Insights
Commentary and analysis on the board-level discipline of AI oversight governance. Short, argued, and grounded in fiduciary duty.
Commentary and analysis on the board-level discipline of AI oversight governance. Short, argued, and grounded in fiduciary duty.
Organizations treat AI governance as a brake on adoption. They are measuring the wrong velocity. True speed isn't how fast developers can build; it's how fast the board is willing to let them ship.
The EU's Digital Omnibus package, which would defer the AI Act's high-risk obligations, is provisionally agreed but not yet adopted. Why institutions planning to the expected deferral rather than the enacted date are making a bet, and most are making it without a record.
Boards keep asking whether their AI governance is sufficient. The honest answer is a test, not a checklist: can the organization demonstrate, in evidence, that it made an informed decision about AI risk?
AI oversight is not a new legal theory. It is the existing duty of board oversight, established in Caremark and sharpened in Marchand, applied to the newest mission-critical risk.
Forming a committee is the most common response to AI risk, and the most misleading. A committee is a venue. Governance is a program. The difference is what a court will ask about.
AI is being adopted faster than most organizations can govern it. The distance between the two speeds is where fiduciary risk, regulatory exposure, and missed opportunity all live.