WitnessAI, a leading innovator in AI enablement platforms, has announced the release of WitnessAI 2.0, a significant upgrade designed to enhance regulatory compliance for organizations adopting AI technologies. This announcement comes as WitnessAI is recognized as a finalist for the SC Awards in the “Best Compliance Solution” category.
WitnessAI 2.0 introduces five key updates designed to ensure compliance with the Payment Card Industry Data Security Standard (PCI DSS) 4.0.1. These updates include:
PCI DSS-Specific Controls and Reports: AI activity controls are now directly mapped to PCI DSS 4.0.1, including measures for preventing payment card data loss.
- Remote Employee Controls: The industry’s first zero-install, agentless, and proxy-less capability for AI observability and policy control, ensuring compliance in remote, traveling, or hybrid work environments.
- Regulatory Risk Analytics: Behavioral and runtime analytics provide insights into best practices, potential risks, and areas for improvement as organizations develop and implement their AI strategies.
- AI Insider Threat Detection: By analyzing conversations over time and across various AI applications, WitnessAI can identify compromised or malicious user accounts that are likely to cause data breaches or theft.
- Executive Privacy Mode: Enhanced privacy controls for applications like Microsoft Copilot, ensuring that internal AI conversations remain private.
Rick Caccia, CEO and Co-founder of WitnessAI, emphasized the importance of current regulatory compliance, stating, “Too often, AI regulatory compliance focuses on future-facing regulations such as the EU AI Act. However, employee AI usage poses significant risks to regulations, such as PCI DSS, that companies face today. With WitnessAI 2.0, any organization subject to PCI DSS can ensure complete compliance and easy reporting of control effectiveness/”
The PCI Security Standards Council recently released guidelines for integrating AI in PCI assessments, highlighting the growing recognition of AI’s role in payment security ecosystems. Under PCI DSS 4.0.1, organizations must secure all systems that could impact the security of the Cardholder Data Environment (CDE), including AI tools with access to sensitive environments.
David Neuman, Senior Analyst at TAG Infosphere, noted the challenges organizations face in ensuring compliance when employees work remotely. “The ability to enforce AI use policies regardless of where employees work is critical for PCI compliance. The new guidelines around AI use in PCI assessments will become an increasingly significant concern for organizations, even as they continue to adapt to PCI DSS 4.0.1 requirements.”
InComm Payments, a FinTech provider, has turned to WitnessAI to maintain security and compliance while leveraging modern AI applications. Jonathan Kennedy, CISO at InComm Payments, shared, “We’re focused on ensuring intellectual property and sensitive information isn’t accidentally leaked. WitnessAI helps us achieve security and compliance with our diverse portfolio, reducing risk while maximizing productivity.”
WitnessAI’s platform is designed to address the unique and ongoing compliance challenges of AI in regulated environments, evolving in response to emerging AI regulations. The WitnessAI Secure AI Enablement Platform has been recognized as a finalist for the 2025 SC Awards, demonstrating its commitment to helping businesses navigate the intersection of AI innovation and compliance.
