Only One-Third of S&P 100 Companies Disclose Both Board AI Oversight and Formal Policies, Harvard Law Finds
Source
Harvard Law SchoolWhat happened
A Harvard Law School analysis of 2025 proxy statements from S&P 100 companies, published at US AI Oversight Through Three Lenses: Investor Expectations, the S&P 100, and Company-Specific Analysis, found that 54% of those companies disclose board-level AI oversight, yet only one-third disclose both board oversight structures and formal AI policies. Among companies reporting board oversight, 63% assign that responsibility to specific committees rather than the full board. The research further documents that US institutional investors are raising expectations for formalized AI governance, with 46% favoring board or committee-based oversight mechanisms. The findings establish a de facto market benchmark against which S&P 100 companies and their peers are increasingly being measured by investors and regulators. The SEC and institutional shareholders are identified as intensifying scrutiny of AI risk management disclosures, making the gap between current practice and emerging norms a material governance concern.
Why it matters
- ·Companies lacking both a documented board oversight structure and a formal AI policy face growing regulatory exposure as the SEC increases scrutiny of AI risk management disclosures in proxy filings.
- ·The findings set a concrete operational benchmark: compliance and governance teams at public companies must now evaluate their proxy disclosures against S&P 100 peer norms or risk being visibly out of step with market standards.
- ·Institutional investors representing significant ownership stakes are formalizing expectations for AI governance structures, creating organizational risk for boards that have not yet assigned clear AI oversight responsibility to a named committee or body.
Governance controls affected
What to do now
- ☐Audit current proxy statement disclosures to confirm whether both a board or committee-level AI oversight structure and a formal AI policy are explicitly documented and publicly disclosed.
- ☐Map AI risk oversight responsibilities to a specific board committee and record that assignment in governance charters and proxy filings to align with the 63% committee-assignment practice among disclosing S&P 100 peers.
- ☐Review and update the formal AI policy to ensure it addresses risk classification, oversight accountability, and escalation paths that satisfy institutional investor expectations as documented in the Harvard Law analysis.
- ☐Engage investor relations and legal counsel to assess whether current AI governance disclosures meet the emerging expectations of the 46% of institutional investors favoring board or committee-based oversight mechanisms.
- ☐Establish an internal benchmarking process that compares the company's AI governance disclosures against S&P 100 peer disclosures on an annual proxy cycle basis.
What to watch next
Compliance teams should monitor the SEC for any forthcoming guidance or rulemaking that formalizes AI risk management disclosure requirements in proxy statements, as the Harvard Law findings signal that current voluntary disclosure norms may be a precursor to mandatory standards. Institutional investor voting guidelines for the 2026 proxy season warrant close attention, particularly from major asset managers who may begin conditioning votes on the presence of both board oversight structures and formal AI policies. Enforcement patterns related to AI-related material omissions in public company disclosures should also be tracked as a leading indicator of the SEC's evolving expectations.