Anton Dam is helping enterprise risk, audit, and compliance teams rethink how AI can support highly regulated work without removing human judgment from the process. As SVP of Product and AI at Optro, formerly AuditBoard, Anton works with global enterprises using AI to make risk management more adaptable, strategic, and aligned with business goals. Optro recently won an AI Excellence Award for its work bringing AI into audit, risk, and compliance workflows.

In this episode, Russ and Anton explore how internal audit and GRC teams are using AI to move beyond manual coordination, document review, and repetitive evidence analysis. Anton explains why audit teams often spend the majority of their time on labor intensive review work, and how AI can help shift that effort toward higher value risk management.

They dive into Optro’s approach to assistive AI, copilot experiences, and agentic workflows. Anton shares why quality thresholds change depending on the use case, why human review remains a nonnegotiable, and why nothing should enter a system of record without a person in control.

The conversation also covers AI governance, shadow AI, regulatory change, customer trust, and why large, highly regulated companies may be moving faster on AI adoption than many people expect. Anton explains why Optro does not train on customer data, how the company thinks about AI transparency, and why governance will become as central to business operations as cybersecurity.

Along the way, Anton discusses human creativity, AI alignment, enterprise trust, AI security reviews, audit team adoption, the future of web apps, and why internal audit may become a more strategic advisory function as AI takes on more repetitive work.

Topics Covered:

[00:01] Welcome and intro, Anton Dam and Optro’s AI Excellence Award win

[00:27] Optro’s mission in audit, risk, and compliance

[01:09] Why GRC is changing in a more regulated AI environment

[01:28] Anton’s path from LinkedIn and Workday to Optro

[04:41] Why Anton believes in betting on human creativity

[05:00] What AI can automate, and what remains deeply human

[08:16] A typical day for internal audit teams before AI

[09:00] Manual coordination, evidence gathering, and document review

[10:00] How AI can reduce time spent on repetitive audit tasks

[12:00] What good enough AI means in high stakes risk and compliance work

[12:26] Assistive AI, copilot workflows, and agentic AI

[14:48] Why human review remains required before records are updated

[15:29] Staying current with changing regulations and standards

[16:24] Tracking data sets, model tuning, and development decisions

[17:44] Building trust with enterprise customers

[18:12] Why quality and workflow fit drive AI adoption

[20:03] What surprised Anton about AI adoption in large enterprises

[22:57] AI security reviews and integrating into enterprise AI ecosystems

[23:20] Why the traditional web app may change dramatically

[24:24] Measuring AI impact in risk management

[26:23] Optro’s nonnegotiables for deploying AI

[26:35] Why Optro does not train on customer data

[27:21] Using AI governance to help organizations govern AI

[28:30] Why AI governance may follow the same path as the CISO function

[31:17] Shadow AI and lack of visibility inside organizations

[31:50] The risks of employees using unapproved AI tools

[32:30] Why companies must enable AI safely instead of simply blocking it

[33:40] What internal audit could look like in five years

[34:20] Moving from risk mitigation to risk management

[35:12] Final thoughts on internal audit as a strategic advisory function