Practical Governance for Enterprise AI
Regulations, enforcement actions, research, and opportunities — tracked daily.
Content Type
Jurisdiction
The Corporate AI Governance Report 2025, published by AICDI Global Insights and surfaced through the AICDI Global Insights data initiative, finds that 87% of companies have not publicly committed to a named AI governance framework, only 13% maintain human oversight policies, and a mere 2.3% have a dedicated complaints mechanism for AI-related issues. The findings are drawn from a global sample and cover board oversight, escalation channels, workforce complaint handling, and formal compliance program adoption. The report highlights structural gaps that leave organizations exposed as AI-specific regulatory requirements continue to expand across jurisdictions.
A May 2025 article in the Harvard Law Review analyzes the atypical corporate governance structures at OpenAI and Anthropic, including capped-profit models and stakeholder-oriented boards designed to resist commercial pressure. The article argues that these mechanisms may still permit unsafe incentive structures and weak accountability, raising questions about whether fiduciary duties and board independence are sufficient to enforce safety-oriented governance at frontier AI developers.
The Partnership on AI published a position piece on May 30, 2025, arguing that corporate AI governance programs are materially incomplete without formal controls spanning supply chain responsibility, end-user terms and conditions, AI assurance ecosystems, and real-time monitoring of autonomous AI agents. The piece targets enterprise compliance and risk functions and connects each governance gap to documented incident patterns and operational accountability failures. It does not carry binding regulatory force but represents practitioner-level guidance from a recognized multi-stakeholder body whose membership includes major technology deployers and civil society organizations.
Atos published a practitioner-oriented AI governance playbook on May 30, 2025, arguing that effective enterprise AI adoption requires a federated model combining local business-unit autonomy with centralized governance controls. The playbook identifies five critical control domains: centralized governance structures, identity and lifecycle management, data governance, agent deployment oversight, and executive review of AI use cases prior to scale-up.
Microsoft, Google DeepMind, and xAI have each signed formal agreements with CAISI—the Center for AI Standards and Innovation at NIST—granting the U.S. government pre-release access to frontier AI models for national security evaluation. The agreements extend a program that previously covered only Anthropic and OpenAI, and align with directives in America's AI Action Plan. Developers provide model versions with safety guardrails removed so government evaluators can probe for national security risks, including in classified testing environments. CAISI has already completed more than 40 such evaluations, including models not yet publicly available.