Practical Governance for Enterprise AI
Tag
6 items
The National Association of Corporate Directors has published governance guidance titled 'Tuning Corporate Governance for AI Adoption,' calling on boards to adapt oversight mechanisms to address AI-specific risks including hallucinations, data privacy concerns, and algorithmic bias. The guidance references AI Incident Database figures showing a 26 percent increase in AI incidents from 2022 to 2023, with 2024 data suggesting a further rise exceeding 32 percent. It is directed at US corporate boards and positions AI risk oversight as a core board-level responsibility.
A peer-reviewed article published in the Brooklyn Law Review proposes a dual-board corporate governance structure designed to embed AI safety obligations directly into board-level accountability frameworks. The model would create enforceable fiduciary duties tied to AI safety outcomes, treating AI risk oversight as a formal governance responsibility rather than a voluntary management function. The article argues that existing single-board structures are inadequate to address the complexity and speed of AI-related risks facing corporations.
The National Association of Corporate Directors (NACD) published guidance in January 2025 urging U.S. corporate boards to refine existing oversight mechanisms to address AI-specific governance failures. The guidance cites real-world incidents involving AI-generated deepfakes, confidential data leaks, and algorithmic bias as evidence that current board structures are inadequate for AI risk. NACD identifies a cross-functional leadership model as central to effective AI governance, placing the Chief AI Officer in coordination with the Chief Risk Officer, Chief Compliance Officer, Chief Legal Officer, and Chief Data Officer. For enterprise compliance teams, the guidance signals growing boardroom pressure to formalize AI accountability chains and integrate AI risk into existing enterprise risk management frameworks. Compliance professionals should expect boards to request clearer reporting lines, defined AI risk tolerances, and documented incident response protocols as standard governance requirements.
A Harvard Law School analysis of 2025 proxy statements from S&P 100 companies found that 54% disclose board-level AI oversight, but only one-third disclose both oversight structures and formal AI policies, revealing uneven governance practices across large US public companies. Of companies that do disclose board oversight, 63% assign responsibility to specific committees rather than the full board. The research also documents that US institutional investors are increasing expectations for formalized AI governance, with 46% favoring board or committee-based oversight mechanisms. For enterprise compliance teams, the findings establish a de facto market benchmark: companies lacking both a documented oversight structure and a formal AI policy are increasingly out of step with investor expectations and peer disclosure norms. Compliance and governance officers at public companies should assess current proxy disclosures against these emerging standards, particularly as the SEC and institutional shareholders intensify scrutiny of AI risk management disclosures.
The National Association of Corporate Directors (NACD) has published its 2025 Governance Outlook, urging corporate boards in the United States to adapt oversight structures for AI adoption in response to a measurable rise in AI-related incidents. According to the AI Incident Database, AI incidents increased 26% between 2022 and 2023, with a further increase exceeding 32% in 2024. The guidance identifies hallucinations, bias, and data privacy failures as primary risk areas and calls for tuned governance frameworks and updated board reporting structures to address them. While non-binding, the guidance signals growing director-level accountability expectations that enterprise compliance and risk teams should factor into internal AI governance programs. Compliance professionals should note that board-level engagement on AI risk is increasingly treated as a baseline governance expectation, with implications for how responsible AI policies are documented, escalated, and reported to senior leadership.
The Corporate AI Governance Report 2025, published by AICDI Global Insights and surfaced through the AICDI Global Insights data initiative, finds that 87% of companies have not publicly committed to a named AI governance framework, only 13% maintain human oversight policies, and a mere 2.3% have a dedicated complaints mechanism for AI-related issues. The findings are drawn from a global sample and cover board oversight, escalation channels, workforce complaint handling, and formal compliance program adoption. The report highlights structural gaps that leave organizations exposed as AI-specific regulatory requirements continue to expand across jurisdictions.
