The role of SLMs in contact centre AI risk management strategies.
Implementing artificial intelligence (AI) in the contact centre isn’t just a technical or operational decision; it’s also an important governance issue.
By Alfredo Gemma, AI Solutions Director at Connect SA.
From the role AI is playing in transforming the risk landscape, with a new class of dynamic threats to data security rooted in generative AI (GenAI) models emerging, to the reputational and operational damage that hallucinations can cause, business leaders need to carefully consider AI in their risk management strategies and policies as adoption ramps up and the technology is deployed more broadly across the business.
Addressing key business challenges in AI adoption.
The core challenge facing businesses is understanding the fundamental shift from the predictable logic of traditional software to the probabilistic and vague nature of GenAI, which is not completely clear, even for those involved in traditional software development.

The unpredictable nature of complicated AI systems is visible in emerging behaviours. While not explicitly inherent in AI models, it can appear when the model scales rapidly past a certain size.
The problem with hallucinations, where the AI model generates incorrect, illogical or entirely fabricated facts or information, is a major challenge because even a single hallucination can erode user trust and create compliance risks.
This remains a major concern for businesses and is a barrier to broader AI adoption and usage in the enterprise.
While the latest AI in the Workplace report by McKinsey & Co. reveals that 80-90% of business leaders currently claim to use GenAI in their operations and 92% plan to increase their AI investments, when you dig deeper, it becomes apparent that most businesses are not using the technology to manage critical business processes due to fear around the risks.
Understanding the realities of AI evolution.
Many businesses are stuck in a basic trial phase or have implemented solutions that leverage open large language models (LLMs) to streamline basic tasks, like surfacing information, because they worry that they cannot control the technology.
There is no guarantee that compromised information won’t be included when using commercial LLMs. This is particularly concerning in instances where personal information available in the public domain is used without obtaining consent, as this is effectively a breach of personal data protection legislation, such as the General Data Protection Regulation (GDPR) and the Protection of Personal Information Act (POPIA).
Questions also arise when using commercial LLMs about the right to be forgotten, as there is no guarantee that the inputted data in will ever be deleted.
Questions related to data sovereignty, including knowing where the data is processed, where and how it is stored, and who has access to it, are also central to AI risk management.
Object accuracy is another concern when leveraging commercial LLMs because there is no guarantee that the collected data hasn’t been changed during a hallucination.
The critical importance of assurance in AI security.
Even AI guardrails cannot always provide 100% certainty that company data or customer information will not be used in the wrong way. The risk of a data leakage, where the AI model discloses sensitive information, is another concern for businesses.
While all valid and real risks, partnering with an expert AI solutions provider like Connect can address these problems in different ways to ensure you don’t delay AI adoption or assume unnecessary risks when trying to remain competitive in a rapidly advancing market.
Our use of a proprietary model architecture and specific training approaches allows operators to create a custom LLM housed on their own infrastructure to ensure data never leaves their environment. This architecture greatly mitigates the risks related to data protection and security.
Lock down your data.
With Connect, your data remains secure within your environment.
Furthermore, LLMs deployed on-premises have a specific architecture that allows the operator to run the model on commodity hardware, with the ability to fine-tune the model in the customer’s secure data domain.
Complete isolation from the outside world protects against attacks and mitigates risks. This is important during domain-specific fine-tuning, as these models need to have some foundational training on generic data to become operational. This may include important or sensitive information that should not be revealed.
As such, we build AI models that adhere to safety rules and internalise core principles from the contact centre environment, building ethical rules within the training for custom LLMs. In this way, we know how the model will reason, and ensure it knows what it should do and why based on rules included in the training.
This model is called constitutional AI, a training method that aligns a model with a set of predefined principles that requires some human oversight but does not need extensive human labelling. Unlike a traditional approach, which is costly, time-consuming, and can introduce human biases, constitutional AI uses rules-based guardrails.
Adversarial training adds another layer of safety, as this approach uses another AI model to test the primary model against exposing the data you want to prevent it from sharing. With this approach, the training itself becomes self-aware of the rules breach.
Adversarial training is also adept at combating biases that custom LLMs can carry from past training models. This is a common problem that can arise due to the vastness of the data available to train AI models, especially when it is trained on generic data but finely tuned on domain-specific data.
When two models are trained at the same time to become resilient to external influences and data that may be affected by bias, the adversarial model also becomes more sophisticated at breaking the rules, which improves its ability to pick up biases.
During deployment, we use external sentinel models to check inputs and model responses to armour-proof outputs, which provides another level of defence to catch cases that may escape the adversarial attacks.
In terms of data privacy, we use more than the many open source frameworks available to train the models. We have a set of frameworks in our pipeline with specific techniques used to add statistical noise during the training to identify sensitive data that the model could reveal.
The role of refined, accurate data in AI.
However, it is not just the model that needs to be very carefully curated. The overall AI data pipeline is also critical, as models are only as good as the data they are trained on. The fact that data is processed in a pipeline necessitates specific cleaning functions that can mask critical data elements and can remove data that is out of context.
Another tool we have available in our arsenal to mitigate the risks associated with AI adoption in the contact centre is the small language model (SLM) and micro-models.
SLMs create opportunities to achieve the best possible performance in usage and accuracy, as these models use limited resources, run on CPUs, and can be easily trained and controlled.
We have also created micro-models – extremely small AI models that can help in one specific task only, such as just sentiment analysis, info extraction, or text analysis. This greatly reduces the risks related to data leakage and the common problems experienced during training.
Services-led and technology-driven.
Whichever route we take, we deploy our models in the customer environment, ensuring there is no issue with data privacy or compliance. We also train our models using open-source data sets made available in the last 3-4 years.
By deploying fit-for-purpose SLMs in an in-house environment, using data masking, data reduction and encryption in transit, our approach makes everything related to AI adoption in the contact centre compliant, significantly reducing the risks associated with a high-stakes misstep as AI adoption ramps up.
About'Connect.
Connect combines global contact centre and customer experience (CX) expertise, deep domain knowledge, and unparalleled industry skills to make the complex, simple. Since 1990, we have leveraged our vendor-independent managed services approach to digitally transform how organisations communicate, both internally and externally. We specialise in combining the most relevant technologies and services from leading vendors and platform providers to create opti-channel engagement solutions, orchestrating frictionless experiences and simplifying complex communication challenges.
Connect with us Connect UK, Connect South Africa, Connect India, Connect USA.
Find out how we can help your business communicate better.
To discuss your communications challenges and requirements, get in touch with us today.
Connect with us now.
New web: Contact Us
"*" indicates required fields