Topic

Transparency

Transparency in AI governance refers to the practice of making AI systems' decision-making processes, training data, and operational methods visible and understandable to stakeholders, regulators, and affected users. This matters for enterprise compliance because regulatory frameworks like the EU AI Act and various national AI policies increasingly require organizations to document and disclose how their AI systems work, particularly for high-risk applications. Transparency builds trust with customers, reduces legal exposure, and helps enterprises identify potential biases or errors before they create reputational or regulatory problems.

58 items

ResearchGlobal2026-05-01

AI Governance Rules Are Forming Outside Transparent Processes, IAPP Warns

The International Association of Privacy Professionals (IAPP) published an op-ed on April 28, 2026, identifying three recent non-legislative events that are materially shaping global AI governance without transparent deliberation or meaningful input from affected governments and populations. The piece argues that geopolitical pressures and procurement decisions are driving de facto AI rules in ways that bypass formal regulatory channels, creating accountability gaps that compliance teams may not be tracking. The IAPP urges privacy and governance professionals to engage civil society organizations, secure sustainable funding for oversight initiatives, and build direct partnerships with regulators to fill these gaps. For enterprise compliance teams, the analysis flags a systemic risk: material AI governance obligations may emerge from informal or opaque processes rather than published legislation or regulation, making standard regulatory monitoring insufficient. Organizations operating across multiple jurisdictions should audit their governance tracking practices to account for non-legislative standard-setting activity. The finding is particularly relevant for teams assessing AI deployment risk in markets where procurement frameworks or bilateral agreements may function as de facto regulatory instruments.

IAPP United States EU accountability transparency procurement risk management informal standard-setting regulatory gaps compliance monitoring

ResearchUS2026-04-25

US AI Action Plan Shifts Governance Burden to Private Sector, Harvard Ethics Center Analysis Finds

The Harvard Ethics Center has published a high-significance analysis of America's AI Action Plan, concluding that the policy represents a deliberate shift toward deregulation that transfers primary responsibility for AI ethics and governance from federal regulators to private organizations. The analysis introduces a Boundaries of Tolerance Framework, a structured tool designed to help businesses identify and define acceptable levels of AI-related risk within their own operations. For enterprise compliance teams, the practical implication is that voluntary internal governance frameworks are likely to carry greater operational weight in the US market in the absence of binding federal mandates. Organizations operating across jurisdictions will need to reconcile this deregulatory US posture with more prescriptive regimes such as the EU AI Act, creating a more complex multi-framework compliance environment. Compliance and risk professionals should treat the Boundaries of Tolerance Framework as a reference methodology for internal AI risk assessments, particularly when external regulatory requirements remain limited.

United States EU AI Act EU risk management deregulation AI governance corporate responsibility compliance multi-jurisdiction transparency

Corporate PolicyGlobal2026-05-09

Integrated AI Governance Must Be Embedded in Business Design Now, Partnership on AI Urges

Partnership on AI published a policy piece titled 'Corporate AI Governance Matters Now More Than Ever,' calling on companies globally to embed AI governance directly into business-model design and enterprise risk management. The guidance stresses the need for clear ownership of AI-related accountability, cross-functional governance structures, and both internal and external mechanisms to ensure ongoing oversight. No binding requirements are imposed, but the piece represents a recognized industry body's normative expectations for responsible corporate AI practice.

Partnership on AI corporate governance risk management accountability transparency responsible AI enterprise AI auditing

ResearchGlobal2026-04-19

Verifiable Semiconductor Manufacturing Could Secure AI Supply Chains, Oxford Martin AIGI Research Finds

The Oxford Martin AI Governance Initiative published a research paper on April 14, 2026, examining verifiable semiconductor manufacturing as a mechanism for ensuring transparency and trustworthiness in AI compute infrastructure supply chains. The research addresses how verification methods can be applied to semiconductor production processes to provide assurance about the origin and integrity of chips used in AI systems. For enterprise compliance teams, the work is relevant to emerging expectations around AI hardware provenance, particularly as regulators and standards bodies increasingly scrutinize the full stack of AI system components. Organizations procuring AI compute infrastructure may face future requirements to demonstrate supply chain integrity, and this research contributes to the methodological basis for such frameworks.

semiconductors supply chain compute infrastructure verification AI governance hardware provenance transparency procurement Oxford Martin AIGI

ResearchGlobal2026-04-19

Investors Shape AI Governance Globally Through Capital Allocation, Oxford Martin Research Finds

The Oxford Martin AI Governance Initiative published research on April 13, 2026 analyzing how investors participate in and shape AI governance frameworks globally. The research investigates accountability mechanisms that apply to investors as stakeholders in AI development and deployment, assessing how capital allocation decisions interact with governance obligations. For enterprise compliance teams, the findings are relevant because investor pressure and expectations increasingly influence how organizations structure their AI oversight programs, risk disclosures, and accountability reporting. Companies subject to ESG-linked investment mandates or institutional investor engagement may face growing expectations to demonstrate alignment with emerging AI governance standards. The research adds to a broader body of scholarship examining non-regulatory accountability levers in AI governance alongside binding instruments.

investor accountability AI governance ESG corporate accountability transparency risk management accountability Oxford Martin Institute United Kingdom

Corporate PolicyGlobal2026-04-19

Cybersecurity Concerns Trigger Restricted Rollout of Claude Mythos Preview, Anthropic Says

Anthropic has applied deployment restrictions to Claude Mythos Preview, a model in its Claude series with advanced reasoning capabilities comparable to the Opus and Sonnet lines, citing cybersecurity safety concerns identified during red-teaming evaluations. The restricted rollout reflects a deliberate governance decision to limit access before broader release, following internal safety testing that flagged potential cybersecurity risks associated with the model's capabilities. For enterprise compliance teams, this action signals that leading AI developers are operationalizing pre-deployment safety gates that can delay or constrain commercial availability of frontier models. Organizations that have integrated or planned to integrate Claude-series models into workflows should assess vendor communication channels to understand which model versions are accessible and under what conditions. The restriction also underscores the growing importance of supplier-side AI governance disclosures as part of third-party risk management programs.

Anthropic Claude cybersecurity red-teaming model evaluation risk management transparency frontier models restricted rollout third-party risk

ResearchGlobal2026-04-19

General-Purpose AI Capabilities and Risks Assessed in 2026 International AI Safety Report

The International AI Safety Report 2026, published on April 10, 2026, provides a comprehensive global assessment of the capabilities, risks, and risk management strategies associated with general-purpose AI systems. The report is produced under the International AI Safety Report initiative, which draws on contributions from researchers and experts across multiple jurisdictions. It evaluates current AI system abilities alongside potential dangers, offering analysis intended to inform policymakers, standards bodies, and organizations deploying advanced AI. For enterprise compliance teams, the report serves as a significant reference document for understanding how general-purpose AI risks are being characterized at an international level, which can inform internal risk assessments, model governance frameworks, and board-level reporting. Organizations operating under the EU AI Act, which imposes specific obligations on general-purpose AI models, will find particular relevance in the report's framing of systemic and safety risks.

AI safety risk assessment general-purpose AI international governance model risk EU AI Act transparency risk management model evaluation EU

ResearchGlobal2026-05-30

Governance Before Deployment: Databricks Makes the Case for Architecture-First AI Control Programs

Databricks has published implementation guidance arguing that AI governance must be embedded into system architecture, identity controls, and continuous evaluation pipelines from the outset, rather than appended after deployment. The guidance covers agentic AI identity management, bias and accuracy monitoring, and cross-functional collaboration between risk, security, and technical teams. It is positioned as a practitioner framework for enterprise organizations building or scaling AI programs.

Databricks agentic AI identity controls continuous monitoring risk management transparency accountability model evaluation AI governance enterprise AI

Corporate PolicyUS2026-05-03

Only One-Third of S&P 100 Companies Disclose Both Board AI Oversight and Formal Policies, Harvard Law Finds

A Harvard Law School analysis of 2025 proxy statements from S&P 100 companies found that 54% disclose board-level AI oversight, but only one-third disclose both oversight structures and formal AI policies, revealing uneven governance practices across large US public companies. Of companies that do disclose board oversight, 63% assign responsibility to specific committees rather than the full board. The research also documents that US institutional investors are increasing expectations for formalized AI governance, with 46% favoring board or committee-based oversight mechanisms. For enterprise compliance teams, the findings establish a de facto market benchmark: companies lacking both a documented oversight structure and a formal AI policy are increasingly out of step with investor expectations and peer disclosure norms. Compliance and governance officers at public companies should assess current proxy disclosures against these emerging standards, particularly as the SEC and institutional shareholders intensify scrutiny of AI risk management disclosures.

United States board oversight proxy disclosure investor expectations S&P 100 corporate governance transparency accountability risk management SEC

ResearchUS2026-04-19

82% of Top 100 GenAI SaaS Tools Rated Medium to Critical Risk as Employees Routinely Enter Sensitive Data, Cyberhaven Labs Finds

Cyberhaven Labs released its 2026 AI Adoption and Risk Report on February 5, 2026, drawing on analysis of billions of real-world data movements across generative AI SaaS platforms, endpoint AI applications, and AI agents used in enterprise environments. The report finds that 82% of the top 100 GenAI SaaS tools are classified as medium to critical risk, and that employees are entering sensitive data into AI tools on average once every three days. A significant shadow IT dimension is documented: 32.3% of ChatGPT usage and 24.9% of Gemini usage occurs through personal accounts rather than corporate-managed accounts, placing that activity outside enterprise data governance controls. For compliance teams, the findings underscore a structural gap between the pace of AI adoption and the maturity of data loss prevention, acceptable use policies, and third-party risk management programs. Organizations lacking visibility into AI tool usage at the endpoint level may face exposure under data protection obligations in multiple jurisdictions, including the EU AI Act, various US state privacy laws, and sector-specific regulations governing sensitive data handling.

Cyberhaven ChatGPT Gemini OpenAI Google EU AI Act EU United States shadow IT data governance data loss prevention third-party risk management transparency enterprise AI risk

Corporate PolicyUS2026-02-05

OpenAI's gpt-oss-120b Open-Weight Release Creates New Internal Hosting Governance Obligations for Enterprise Teams

OpenAI has released gpt-oss-120b, a large open-weight reasoning model available for self-hosted and third-party-hosted deployment on enterprise infrastructure. The model supports function calling and structured outputs, making it suitable for production workflows, but the release notes do not include detailed safety evaluation disclosures. Compliance teams must assess internal model hosting controls, prompt logging practices, output validation, and misuse risk before deployment.

OpenAI gpt-oss-120b open-weight model hosting enterprise deployment risk management transparency compliance self-hosted AI United States

Corporate PolicyUS2026-02-05

GPT-5.3-Codex Raises Enterprise Governance Stakes for Agentic Code Execution and Software Supply Chain Controls

OpenAI released GPT-5.3-Codex, described as its most capable agentic coding model to date, combining the Codex and GPT-5 training stacks into a single model for code generation, reasoning, and general-purpose intelligence. The model is approximately 25% faster than its predecessors and sets new performance highs on key coding benchmarks. OpenAI's release notes do not publish detailed red-teaming results, leaving enterprise users without a full safety disclosure to underpin deployment risk assessments.

OpenAI GPT-5 Codex agentic AI code generation software supply chain transparency risk management model evaluation enterprise

Corporate PolicyUS2026-02-05

GPT-4.5 Arrives as 'Research Preview,' Triggering Procurement and Risk Controls Before Any Production Use

OpenAI released GPT-4.5 under a research preview designation, describing it as its largest and most capable chat model to date, in notes published to the OpenAI Help Center. The research preview status signals that the model has not yet reached a full general availability release, which carries direct implications for how enterprises may procure, test, and deploy it. Organizations that treat preview models as production-ready without appropriate governance controls risk accepting undefined risk profiles that fall outside standard AI risk management processes.

OpenAI GPT-4.5 model procurement risk management enterprise governance vendor risk transparency model evaluation United States

ResearchUS2026-04-19

Anthropic and OpenAI Governance Structures Risk Amoral Drift on AI Safety, Harvard Law Review Warns

A January 2026 Harvard Law Review article examines the novel corporate governance structures adopted by AI companies OpenAI and Anthropic, concluding that these arrangements may be insufficient to sustain meaningful AI safety commitments over time. The analysis focuses in particular on Anthropic's charter, which grants safety-focused Class T trustees the power to elect three of five board directors either after May 24, 2027, or once the company reaches $6 billion in cumulative investment. The article argues that structural mechanisms designed to counterbalance profit motives are vulnerable to gradual erosion, a phenomenon the authors term amoral drift. For enterprise compliance teams, the research signals that reliance on voluntary governance commitments by AI vendors cannot substitute for independent due diligence on safety and accountability practices. Organizations procuring AI systems from these companies should monitor whether governance structures remain intact and enforceable as commercial pressures intensify.

Anthropic OpenAI corporate governance AI safety accountability risk management transparency procurement United States

ResearchGlobal2026-05-06

Most Companies Still Building Basic AI Governance Frameworks, S&P Global Report Finds

S&P Global published 'The AI Governance Challenge,' a special report arguing that enterprise AI governance must be principle- and risk-based, grounded in transparency, fairness, privacy, adaptability, and accountability. The report finds that many companies are only beginning to construct internal AI governance structures and highlights common framework elements including human oversight, ethical use, and safety. It references institutional examples such as IBM's AI ethics board as models for corporate governance design.

AI governance risk management transparency accountability human oversight enterprise compliance IBM S&P Global ethics auditing

ResearchGlobal2026-04-19

Over 1,000 AI Policy Initiatives Tracked Across 69 Countries, Mind Foundry 2026 Update Finds

Research firm Mind Foundry published its 2026 update to its global AI regulations tracker on January 15, 2026, cataloguing more than 1,000 AI policy initiatives spanning 69 countries. The report highlights key inflection points including the revocation of US Executive Order 14110 in 2025, the evolution of the UK AI Safety Institute into the AI Security Institute following the Bletchley Summit, and China's AI Safety Governance Framework introducing mandatory watermarking requirements for AI-generated content. For enterprise compliance teams managing multi-jurisdictional AI programs, the tracker underscores the accelerating pace of regulatory divergence, particularly between the US federal posture of deregulation and more prescriptive frameworks emerging in the EU, UK, and China. Compliance professionals should note that the underlying instruments referenced in the report, including China's watermarking rules and the UK's institutional restructuring, carry direct operational obligations distinct from the tracker itself.

EU AI Act Executive Order 14110 United States EU UK China risk management transparency multi-jurisdictional compliance AI watermarking

ResearchGlobal2026-05-12

New Framework Defines Rigorous Third-Party Auditing Standards for Frontier AI Safety, per GovAI

The Centre for the Governance of AI (GovAI) published a research paper in January 2026 titled 'Frontier AI Auditing: Toward Rigorous Third-Party Assessment of Safety and Security Practices at Leading AI Companies,' authored by Miles Brundage and collaborators from multiple institutions. The paper defines frontier AI auditing as systematic third-party verification of safety and security claims made by leading AI developers, and maps the key research questions and structural requirements for making such auditing credible. It provides a conceptual foundation for how independent assessors could evaluate whether frontier AI companies are fulfilling their stated commitments.

AI auditing frontier AI safety verification third-party assessment AI governance transparency accountability risk management model evaluation

ResearchGlobal2026-05-05

Misconfigured Permissions, Lifecycle Gaps Top Enterprise AI Governance Risks, ISACA White Paper Warns

ISACA has published a white paper titled 'The Promise and Peril of the AI Revolution: Managing Risk' outlining major AI risk developments and governance expectations for enterprise organizations globally. The paper argues that effective AI governance requires integrating risk management across AI design, deployment, monitoring, and lifecycle controls. It specifically flags misconfigured permissions and insufficient oversight as vectors through which AI-enabled actions can propagate across systems faster than traditional risk frameworks can detect or contain.

ISACA risk management accountability auditing transparency lifecycle controls misconfigured permissions enterprise governance security by design

ResearchGlobal2026-04-19

Global AI Governance Needs Adaptive, Inclusive Frameworks, ITU Report 2025 Concludes

The International Telecommunication Union (ITU) published its Annual AI Governance Report 2025 on December 15, 2025, outlining principles and guidance for steering AI development responsibly at a global level. The report advocates for governance frameworks that are proactive, inclusive, and adaptive to the rapid pace of AI evolution and its cross-border impacts. While the report does not impose binding obligations, ITU publications carry weight as reference standards for national regulators, international bodies, and multinational enterprises shaping their compliance postures. For enterprise compliance teams operating across multiple jurisdictions, the report provides a consolidated view of emerging governance expectations that may inform future regulatory developments in markets where ITU guidance shapes policy. Compliance professionals should review the report's framework recommendations alongside existing regional instruments such as the EU AI Act and OECD AI Principles to identify alignment gaps or emerging obligations in their governance programs.

ITU global governance AI policy regulatory frameworks international standards compliance strategy EU AI Act OECD AI Principles risk management transparency

ResearchGlobal2026-04-22

AI Governance Rules Mapped Across Jurisdictions: Cyber Breaches Due in 5 Days, per arXiv Study

A December 2025 arXiv research paper by academic authors provides a structured overview of AI governance regulations across multiple jurisdictions, synthesizing binding requirements that signatories and regulated entities face under existing frameworks. The paper identifies specific mandatory incident reporting timelines: cybersecurity breaches must be reported within 5 days, operational disruptions within 2 days, and harms to health or the environment within 15 days. It also outlines requirements for risk management frameworks spanning the full AI model lifecycle, including policies, procedures, and methodologies for identifying and mitigating systemic risks. Although the paper is not itself a binding instrument, it serves as a practical reference for compliance teams seeking a consolidated view of obligations that span safety, security, and operational resilience. Enterprise teams operating across jurisdictions will find the incident reporting timelines particularly relevant as they align internal escalation protocols with divergent regulatory deadlines.

EU AI Act incident reporting risk management transparency accountability global compliance safety framework EU United States auditing

← Previous

1 2 3