include cleaning, annotation, augmentation, and quality assessment, with annotation procedures meeting GB/T 42755 standards. Knowledge base construction should cover relevant thematic areas, contain sufficient data volume, source information from reliable channels, and establish efficient indexing for retrieval.

4. Seven key business scenarios to clarify implementation directions

Based on actual fund industry operations, the “Application Guidelines” identify seven core scenarios for large model application: investment research, compliance risk control, marketing, customer service, operations management, efficiency office, and R&D programming.

For example, in investment research, large models can be used for information extraction, report analysis, sentiment monitoring, and factor discovery; in compliance and risk control, they can assist with information review, security assessment, and risk monitoring; customer service can be enhanced through intelligent Q&A and investment advisory assistants; R&D programming can leverage large models for code generation, optimization, and automated testing, shortening software development cycles.

5. Full lifecycle model service standards for selection and deployment

Addressing the entire lifecycle from model selection to management, the “Application Guidelines” set detailed requirements covering four stages: selection, deployment, fine-tuning, and management.

For example, model selection should be based on actual needs, balancing effectiveness and resource consumption, ensuring partner compliance with laws and registration; deployment options include local, external cloud, or cloud service calls, with sensitive data or strict privacy requirements favoring local deployment, and scenarios with intermittent or bursty access favoring cloud services.

6. Four core application technologies to support implementation

To promote practical application, the “Application Guidelines” specify four key technologies: prompt engineering, retrieval-augmented generation, intelligent agents, and component libraries, with specific requirements. Intelligent agents should have planning, memory, tools, and action capabilities, and can adopt single-agent, multi-agent, or human-agent interaction paradigms.

Industry interpretation: Asset management industry’s large model applications are entering a new phase of systematic planning and standardized implementation

Multiple interviewed institutions told the “Daily Economic News” that as the first group standard for fund management institutions’ large model applications, the “Application Guidelines” fill a regulatory gap in the industry and provide unified practical guidance. By clarifying technical requirements, compliance boundaries, and security standards, it not only defines the boundaries for industry digital transformation and technological innovation but also promotes compliant and orderly application of large models in asset management, ultimately aiming to improve service levels and protect investor rights.

Li Shenghao, head of the Digital Financial Innovation Laboratory at ICBC Credit Suisse Fund, pointed out that as one of the drafters of the “Guidelines,” the release of this standard marks a new stage of high-quality development for the asset management industry’s large model applications, moving from spontaneous exploration and scattered trial-and-error to systematic planning and standardized implementation.

He stated that its core value lies in building a “safety barrier” and “innovation roadmap,” precisely addressing institutions’ pain points of “dare not use, not know how to use, and poor use.” The standard first proposes a full-stack technical framework covering infrastructure, data management, model services, security management, and scenario applications: the “safety barrier” involves strict constraints like data classification and masking, model permission isolation, and sensitive information protection; the “innovation roadmap” provides practical guidance through prompt engineering, context engineering, RAG, and intelligent agents, significantly reducing R&D and trial costs.

From industry development, the standard brings three deep values: first, establishing a dynamic balance between safety and innovation through full lifecycle risk management to prevent hallucinations, data leaks, and supply chain risks, while avoiding overly restrictive measures that hinder innovation; second, guiding technology selection to focus on business relevance and effectiveness, moving away from blindly pursuing parameter scale; third, strengthening the technical foundation for industry ecosystem collaboration by unifying interfaces, components, and evaluation standards, reducing inter-institutional and vendor integration costs, and accelerating the maturity of industry-level solutions.

“It’s important to emphasize that this standard is not the ceiling of technology but the baseline consensus and development foundation of the industry. Given the rapid iteration of large models, the standard will continue to evolve dynamically. Its core value is to establish a clear consensus within the ‘guardrails and signposts,’ enabling institutions to innovate safely and confidently, fostering new productivity in the asset management industry and solidifying the foundation for digital and intelligent transformation,” Li Shenghao concluded.

Daily Economic News