Analyses
Guides pratiques sur la gouvernance de l'IA, analyses réglementaires et recherches — pour les dirigeants, les entreprises et les particuliers naviguant dans le paysage de l'IA.
Agentic AI and the Accountability Vacuum: Who's Responsible When AI Agents Fail?
Autonomous AI agents are taking real-world actions, booking travel, executing trades, sending emails, making purchases. Our governance frameworks are dangerously unprepared for this.
Lire l'article
AI Governance for Small Business: Where to Start
2026
You don't need an enterprise compliance team to govern AI responsibly. Five practical steps, a named owner, and a one-page policy, exactly what small businesses need to start governing AI responsibly.
AI Investment Due Diligence: What Investment Firms Should Be Asking When Evaluating AI Companies
2026
A practical six-dimension framework for VC and PE firms evaluating AI companies, from technology verification to regulatory exposure to governance maturity and exit readiness.
Australia's AI Governance Gap: What the Regulatory Retreat Means for Enterprise Risk
2026
Australia abandoned mandatory AI guardrails months after announcing them. For enterprise organisations, the result is genuine uncertainty that creates its own class of risk.
What Questions Should Your Board Be Asking About AI?
2026
AI is now a material risk for most organisations. Directors who cannot articulate the right questions cannot discharge their oversight obligations. This is the board-level governance framework: 12 questions, the answers that signal genuine governance, and the answers that signal gaps.
EU AI Act Compliance 2026: What the Omnibus Extension Means for Organisations Outside the EU
2026
The EU AI Act Omnibus (May 2026) extended the Annex III high-risk AI deadline to December 2027. But transparency obligations, GPAI model rules, and prohibited AI bans are already in force. The compliance map for organisations outside the EU.
The EU AI Act Just Got Simpler. But You're Not Off the Hook
2026
The EU agreed to simplify AI Act compliance via the Digital Omnibus. SMEs get lighter requirements. But the August 2026 transparency deadline and core high-risk obligations are unchanged.
Five Signs Your Organisation's AI Governance Is Inadequate
2026
A self-diagnostic for boards, executives, and risk teams. If any of these five signs apply to your organisation, your AI governance needs attention before something goes wrong.
How to Use AI Safely at Work: A Practical Guide
2026
What employees and business owners actually need to know about using ChatGPT, Claude, Copilot and other AI tools at work, what to share, what never to share, and how to verify AI outputs.
How to Write an AI Policy for Your Organisation
2026
A practical guide to writing an AI usage policy that employees will actually follow, what to cover, what makes policies fail, and a complete section-by-section structure you can adapt immediately.
The US State AI Law Patchwork Is Now Your Problem
2026
Connecticut just passed the most comprehensive US state AI law ever. Colorado's Act is being gutted. Texas and California are enforcing. 2026 is the year US AI regulation stopped being theoretical.
What Is AI Governance? A Plain-English Guide
2026
AI governance explained clearly, what it is, why every organisation needs it, and what good governance actually looks like in practice. For businesses of all sizes.
What Is High-Risk AI Under the EU AI Act? A Complete Guide
2026
A plain-English explanation of what high-risk AI means under the EU AI Act: which systems qualify, what obligations apply, and what organisations need to do before August 2026.
AI Governance in Healthcare: What Clinical Leaders Need to Know
2026
Hospitals and health systems are deploying AI faster than governance is keeping up. This guide covers what clinical AI governance requires, and what happens when it fails.
AI Governance for Financial Services: Regulators Are Watching
2026
Banks, insurers, and investment firms face growing regulatory scrutiny for AI use in credit, fraud, and customer decisions. Here is what a compliant framework looks like.
ISO 42001: A Practical Implementation Guide for 2026
2026
ISO 42001 is the international standard for AI management systems. This guide covers what it requires, how it relates to EU AI Act compliance, and how to implement it without building a bureaucracy.
AI in Hiring: The Governance Risks HR Leaders Cannot Ignore
2026
Resume screening, video interview analysis, and psychometric AI tools are transforming recruitment, and creating significant legal exposure. What HR leaders need to know.
Writing an AI Policy for Your Small Business: A Step-by-Step Template
2026
Most AI policy guides are written for enterprises with legal teams. This one is for small business owners who need something practical, defensible, and done in an afternoon.
AI Governance for Law Firms and Legal Teams: Privilege, Confidentiality and Compliance
2026
Law firms and in-house legal teams are adopting AI rapidly, but the professional obligations that govern legal practice create governance requirements that go beyond standard enterprise AI policy.
AI Governance in Education: What Universities and Schools Must Get Right
2026
Educational institutions are navigating AI on two fronts simultaneously, managing student AI use and governing their own institutional AI deployments. Both require formal governance.
Model Risk Management in the Age of AI: Updating SR 11-7 Thinking for Modern ML
2026
The Federal Reserve's SR 11-7 model risk management guidance was written for statistical models. Modern machine learning breaks many of its core assumptions. Here is how to adapt it.
AI Governance in the Public Sector: Accountability, Transparency and Democratic Oversight
2026
Government use of AI raises accountability questions that private sector governance frameworks do not fully address. Public sector AI governance must answer to citizens, not just shareholders.
AI in Your Supply Chain: Managing Third-Party AI Risk
2026
Most organisations' AI risk does not come from the AI they build, it comes from the AI embedded in the software, services and platforms they buy. Third-party AI risk management is now a board-level concern.
When AI Goes Wrong: Building an AI Incident Response Capability
2026
Every organisation using AI will eventually experience an AI incident, a system failure, a biased output, a regulatory breach, or a reputational event. Most have no plan for when it happens.
GDPR and the EU AI Act: How They Interact and Where They Conflict
2026
The EU AI Act and GDPR apply simultaneously to AI systems processing personal data. Their requirements overlap significantly, but they also create tensions that governance must resolve.
AI Governance in Insurance: Underwriting, Claims, and the Fairness Problem
2026
Insurers are using AI to price risk, assess claims, and detect fraud at scale. The governance obligations, and the discrimination risks, are more significant than most have recognised.
AI Governance for Startups: Building It Right Before You Scale
2026
Startups assume AI governance is an enterprise problem. It is not. The governance decisions you make in your first 18 months shape your regulatory exposure, your fundraising conversations, and your ability to enter regulated markets.
How to Audit Your AI Systems: A Practical Framework
2026
AI auditing is becoming a regulatory requirement in more jurisdictions, and a due diligence expectation in most others. This guide covers what an AI audit involves, who should conduct one, and what to do with the results.
AI in Customer Service: Chatbots, Disclosure Obligations, and What Can Go Wrong
2026
Chatbots and virtual assistants are now the first point of contact for millions of customers. The governance obligations, and the reputational risks when they fail, are frequently underestimated.
Singapore's AI Governance Framework: What Businesses in Asia-Pacific Need to Know
2026
Singapore has developed one of the most sophisticated AI governance frameworks in Asia. For businesses operating in the region, understanding the MAS guidelines, IMDA's Model AI Governance Framework, and how they interact with the EU AI Act is becoming a compliance necessity.
AI Vendor Due Diligence: What to Ask Before You Sign
2026
Buying an AI system from a vendor does not transfer your governance obligations to them. It makes those obligations harder to satisfy. Here is the due diligence process that protects your organisation.
AI Governance Maturity: The Five Levels and How to Progress
2026
Not all AI governance is equal. Understanding where your organisation sits on the maturity spectrum, and what the next level requires, is the most practical starting point for a governance improvement program.
AI in Retail and E-Commerce: Personalisation, Pricing, and the Governance Obligations That Come With Them
2026
Retail AI, recommendation engines, dynamic pricing, demand forecasting, is among the most widely deployed AI in commercial use. The governance obligations are less widely understood.
Australia's AI Safety Standard: What It Actually Requires and Who It Applies To
2026
The Australian Government's voluntary AI Safety Standard sets out ten core guardrails for safe and responsible AI. For enterprises, voluntary doesn't mean optional — procurement, liability, and reputation make compliance effectively mandatory.
The Privacy Act, AI, and What the OAIC Expects from Australian Organisations
2026
Australia's Privacy Act 1988 already regulates AI in ways many organisations don't realise. The OAIC has made clear that the APPs apply fully to AI systems that collect, use, and disclose personal information — and the reform agenda will tighten these obligations further.
APRA and ASIC: What Australian Financial Services Firms Need to Know About AI Regulation
2026
Australian banks, insurers, and superannuation funds face AI governance expectations from two powerful regulators simultaneously. APRA's operational risk prudential standards and ASIC's responsible lending and market conduct obligations apply to AI in ways that many compliance teams haven't fully mapped.
Australian Directors and AI: What Your Governance Obligations Actually Mean
2026
Australian directors have personal governance obligations that extend to material AI risks. ASIC's liability focus, the ASX Corporate Governance Principles, and the Robodebt Royal Commission findings have changed what 'appropriate oversight' of AI means at board level.
Using AI at Work in Australia: What Every Employee Needs to Know
2026
Your employer can monitor your AI use, AI output is your responsibility, and feeding client data into ChatGPT could breach privacy law. A practical, jargon-free guide for Australian workers navigating AI in the workplace.
Can My Boss Use AI to Monitor Me at Work? Australian Employees Rights
2026
AI-powered workplace monitoring is growing fast in Australia — productivity tracking, email analysis, even sentiment detection. Here's what your employer can legally do, what they can't, and what to do if you think you're being monitored unfairly.
AI Policy for Australian Small Business: A One-Page Template and What the Law Requires
2026
If you run a small business in Australia and your team uses AI tools, you probably need an AI policy — and you almost certainly need to update your privacy policy. Here's what's required, what's good practice, and a template you can adapt today.
Robodebt's Lessons for Australian AI Governance: What Every Organisation Must Learn
2026
The Robodebt Royal Commission produced the most significant analysis of automated decision-making governance failure in Australian history. Its lessons extend well beyond government — they apply to every Australian organisation using AI in decisions that affect people.
AI Is Changing Australian Jobs: Your Rights, What Employers Must Tell You, and How to Protect Yourself
2026
AI is reshaping work across Australia — automating tasks, changing hiring, and in some cases eliminating roles. Here's what the Fair Work Act says about consultation, what you're entitled to know, and how to navigate AI-driven workplace change.
ACCC and AI: What Australian Consumer Protection Law Means for Businesses Using AI
2026
The Australian Competition and Consumer Commission has made clear that Australian Consumer Law applies fully to AI-driven business practices. Misleading AI pricing, dark patterns, and AI-generated false claims are enforcement priorities. Here's what Australian businesses need to know.
AI Governance in Australian Financial Services: The Complete Regulatory Guide
2026
Australian banks, insurers, superannuation funds and credit providers face overlapping AI obligations from APRA, ASIC, the OAIC and the ACCC. This guide maps every obligation and tells you what to do first.
AI in Australian Healthcare: TGA, Privacy Act, and Clinical Governance
2026
Clinical AI in Australia sits at the intersection of TGA medical device regulation, Privacy Act health information obligations, state-based health records laws, and professional indemnity obligations. Here is what healthcare organisations need to know.
AI in Australian HR and Employment: What People Teams Must Get Right
2026
HR and people teams in Australia are using AI for recruitment, performance management, workforce planning, and employee monitoring. Each use case creates specific legal obligations under the Fair Work Act, Privacy Act, anti-discrimination law, and state workplace surveillance legislation.
ASX-Listed Companies and AI: Disclosure, Directors Duties, and Governance Obligations
2026
Listed companies face AI governance obligations beyond those applying to private entities — continuous disclosure, ASX Corporate Governance Principles, and heightened director liability exposure. What boards and company secretaries need to know.
AI in Australian Superannuation: Trustee Obligations, Member Communications, and Investment AI
2026
Superannuation funds are using AI in member communications, investment management, complaints handling, and fraud detection. The SIS Act trustee obligations, APRA prudential standards, and ASIC conduct requirements create a governance framework that most funds have not fully mapped.
AI Governance for Australian Law Firms: Professional Obligations, Privilege, and Practical Steps
2026
Australian law firms are adopting AI for research, document review, contract analysis, and drafting. The professional obligations of solicitors and barristers — confidentiality, competence, candour to tribunals — apply fully to AI-assisted legal work. Here is what Australian legal practitioners need to know.
Your First 30 Days of AI Governance: A Practical Plan for Australian Organisations
2026
Whether you are starting from scratch or trying to catch up with what the regulators expect, this 30-day plan gives you a structured path to defensible AI governance. Structured around the Australian Government's AI6 framework — six essential practices for responsible AI governance.
Your Privacy Rights When Your Employer Uses AI: An Australian Employee Guide
2026
Your employer using AI to monitor, assess, or make decisions about you has privacy implications that many Australians do not know about. Here is what the Privacy Act, state laws, and Fair Work Act give you the right to know and do.
Singapore PDPA and AI: What the Personal Data Protection Act Means for AI Systems
2026
Singapore's Personal Data Protection Act applies fully to AI systems that collect, use and disclose personal data. The PDPC has issued AI-specific advisory guidelines that organisations must understand alongside the Model AI Governance Framework.
MAS and AI in Singapore Financial Services: FEAT Principles, Veritas, and Regulatory Expectations
2026
The Monetary Authority of Singapore has the most developed AI governance framework for financial services in Asia. MAS's FEAT principles, the Veritas methodology, and evolving model risk expectations set the standard for banks, insurers, and asset managers across the region.
India's Digital Personal Data Protection Act 2023: What It Means for AI Systems
2026
India's DPDP Act came into force in 2023, establishing a comprehensive data protection framework that applies directly to AI systems processing personal data. With 1.4 billion people and a massive AI industry, understanding India's data protection framework is essential for any organisation operating in or building AI for the Indian market.
UK AI Governance: The Pro-Innovation Approach, ICO Guidance, FCA Expectations, and What It Means Post-Brexit
2026
The UK has chosen a principles-based, sector-led approach to AI regulation rather than a comprehensive AI law. But that doesn't mean AI governance in the UK is simple — ICO, FCA, CMA, Ofcom, and MHRA all have relevant powers, and UK companies with EU customers still face the EU AI Act.
US AI Governance for Enterprise: Navigating Federal Agencies, State Laws, and the Absence of Federal Legislation
2026
The United States has no comprehensive federal AI law — but that doesn't mean US enterprises are ungoverned. FTC, CFPB, EEOC, and sector regulators all have active AI enforcement programs. State laws are proliferating. And the EU AI Act applies to US companies with EU customers.
EU AI Act Omnibus 2026: The Complete Guide to What Changed on 7 May 2026
2026
The EU AI Act Omnibus reached provisional agreement on 7 May 2026, extending the high-risk AI deadline from August 2026 to December 2027. This is the definitive guide to what changed, what did not, and what organisations must do now.
Australia's Guidance for AI Adoption (AI6): The Six Essential Practices Replacing the 10 Guardrails
2026
On 21 October 2025, Australia's National AI Centre published new Guidance for AI Adoption, replacing the 2024 Voluntary AI Safety Standard with a streamlined framework of six essential practices. This is the authoritative guide to what changed and what it means for Australian organisations.
Brazil LGPD and AI Governance 2026: ANPD Priorities, Enforcement, and What Organisations Must Know
2026
Brazil's LGPD applies fully to AI systems processing personal data. In 2026, the ANPD became an independent regulatory agency with strengthened enforcement powers and made AI a top supervisory priority for 2026-2027. Here is what organisations operating in Brazil need to understand.
Canada AI Governance 2026: AIDA Is Dead, Quebec Law 25 Leads, and What Organisations Must Do
2026
Canada's federal AI legislation (AIDA) died in January 2025 when Parliament was prorogued and will not return in its original form. Canada has no federal AI law. Quebec's Law 25 is the strongest privacy legislation in the country. Here is what organisations in and doing business with Canada actually need to know.
Japan's AI Promotion Act 2025: The World's Most Innovation-Friendly AI Law
2026
Japan passed its first dedicated AI law in May 2025 — the AI Promotion Act. It has no penalties, no prohibitions, and no mandatory conformity assessments. But METI guidelines carry real weight, and the new AI Strategic Headquarters chaired by the Prime Minister signals Japan's serious approach to AI governance.
South Korea's AI Framework Act 2026: The First Comprehensive AI Law in Asia-Pacific
2026
South Korea's AI Framework Act took effect January 22, 2026 — making it the first country in APAC to have a comprehensive AI law with real obligations for high-impact AI systems. Unlike Japan's approach, South Korea's law requires transparency, risk assessments, human oversight, and carries financial penalties.
UAE AI Governance: DIFC Regulation 10, Federal PDPL, and the World's Most Ambitious AI Strategy
2026
The UAE has no single AI law but three concurrent binding frameworks: the Federal PDPL (effective January 2026), DIFC Regulation 10 on autonomous AI systems (full enforcement January 2026), and ADGM data protection rules. Plus the world's first national AI system as an advisory Cabinet member.
China's AI Governance: PIPL, CAC Regulations, and the World's Most Comprehensive AI Rulebook
2026
China has the world's most complete suite of AI-specific regulations — the Algorithm Recommendation Provisions, the Deep Synthesis Provisions, and the Generative AI Service Management Provisions — all alongside PIPL's comprehensive data protection framework. Here is the complete picture.
AI Governance in Germany and the DACH Region: EU AI Act, BaFin, BSI, and German Law
2026
Germany sits at the heart of EU AI Act implementation. BaFin has specific expectations for AI in financial services. The BSI sets cybersecurity standards for AI systems. German market surveillance will set enforcement precedent across the EU.
AI Governance in Manufacturing and Supply Chains: Regulatory Obligations and Practical Governance
2026
Manufacturing and supply chain AI — predictive maintenance, quality control, demand forecasting, robotics — sits at the intersection of EU AI Act Annex I product safety law, OT cybersecurity obligations, and employment law. Here is the complete governance picture.
AI Governance in Energy and Utilities: Critical Infrastructure, OT Security, and Grid AI
2026
AI in energy and utilities — grid management, demand forecasting, asset health, renewable integration — is classified as high-risk under the EU AI Act (critical infrastructure). NIS 2 cybersecurity obligations apply. And AI is increasingly embedded in safety-critical operational technology.
AI Governance for Cybersecurity Organisations: Using AI Responsibly, Defending Against AI Threats
2026
Cybersecurity organisations face a dual governance challenge: governing their own use of AI in threat detection, incident response, and security products; and advising clients on AI-specific cybersecurity threats. Both dimensions create specific governance obligations.
AI Governance in Real Estate: Automated Valuations, Tenant Screening, and Fair Housing Law
2026
AI in real estate — automated valuation models (AVMs), tenant screening algorithms, mortgage underwriting AI, property recommendation engines — intersects with fair housing law, anti-discrimination law, and consumer protection in ways that create significant legal exposure. Here is the governance picture.
AI and Your Rights at Work: A Global Guide for Employees
2026
If your employer uses AI to monitor you, assess your performance, or make decisions about your employment, you have rights. This plain-English guide covers what employers can and cannot do with AI in the workplace across Australia, the UK, the EU, and the US.
AI Governance in Hong Kong: PCPD, SFC, HKMA, and the China AI Regulation Intersection
2026
Hong Kong operates a distinct AI governance framework under common law, with PCPD enforcing the Personal Data (Privacy) Ordinance, SFC and HKMA setting financial sector expectations, and increasing alignment with Mainland China's CAC regulations creating a unique dual-compliance environment.
ASEAN AI Governance: The Regional Framework and Country-by-Country Landscape
2026
ASEAN has a regional AI governance framework built on voluntary principles, but individual member states — Thailand, Vietnam, Indonesia, Malaysia, Philippines — are developing their own approaches at different speeds. Here is the complete picture for organisations operating across Southeast Asia.
What AI Means for Your Privacy: Your Rights When Organisations Use AI
2026
When a company uses AI to make decisions about you — whether to give you credit, show you content, screen your job application, or set your insurance premium — you have rights. This plain-English guide explains what they are and how to use them.
A Practical Guide to AI Tools: What You Need to Know Before Using ChatGPT, Copilot, or Any AI
2026
Before you type anything into an AI tool, you should understand where your data goes, what the AI can and cannot do, and how to use it responsibly. This practical guide covers the essentials every person needs to know.
AI Governance in Agriculture: Precision Farming, Autonomous Equipment, and Supply Chain AI
2026
AI in agriculture — precision crop management, autonomous farm machinery, livestock monitoring, supply chain optimisation, and climate adaptation AI — creates a distinctive set of governance challenges at the intersection of agricultural regulation, product safety law, and data sovereignty.
AI Governance Explained Simply: What It Is, Why It Matters, and What Happens Without It
2026
If you've heard 'AI governance' and wondered what it actually means in practice — not the jargon, just the real thing — this guide is for you. What it is, why organisations need it, and what happens when they do not have it.
Is My AI Tool Safe? 7 Things to Check Before You Use Any AI at Work
2026
Before you type anything into ChatGPT, Copilot, or any other AI tool at work, there are seven things worth checking. Most people skip all of them. Here's what they are and why they matter.
AI Is Screening Your Job Application. Here's What You Need to Know
2026
Most large employers now use AI to filter job applications before any human reads them. This plain-English guide explains how these systems work, what they look for, and what rights you have when AI decides your application goes no further.
AI Rejected Your Loan or Credit Application. What Are Your Rights?
2026
Banks and lenders increasingly use AI to make credit decisions. If an algorithm rejected your application, you have rights — including the right to a reason, the right to human review, and in some cases the right to challenge the decision.
AI Is Setting Your Insurance Premium. Here's What You Need to Know
2026
Insurers are using AI to set premiums, assess claims, and decide renewals. These systems can save money — or cost you significantly more than you should be paying. What the AI looks at, and what you can do about it.
AI Is Being Used in Your Workplace and You Have Concerns. How to Raise Them.
2026
What to do when you think your employer's use of AI is unfair, inappropriate, or illegal — how to raise concerns effectively, what your rights are, and when to escalate.
Board Directors and Personal AI Liability: What Your D&O Policy Does Not Cover
2026
Directors are personally exposed when AI governance fails. D&O insurance has explicit carve-outs for technology governance failures. The personal liability landscape for AI has changed materially in the last 18 months — and most boards do not know it.
The General Counsel's AI Governance Briefing: Legal Exposure, Regulatory Risk, and What to Tell the Board
2026
AI creates legal exposure across contract, tort, employment, data protection, consumer, and regulatory law simultaneously. General Counsel need a framework for assessing and communicating this exposure. Here it is.
The CRO's Guide to AI Risk: Building a Framework That Satisfies Regulators and the Board
2026
Chief Risk Officers in financial services face AI risk from three directions simultaneously: model risk, conduct risk, and operational risk. Traditional risk frameworks were not built for this. Here is how to adapt them.
The CISO's AI Governance Brief: Cybersecurity Obligations, AI Attack Surfaces, and NIS 2
2026
AI expands the attack surface, creates new cybersecurity obligations under NIS 2 and sector-specific regulation, and introduces adversarial AI risks most security programs have not addressed. The CISO's practical briefing.
AI Governance Due Diligence for PE and VC: What to Look For, What to Walk Away From
2026
Private equity and venture capital investors are acquiring AI-exposed assets without adequate governance due diligence. The liability inherited on closing can be material. Here is the framework that experienced AI governance advisors use.
The CFO's Guide to AI Regulatory Penalty Exposure: Quantifying What Non-Compliance Actually Costs
2026
AI regulatory penalties are not theoretical. The EU AI Act allows fines of €35M or 7% of global turnover. GDPR AI violations have already resulted in nine-figure penalties. CFOs need to quantify this exposure and build it into risk management. Here is how.
AI Governance Maturity Assessment: Where Does Your Organisation Actually Stand?
2026
Most organisations believe their AI governance is more mature than it is. This structured self-assessment, used by governance advisors in enterprise engagements, reveals the gaps between perceived and actual AI governance maturity.
AI Governance in Procurement: The Questions You Must Ask Every AI Vendor Before You Sign
2026
Procurement teams are signing AI vendor contracts without adequate governance due diligence. The liability for vendor AI governance failures flows to the buyer. Here are the questions that sophisticated procurement teams are asking in 2026.
What Financial Services Regulators Actually Want on AI Governance in 2026
2026
The gap between what financial services regulators say in guidance documents and what they actually look for in examinations and enforcement actions is significant. Based on regulatory engagement across APRA, FCA, MAS, and ACPR, here is what actually matters.
AI Governance Board Reporting: What to Include, How Often, and What Good Looks Like
2026
Board AI governance reporting is evolving from occasional technology briefings to structured risk reporting. What regulators and institutional investors expect to see in board AI governance reports — and a template for what good looks like.
AI Governance Enforcement: The Cases That Defined 2024-2026 and What They Mean for Your Organisation
2026
Regulatory enforcement of AI governance obligations is no longer theoretical. From the FTC's actions against algorithmic pricing to GDPR fines for AI data processing, here are the cases that have reshaped the AI governance landscape — and the lessons for organisations.
Robodebt: The AI Governance Lessons Every Executive Should Know
2026
The Robodebt Royal Commission exposed every AI governance failure mode simultaneously — automated decisions without human oversight, inadequate documentation, deliberate opacity, and absence of accountability. The lessons are universal.
Amazon's AI Hiring Tool: The Case Study That Defined AI Discrimination Risk
2026
Amazon built and then scrapped a machine learning hiring tool that systematically discriminated against women. The case remains the definitive study of how algorithmic bias develops, why it is hard to detect, and what governance would have caught it.
The AIRA Framework: A Structured Approach to AI Risk and Governance for Enterprise
2026
The AI Integrated Risk Architecture (AIRA) provides a four-phase methodology for enterprise AI governance — Assess, Implement, Review, Adapt — built from the intersection of ISO 31000, NIST AI RMF, and the EU AI Act. How it works and why it works.
AIRA vs ISO 42001 vs NIST AI RMF: Which AI Governance Framework Is Right for Your Organisation?
2026
Three serious AI governance frameworks, each with different strengths, different audiences, and different regulatory recognition. How they compare, where they overlap, and how to choose — or combine — them for your specific context.
The Investment Case for AI Governance: Why the Cost of Governance Is Always Less Than the Cost of Non-Compliance
2026
AI governance is a cost centre until it prevents a regulatory action that would have been a crisis. This is the financial analysis organisations should be doing — and the investment case that gets governance funded.
What APRA Actually Expects on AI Governance: A Practical Guide for Australian Financial Institutions
2026
APRA has not published a dedicated AI regulation, but its expectations are clear through CPG 234, CPS 230, and examination findings. Here is what APRA examiners look for — and what institutions consistently get wrong.
FCA Consumer Duty and AI: What UK Financial Services Firms Must Do Now
2026
The FCA's Consumer Duty creates specific AI governance obligations that many UK firms have not fully mapped. Automated decisions, AI-driven pricing, and algorithmic advice all fall squarely within Consumer Duty requirements. Here is the compliance map.
ASIC's AI Expectations for Australian Financial Services: Licence Obligations, RG 271, and the Enforcement Direction
2026
ASIC has signalled clearly that AI governance failures in financial services will be treated as licence obligation failures. RG 271 (Internal Dispute Resolution), financial services licence conditions, and ASIC's enforcement history map a clear set of AI obligations for Australian financial services firms.
AI in Healthcare: Board Obligations, Clinical Governance, and the Regulatory Framework Executives Need to Understand
2026
Healthcare boards approving AI deployment in clinical settings are taking on governance obligations they may not understand. From TGA regulation of AI medical devices to the intersection with privacy law and clinical governance standards, here is what healthcare executives need to know.
Third-Party AI Risk: Why Your Vendor's AI Problem Is Your Problem
2026
Most enterprise AI risk sits in third-party software, not internally developed systems. When your ERP vendor adds AI features, when your HR platform uses AI for talent screening, when your customer service software deploys AI responses — you become responsible for governance outcomes you did not design.
AI Governance Implementation: A Practical 90-Day Roadmap for Enterprise Organisations
2026
Most AI governance programmes fail because they start too large and lose momentum. This 90-day implementation roadmap — built from enterprise advisory experience — gets organisations to minimum viable governance within a quarter, with a clear path to maturity.
When AI Goes Wrong: The Whistleblower Cases That Exposed Governance Failures
2026
The most significant AI governance failures in recent years were not discovered by regulators or auditors — they were exposed by employees who saw problems that governance structures failed to catch. What these cases reveal about the governance gaps that enable AI harm.
AI Governance in Financial Services: The Complete 2026 Compliance Map
2026
Banks, insurers, asset managers and fintechs face AI governance obligations from prudential regulators, conduct regulators, and the EU AI Act simultaneously. This is the integrated compliance map senior executives need.
EU AI Act High-Risk AI: The Compliance Checklist Your Legal Team Actually Needs
2026
If your organisation deploys AI in employment, credit, education, essential services, or critical infrastructure, you are deploying high-risk AI under the EU AI Act. Compliance deadline: 2 December 2027. Here is exactly what you need to do.
AI Governance in Manufacturing: Safety, Liability, and the EU AI Act Intersection
2026
AI in manufacturing operations — predictive maintenance, quality control, autonomous systems, worker monitoring — creates overlapping safety, product liability, and AI governance obligations. The compliance landscape for manufacturing executives in 2026.
AI Governance in the Energy Sector: Critical Infrastructure, Safety Cases, and Regulatory Obligations
2026
Energy companies deploying AI in grid management, asset monitoring, trading, and customer operations face some of the most demanding AI governance obligations in any sector. Critical infrastructure designation brings the EU AI Act's most stringent requirements.
AI Governance for Real Estate and PropTech: Discrimination Risk, Valuation AI, and Regulatory Obligations
2026
Real estate AI — automated valuations, algorithmic tenant screening, AI property search, predictive pricing — creates discrimination risk, fair housing obligations, and emerging AI-specific regulatory exposure. The governance guide for property professionals.
AI Governance for Law Firms and Legal Departments: Professional Obligations, Client Risk, and Regulatory Exposure
2026
Legal professionals using AI face obligations that go beyond general enterprise AI governance: professional conduct rules, client confidentiality, supervision obligations, and the risk of AI-assisted professional negligence. The practical guide for GCs and managing partners.
Uber and Algorithmic Management: The AI Governance Case Study That Defined Gig Economy Risk
2026
Uber's use of AI to manage, evaluate, and terminate drivers has generated enforcement action across the EU, UK, and Australia. The case illustrates every dimension of AI governance failure in employment — and the liability exposure for any organisation using AI to manage people.
Clearview AI: The Enforcement Case That Set the Global Standard for Biometric AI Governance
2026
Clearview AI faced enforcement action in Australia, the UK, France, Italy, Greece, and Canada — a coordinated global response that established the compliance expectations for biometric AI and facial recognition. What every board needs to understand.
AI Governance for HR and People Teams: The Compliance Obligations You Cannot Ignore
2026
HR is the highest-risk department for AI governance failures. Hiring AI, performance management AI, and workforce analytics create employment discrimination risk, data protection obligations, and EU AI Act high-risk AI compliance requirements. The practical guide for CHROs and HR leaders.
What Data Science and AI Teams Need to Know About AI Governance (That Nobody Told Them)
2026
Data scientists and ML engineers build the AI systems that governance frameworks regulate. Most have had no formal training in the governance obligations their work creates. This is the briefing they need.
AI Governance for Australian Charities and Not-for-Profits: ACNC Obligations and Practical Compliance
2026
The ACNC does not yet have AI-specific guidance, but the governance standards it enforces — accountability, transparency, responsible management — apply directly to AI deployments by registered charities and NFPs. What boards and executives need to know.
AI in Australian Aged Care: Governance Obligations for Providers Under the Strengthened Standards
2026
The Strengthened Aged Care Quality Standards introduce explicit obligations around dignity, autonomy, and safe care that directly apply to AI deployment in residential and home care settings. What aged care providers and boards must do.
The ATO and AI: Tax Compliance Obligations for Australian Businesses Using Artificial Intelligence
2026
The Australian Taxation Office has issued guidance on AI in tax compliance and is actively using AI in its own compliance programs. What this means for businesses — both using AI themselves and being assessed by the ATO's AI systems.
AI in the Australian Workplace: Fair Work Commission, Enterprise Agreements, and the Right to Disconnect
2026
The Fair Work Commission is actively developing its approach to AI in workplaces. The right to disconnect, AI monitoring obligations, enterprise agreement requirements, and the FWC's emerging AI jurisprudence — the practical guide for Australian employers.
AI Governance in Australian Education: Universities, Schools, and the TEQSA/ACARA Regulatory Landscape
2026
Australian universities and schools face AI governance obligations from multiple directions: TEQSA standards for higher education, ACARA and state curriculum authorities for schools, privacy law for student data, and the general duty of care to students. The 2026 governance guide.
AI in Australian Government: APS Framework, Accountability, and the Algorithmic Transparency Agenda
2026
Commonwealth and state government agencies are deploying AI across service delivery, compliance, and decision-making. The APS AI use policy, accountability obligations under the Public Service Act, administrative law constraints, and the emerging algorithmic transparency agenda.
The Australian Human Rights Commission and AI: Discrimination, Rights, and the Human Rights Framework
2026
The AHRC has been one of Australia's most active voices on AI and human rights, producing the Human Rights and Technology Final Report and advocating for mandatory AI governance. How the human rights framework applies to AI deployment in Australia.
AI Governance for Australian Insurers: APRA, ASIC, and the Pricing Fairness Imperative
2026
Australian insurers using AI in underwriting, pricing, claims assessment, and fraud detection face obligations from APRA (prudential), ASIC (conduct), AFCA (complaints), and anti-discrimination law simultaneously. The complete 2026 governance guide.
AI Governance in Australian Mining and Resources: Safety Cases, Autonomous Systems, and Regulatory Obligations
2026
Australian mining operations are among the world's most advanced deployers of autonomous AI systems — autonomous haul trucks, drone surveying, predictive maintenance, and AI-driven safety monitoring. The governance obligations that come with that leadership.
AI Governance for Australian Telcos and Media: ACMA Obligations, Misinformation, and Network AI
2026
Australian telecommunications companies and media organisations face AI governance obligations from ACMA (broadcasting and communications), the ACCC (competition and consumer), and the Online Safety Act. The 2026 compliance guide.
AI Governance in US Financial Services: Fed SR 11-7, OCC, CFPB, and the Emerging Federal Framework
2026
US financial institutions navigate AI governance through model risk management guidance, federal agency enforcement actions, and a rapidly developing state and federal legislative landscape. The 2026 compliance map for US banks, insurers, and fintechs.
The US AI Executive Order and What It Means for Enterprise AI Governance in 2026
2026
President Biden's 2023 Executive Order on AI established federal requirements that have reshaped enterprise AI governance expectations in the US. The 2026 state of play — what agencies have implemented, what procurement requirements mean for federal contractors, and what comes next.
AI Governance for Mid-Market Companies: Practical, Proportionate, and Done in 60 Days
2026
You don't have a compliance team, a DPO, or a dedicated AI function. You do have AI tools across your business and growing regulatory exposure. This is the realistic governance programme for companies with $10M-$200M revenue who need to get this right without the enterprise overhead.
AI Governance for Scale-Ups and Series A Companies: What Investors Are Now Asking, and How to Answer
2026
Investors conducting due diligence on Series A and Series B companies are asking AI governance questions that founders are unprepared for. Here's what they're asking, why it matters for your valuation, and how to build the governance posture that answers confidently.
Australia's Privacy Act Reforms and AI: What the New Obligations Mean for Your Organisation
2026
The Privacy and Other Legislation Amendment Act 2024 introduced Australia's most significant privacy reforms in decades — including a statutory tort for serious privacy invasions. How these reforms intersect with AI, what's changed, and what's coming next.
APRA CPS 230 and AI: Operational Resilience Obligations for Australian Financial Institutions
2026
CPS 230 Operational Resilience, effective July 2025, creates specific obligations for AI systems that support critical operations in APRA-regulated entities. The first dedicated guide to CPS 230 and AI for Australian banks, insurers, and superannuation funds.
ASX-Listed Companies and AI Governance: Disclosure Obligations, Directors' Duties, and the Investor Expectation Gap
2026
ASX-listed companies face AI governance obligations from three directions simultaneously: Corporations Act directors' duties, ASX continuous disclosure requirements, and growing institutional investor expectations. The complete 2026 guide for listed company directors and company secretaries.
AI Governance in Australian Superannuation: APRA SPG 516, Member Best Interests, and Investment AI
2026
Superannuation funds using AI in investment decisions, member communications, retirement income projections, and claims processing face obligations under SIS Act member best interests duties, APRA prudential standards, and ASIC's conduct framework. The complete governance guide.
AI Governance in NDIS and Services Australia: Algorithmic Decision-Making and the Rights of Vulnerable Australians
2026
The NDIS and Services Australia administer benefits and services to millions of Australians in vulnerable circumstances. AI systems that affect these decisions face the highest governance obligations — and the Robodebt Royal Commission's findings apply directly.
AI Incident Response for Australian Organisations: A Practical Playbook
2026
When an AI system causes harm, fails catastrophically, or generates a regulatory investigation, your response in the first 72 hours determines the outcome. Australia-specific playbook covering Privacy Act notification obligations, APRA/ASIC reporting, and the internal escalation framework.
MAS FEAT Principles Deep Dive: The Definitive Guide to AI Governance for Singapore Financial Institutions
2026
The Monetary Authority of Singapore's FEAT Principles (Fairness, Ethics, Accountability, Transparency) are the foundational AI governance framework for Singapore's financial sector. This is the complete implementation guide — from principles to practice.
UK ICO AI Guidance 2026: Data Protection Obligations for AI Systems Under UK GDPR
2026
The UK Information Commissioner's Office has produced some of the most detailed AI-specific data protection guidance globally. This is the complete guide to ICO expectations for AI data governance — covering bias, fairness, automated decision-making, and the accountability framework.
AI Governance in Australian Construction: WHS Obligations, Project Delivery AI, and Procurement Requirements
2026
Australia's construction sector is adopting AI rapidly — BIM AI, safety monitoring systems, autonomous equipment, and AI-driven project management. The Work Health and Safety Act obligations, procurement requirements, and governance framework for construction companies.
What Is AI Governance? The Complete Guide for Business Leaders
2026
AI governance is the set of policies, structures, processes, and controls that enable organisations to develop and use AI responsibly and accountably. This is the definitive plain-English guide — what it means, why it matters, and what good looks like in practice.
Can My Employer Use AI to Monitor Me? Your Rights Explained
2026
AI monitoring at work is real and growing — keyloggers, screen capture, productivity scoring, location tracking. What your employer can legally do, what they cannot, and what you can do about it.
Can AI Fire Me? What You Need to Know About Automated Employment Decisions
2026
AI is increasingly used in performance management, disciplinary processes, and even termination decisions. Can an algorithm legally end your employment? What protections do you have? And what happens when AI gets it wrong?
Do I Have to Use AI at Work? Your Rights When Your Employer Introduces AI Tools
2026
Your employer has introduced AI tools and expects you to use them. Can you refuse? What if you have concerns about accuracy, privacy, or your professional obligations? A plain-English guide to your rights and options.
Is AI Reading My Work Emails? What Employers Can and Cannot Do
2026
Microsoft Copilot, Google Workspace AI, and other enterprise AI tools have access to your emails and messages by default. What your employer can see, what they are allowed to do with it, and what your rights are.
AI Performance Reviews: Are They Legal? What Every Employee Needs to Know
2026
Your performance review has been generated or heavily influenced by AI — productivity scores, sentiment analysis, objective metrics. What the law says about AI performance assessment, your rights to challenge it, and what makes a fair AI performance process.
Do I Need AI Governance for My Startup? The Honest Answer
2026
Most startup founders think AI governance is for big companies with compliance teams. It's not. If you use AI in your product or operations — and especially if you're planning to sell to enterprise or raise institutional capital — here's what you actually need.
Can I Train My AI Model on Public Data? The Legal Reality in 2026
2026
Scraping the web and training on public data sounds straightforward. It is not. Copyright law, GDPR, terms of service, and emerging AI-specific law create a complex landscape that has already generated billion-dollar litigation. What founders and ML engineers need to know.
What AI Regulations Apply to My SaaS Product? A Founder's Compliance Map
2026
You've built a SaaS product with AI features. Now you want to sell it in the EU, to enterprise clients, or to regulated industries. What regulations apply, when do they kick in, and what do you actually need to do about them?
Can I Use ChatGPT With Client Data? The Honest Business Owner's Guide
2026
Your team is using ChatGPT to draft client proposals, analyse contracts, and summarise meetings. The efficiency gains are real. So is the legal exposure. Here's what you are actually risking and what to do about it.
AI Vendor Contracts: The Clauses Every Business Must Have (And What Vendors Hope You Miss)
2026
When you buy AI software, the default contract almost always protects the vendor, not you. Here are the specific clauses you need to add before you sign — and the vendor practices that create liability you did not know you were taking on.
AI Governance for German Companies: BaFin, BSI, Betriebsrat, and the EU AI Act
2026
German companies navigate AI governance through the EU AI Act, sector regulation from BaFin and BSI, GDPR as enforced by state and federal DPAs, and the unique dimension of Betriebsrat co-determination rights on AI in the workplace. The 2026 complete guide.
AI Governance by Industry in Singapore: Fintech, Healthcare, Maritime, and the MAS-Driven Standard
2026
Singapore's AI governance framework is sector-led, with MAS setting the pace for financial services and other regulators following. This industry-by-industry guide covers fintech, healthcare, maritime, and other key Singapore sectors.
AI Governance by Industry in the UK: FCA, ICO, CQC, and Sector-Specific Requirements
2026
The UK's pro-innovation AI approach means sector regulators lead on AI governance. This industry-by-industry guide covers financial services (FCA), healthcare (CQC/MHRA), legal, education, and the cross-sector ICO framework.
AI Governance in Japan by Industry: Finance, Healthcare, Manufacturing, and the Soft Law Approach
2026
Japan's AI governance is characterised by voluntary principles, sector-led guidance, and a deliberately non-prescriptive regulatory approach. This industry guide covers what Japanese companies and international companies operating in Japan actually need to do.
AGI and the Board: What Directors Need to Understand About Artificial General Intelligence
2026
Artificial General Intelligence is not a distant science fiction scenario — it is a strategic risk that boards of major technology companies, regulators, and governments are actively planning for. What AGI means, what the governance implications are, and what boards should be doing now.
Quantum Computing and AI Governance: What Enterprise Leaders Need to Know Now
2026
Quantum computing creates two distinct governance challenges for enterprise: near-term cryptographic risk that is already a regulatory priority, and longer-term AI capability implications. The actionable briefing for executives and boards.
Frontier AI Risk: What Enterprise Governance Teams Need to Understand About the Next Wave of AI
2026
GPT-5, Claude 4, Gemini Ultra — the next generation of AI systems is already more capable than anything enterprise governance frameworks were designed for. What frontier AI means for your governance programme, your risk management, and your regulatory obligations.
AI Governance in 2030: What Enterprise Leaders Should Be Building Toward Now
2026
The AI governance landscape in 2030 will be shaped by capabilities that are only emerging today — more capable AI systems, quantum computing progress, agentic deployment at scale, and regulatory frameworks still being written. What enterprises should be building now to be ready.
What Is AGI? The Honest Enterprise Explainer for Non-Technical Leaders
2026
AGI — Artificial General Intelligence — is one of the most discussed and least understood concepts in technology. This is the non-technical explainer that enterprise leaders need: what it means, what the credible estimates are, what the disagreements are, and what it actually implies for your organisation.
Post-Quantum Cryptography: The Enterprise Migration Guide for 2026-2030
2026
NIST finalised post-quantum cryptography standards in August 2024. Regulators are issuing migration guidance. Adversaries are collecting encrypted data now to decrypt later. This is the practical enterprise migration guide — what to prioritise, how long it takes, and what the regulatory timeline looks like.
Agentic AI Governance: How to Govern AI That Takes Actions in the World
2026
AI agents — systems that browse the web, write and execute code, send emails, manage files, and take sequences of autonomous actions — are being deployed in enterprises now. Existing AI governance frameworks were not designed for them. Here is what needs to change.
AI Safety and Enterprise AI Governance: Where They Overlap and Why Both Matter
2026
AI safety research — alignment, interpretability, robustness — is often treated as a concern for AI labs, not enterprises. But AI safety concepts directly inform better enterprise AI governance. Here is where the two fields intersect and what enterprise practitioners can take from AI safety research.
ISO 42001 vs NIST AI RMF vs EU AI Act: Which Framework Is Right for Your Organisation?
2026
Three serious AI governance frameworks, three different purposes, three different audiences. This is the definitive comparison — what each covers, where they overlap, which combination makes sense for your specific situation, and the fastest path to meaningful compliance.
The Complete AI Governance Glossary: 80 Terms Every Professional Needs to Know
2026
From algorithmic bias to zero-trust AI architecture — the definitive AI governance glossary for compliance professionals, board directors, legal teams, and technology leaders. Plain English definitions with regulatory context.
AGI Readiness for Financial Services: What Banks, Insurers, and Asset Managers Should Be Doing Now
2026
Financial services will be among the sectors most profoundly affected by increasingly capable AI systems. This is the practical readiness guide — not speculation about timelines, but specific actions that financial services leaders should take now to position their organisations for the AI capability trajectory ahead.
AGI Readiness for Healthcare: Clinical AI Governance as AI Capabilities Advance
2026
Healthcare AI governance must be designed not just for today's diagnostic tools but for AI systems that will increasingly approach or exceed specialist physician performance in specific domains. The readiness framework for hospitals, health systems, and digital health companies.
AGI Readiness for the Legal Profession: Governance When AI Approaches Expert Legal Capability
2026
Large language models already generate legally plausible content. As AI approaches expert legal capability in research, drafting, and analysis, the governance implications for law firms, in-house teams, and legal regulators are profound. The readiness guide.
What Happens to My Job When AI Takes It? Rights, Retraining, and What to Do Now
2026
AI is genuinely displacing jobs in some roles while creating them in others. If you're worried about AI replacing your job, this is the honest guide — what's actually happening, what your rights are when your role is changed or eliminated, and what to do now.
Can I Refuse AI at Work for Professional or Ethical Reasons? A Practical Guide
2026
What if you believe the AI your employer is introducing is inaccurate, biased, or unethical? What if using it would conflict with your professional obligations? A plain-English guide to when refusal is justified — and how to do it effectively.
Your Complete Guide to AI Workplace Rights in Australia in 2026
2026
The Fair Work Act, Privacy Act, anti-discrimination law, and the emerging AI governance framework all create rights for Australian workers when AI is used in their workplace. This is the complete 2026 guide — monitoring, performance, dismissal, and what to do if your rights are breached.
AI Startup Legal Requirements in Australia: The Founder's Complete Compliance Guide
2026
Building an AI startup in Australia? Privacy Act, consumer law, anti-discrimination obligations, sector-specific requirements, and the regulatory landscape for AI in 2026. Everything Australian AI founders need to know before launch.
How to Audit Your Company's AI Tools: A Practical Step-by-Step Guide
2026
Most organisations have more AI running in their business than anyone realises. This is the practical guide to conducting an AI tools audit — finding everything, assessing what matters, and fixing what needs fixing. No compliance team required.
AI and Your Consumer Rights in Australia: Pricing, Recommendations, and What the ACCC Can Do
2026
Australian businesses use AI to set prices, recommend products, and make decisions about service access. As a consumer, you have rights. Here's what AI-driven pricing and recommendations are doing, what Australian Consumer Law says, and when to complain to the ACCC.
AI Governance Framework Template: The Complete Implementation Guide
2026
A practical, downloadable AI governance framework template for enterprise organisations. Covers policy structure, risk classification, accountability model, monitoring requirements, and incident response — built around ISO 42001, NIST AI RMF, and EU AI Act requirements.
How to Write an AI Policy: Template, Structure, and What to Include
2026
Every organisation using AI needs a written AI policy. This is the practical guide — what to include, how to structure it, common mistakes to avoid, and a section-by-section template you can adapt for your organisation.
AI Risk Register: How to Build and Maintain One (With Template)
2026
An AI risk register is the operational heart of AI governance — the living document that tracks what risks your AI systems create, how they are being managed, and who is accountable. How to build one that actually works.
AI Compliance Checklist 2026: What Your Organisation Actually Needs to Have in Place
2026
A practical, actionable AI compliance checklist for 2026 — covering EU AI Act obligations, GDPR/Privacy Act requirements, sector-specific obligations, and the baseline governance that every organisation using AI should have regardless of jurisdiction.
AI Governance Training for Employees: What to Cover and How to Make It Work
2026
Most AI governance training programmes fail because they teach compliance rules rather than building genuine capability. This is the guide to designing training that actually changes how employees make AI decisions.
AI Regulation by Country 2026: The Complete Global Map
2026
The complete 2026 guide to AI regulation globally — which countries have laws, which have guidelines, which are developing frameworks, and what organisations operating internationally need to know about the patchwork of obligations they face.
AI Governance in India: DPDP Act, SEBI, RBI, and the Emerging Regulatory Landscape
2026
India's Digital Personal Data Protection Act (DPDP) 2023 is now being implemented, with rules expected in 2026. India's financial regulators — RBI and SEBI — have issued AI guidance. This is the complete guide for organisations operating in India.
US AI Compliance for Enterprise: Federal Enforcement, State Laws, and the Sector Regulator Map
2026
No comprehensive US federal AI law — but real compliance obligations from the FTC, CFPB, EEOC, financial regulators, healthcare regulators, and a growing patchwork of state laws. The 2026 enterprise compliance map for US operations.
What Is the NIST AI Risk Management Framework? The Complete Enterprise Guide
2026
The NIST AI Risk Management Framework (AI RMF 1.0) is the most widely adopted AI governance framework in the world. This is the definitive guide to what it covers, how it works, and how to implement it in your organisation.
Responsible AI: What It Actually Means and How to Build a Framework That Works
2026
Every AI vendor claims their AI is 'responsible'. Every governance document references 'responsible AI'. But what does it actually require in practice? The operational guide — beyond the principles, to the specifics.
Board AI Governance Training: What Directors Need to Know and How to Get Up to Speed
2026
Board directors are accountable for AI governance under directors' duties legislation — but most have not received structured AI governance education. This is the guide to what boards need to understand and how to build that understanding.
AI Due Diligence: The Questions Investors, Buyers, and Regulators Are Asking in 2026
2026
Whether you are buying an AI company, selling to enterprise customers, or preparing for regulatory examination, the AI due diligence questions are now standardised enough to prepare for. Here are the 40 questions that matter and what good answers look like.
AI Ethics Policy: What It Is, Why It's Not Enough, and What You Need Alongside It
2026
An AI ethics policy is valuable — but organisations that believe their ethics policy is their AI governance are making a dangerous mistake. What AI ethics policies do well, what they cannot do, and what operational governance must accompany them.
AI Third-Party Risk Management: The Vendor Assessment Checklist
2026
Most organisations' AI risk comes from the AI tools they buy, not the AI they build. This is the practical vendor assessment checklist — what to ask AI vendors, what the answers mean, and what to put in contracts.
Your AI Rights at Work in the EU: GDPR, Automated Decisions, and What You Can Do
2026
EU workers have some of the strongest AI workplace protections in the world — but most don't know what they are or how to use them. The complete guide to your rights when AI is used in your employment.
AI and Your Credit Score: How Algorithmic Lending Works and What Your Rights Are
2026
AI systems now make or substantially influence most credit decisions. Understanding how they work, why they can go wrong, and what your legal rights are when you're denied credit by an algorithm.
AI Background Checks: What Employers Can See, What's Legal, and How to Challenge Errors
2026
AI-powered background screening tools have transformed hiring — and created a new category of job-seeker harm when these systems produce errors, flag innocent people, or discriminate. Your rights and practical remedies.
AI in Government Benefits: Your Rights When Algorithms Make Decisions About Your Support
2026
Government agencies around the world use AI to assess benefit eligibility, detect fraud, and allocate support. After Robodebt, the UK's Universal Credit algorithm, and similar failures, your rights when AI affects your benefits have never been more important.
EU AI Act Annex III: The Complete List of High-Risk AI and What It Means for Your Organisation
2026
Annex III defines the eight categories of high-risk AI under the EU AI Act. This is the definitive guide to what is in scope, which obligations apply, and how to determine if your AI is high-risk.
AI in UK Financial Services 2026: FCA, PRA, and the Bank of England's Expectations
2026
UK financial services AI governance is shaped by three regulators with overlapping but distinct mandates — the FCA (conduct), PRA (prudential), and Bank of England (financial stability). This is the complete 2026 guide.
AI Governance for EU Banks: EBA Guidelines, ECB Expectations, and DORA Intersection
2026
EU banks face AI governance requirements from the EBA (model risk management), the ECB (supervisory expectations), DORA (digital operational resilience including AI systems), and the EU AI Act. The complete 2026 compliance guide.
AI Governance in New Zealand: Privacy Act, Algorithmic Decision-Making, and the NZ Framework
2026
New Zealand is developing its AI governance approach — the Privacy Act 2020, the Algorithm Charter, and the Office of the Privacy Commissioner's guidance create the current framework. The 2026 guide for NZ organisations.
AI Regulation in Canada 2026: PIPEDA, Bill C-27, and Provincial Frameworks
2026
Canada's federal AI legislation lapsed when Bill C-27 died on the order paper in 2025. But PIPEDA, Quebec Law 25, and sector regulators create real AI governance obligations now — and a successor AI bill is expected. The complete 2026 guide.
AI Governance for Private Equity: Managing AI Risk Across Your Portfolio
2026
Private equity firms face a dual AI governance challenge — their own internal AI use and the AI governance maturity of portfolio companies. Both create liability, both affect value, and both require structured management.
AI Regulatory Investigation: How to Respond When a Regulator Comes Asking
2026
Regulatory investigations into AI use are increasing. The OAIC, FCA, CFPB, and national DPAs are all active. When a regulator contacts you about your AI, the first 48 hours matter most. This is the response guide.
What Is Model Drift? Why It Happens and Why It Matters for AI Governance
2026
Model drift is the degradation of an AI model's performance over time as the world changes. It is one of the most common causes of AI governance failure in production — and most organisations have no monitoring for it.
What Is AI Hallucination? The Governance Guide for Enterprise
2026
AI hallucination — when AI models generate confident-sounding but factually wrong content — is not a bug to be fixed. It is a characteristic of how large language models work. How to govern it in enterprise contexts.
AI Bias: Types, Causes, How to Test for It, and What the Law Requires
2026
AI bias is not one thing — there are multiple distinct types with different causes, different tests, and different legal implications. The complete governance guide for enterprise AI teams.
AI Tools for Lawyers: A Compliance Guide for Law Firms and In-House Legal Teams
2026
AI is transforming legal practice — document review, contract analysis, research, drafting. But lawyers using AI tools face professional conduct obligations, confidentiality duties, and accuracy standards that most AI tools do not automatically satisfy. The complete 2026 compliance guide.
AI Tools for Accountants: Professional Obligations, Data Risks, and What Firms Need to Know
2026
AI is transforming accounting — bookkeeping automation, audit analytics, tax research, financial modelling. Accountants using AI face professional obligations around accuracy, independence, and client confidentiality that require specific governance. The 2026 guide.
AI Governance in South Korea: The AI Basic Act, Personal Information, and Sector Regulation
2026
South Korea enacted its AI Basic Act in December 2024 — one of the first comprehensive national AI laws outside the EU. Combined with the PIPA (personal information law), sector regulators, and Korea's technology leadership, this is the complete 2026 governance guide.
AI Governance in the UAE: National AI Strategy, DIFC, and the Gulf's Leading AI Jurisdiction
2026
The UAE has positioned itself as the Arab world's AI hub — with a National AI Strategy, the world's first AI ministry, AI-specific regulation in DIFC, and a growing body of sector guidance. The complete 2026 guide for organisations operating in the UAE.
AI Governance in Saudi Arabia: SDAIA, Vision 2030, and the Kingdom's AI Regulatory Framework
2026
Saudi Arabia is investing massively in AI as part of Vision 2030 — with SDAIA (Saudi Data and AI Authority) leading a regulatory framework that is maturing rapidly. The 2026 guide for organisations operating in the Kingdom.
The Small Business Guide to AI Tools in 2026: What's Safe, What's Risky, and What to Avoid
2026
Small businesses are using AI tools for marketing, customer service, accounting, and HR. Most have no idea which tools create legal risk and which are safe to use. The plain-English guide for business owners without a compliance team.
AI in Accounting Firms: Governance for Audit, Tax, and Advisory Practices
2026
The Big Four and mid-tier accounting firms are deploying AI at scale across audit, tax, and advisory. The governance requirements — professional standards, independence, confidentiality, and accuracy — create specific obligations that general AI governance frameworks do not address.
AI Customer Service Governance: Chatbots, Automated Responses, and Consumer Law Compliance
2026
AI customer service — chatbots, automated email responses, AI-assisted agents — is now the front line of customer interaction for most businesses. The consumer law obligations, disclosure requirements, and quality standards that apply.
AI Governance in Retail and Consumer Products: Personalisation, Pricing, and the ACCC
2026
Retailers use AI for dynamic pricing, product recommendations, personalisation, inventory management, and fraud detection. Each creates specific governance obligations under consumer law, privacy law, and anti-discrimination law.
AI in Australian Agriculture: Precision Farming, Biosecurity AI, and Governance for Rural Operators
2026
AI is transforming Australian agriculture — precision farming tools, AI pest and disease detection, satellite imagery analysis, and autonomous equipment. The governance obligations for farming operations, agtech companies, and rural businesses.
AI in Engineering and Construction: Professional Liability, Design AI, and Safety Obligations
2026
Engineers and architects using AI for structural design, BIM analysis, and site safety face professional indemnity obligations, professional conduct standards, and WHS requirements that general AI governance frameworks don't address.
AI in Journalism and Media: Accuracy Obligations, Disclosure, and the Editorial Responsibility Framework
2026
AI is being used across journalism and media — for research, drafting, translation, fact-checking, and content generation. The accuracy obligations, disclosure requirements, and editorial standards that apply.
AI Governance in Energy and Utilities: Grid AI, Safety Systems, and Critical Infrastructure Obligations
2026
Energy and utilities operators are deploying AI at scale — grid optimisation, predictive maintenance, demand forecasting, safety monitoring. The critical infrastructure obligations, safety case requirements, and sector-specific governance framework.
AI in HR: Hiring, Performance Management, and the Employment Law Compliance Framework
2026
HR teams are using AI for candidate screening, performance scoring, engagement analytics, and workforce planning. Each creates specific compliance obligations under employment law, anti-discrimination law, and privacy law. The 2026 governance guide for HR leaders.
AI in Manufacturing and Supply Chain: Governance for Industrial AI, Predictive Maintenance, and Autonomous Systems
2026
Manufacturing and supply chain AI — predictive maintenance, quality control, autonomous robots, supply chain optimisation — creates specific governance obligations around worker safety, product liability, and supply chain ethics. The 2026 enterprise guide.
Intelligence artificielle et droits des consommateurs en France : ce que vous devez savoir
2026
L'IA est utilisée dans la fixation des prix, les recommandations de produits, les décisions de crédit et le service client. En France, la loi vous protège — voici ce que les consommateurs français peuvent exiger lorsque l'IA affecte leurs achats et leurs droits.
Sus derechos laborales frente a la IA en América Latina: México, Colombia, Argentina y Chile
2026
La IA se usa en la gestión de rendimiento, el monitoreo de empleados y los procesos de contratación en toda América Latina. Sus derechos legales frente a estas prácticas varían por país — pero todos tienen protecciones básicas que muchos trabajadores desconocen.
AI and Cyber Risk: The CISO's Governance Framework for AI Security
2026
AI creates new cybersecurity attack surfaces, enables more sophisticated attacks, and introduces AI-specific vulnerabilities like model poisoning and adversarial inputs. The integrated AI security and governance framework for CISOs.
AI and Work Health & Safety in Australia: The Digital Work Systems Laws Every Employer Must Know
2026
NSW became the first Australian jurisdiction to explicitly legislate WHS duties for AI and algorithmic systems in February 2026. Safe Work Australia is reviewing national model laws. Here is what Australian employers need to know now.
Building Your AI Controls Register: A Practical Guide for Australian Organisations
2026
A controls register is the operational heart of your AI governance framework — it translates AI6 and Privacy Act obligations into specific, testable controls. This guide shows you how to build one that actually works.
AI Workforce Capability Uplift: What Australian Organisations Are Getting Wrong
2026
A two-hour AI workshop is not capability uplift. The National AI Plan, APS AI Plan and enterprise practice all point to the same conclusion: genuine AI capability requires structured, role-specific, sustained investment.
Using AI to Work Smarter: A Guide for Australian Employees Within Your Organisation's Policies
2026
AI can genuinely reduce hours spent on low-value work. But using it well means knowing what your organisation allows, what data you can enter, and how to ensure your output is actually yours. Practical guidance for Australian workers.
AI, Work-Life Balance and the Right to Disconnect: What Australian Workers Need to Know
2026
AI tools can reduce time on repetitive work. But they can also create new pressures: faster turnaround expectations, always-on availability, and invisible productivity metrics. The Right to Disconnect and WHS obligations matter more, not less, in an AI-enabled workplace.
AI for Cyber Security Teams in Australia: Governance, Risk and What ACSC Expects
2026
Security teams are both AI users and AI governors — defending against AI-enabled threats while deploying AI tools themselves. The ACSC's guidance, Essential Eight alignment, and practical governance obligations explained.
AI for Finance Teams in Australia: Governance, Privacy and Regulatory Obligations
2026
Finance teams using AI for forecasting, reporting, accounts payable and expense management face specific obligations under the Privacy Act, ASIC conduct requirements and ATO guidance. Practical guidance for CFOs and finance professionals.
AI for HR and People Teams in Australia: Fair Work, Privacy and What You Must Get Right
2026
HR teams face the most complex AI governance obligations in Australian organisations. Using AI in recruitment, performance management and workforce planning simultaneously triggers anti-discrimination law, Fair Work Act requirements and Privacy Act obligations.
AI for Procurement Teams in Australia: Buying AI Responsibly and Governing What You Buy
2026
Procurement teams face a dual challenge: using AI to improve procurement processes, and governing AI tool purchases across the organisation. Both carry specific legal and regulatory obligations.
AI for Risk and GRC Teams in Australia: Building AI Governance Into Your Framework
2026
GRC teams are simultaneously AI's most important internal governors and increasingly its users. What AI6 requires of risk functions, how to integrate AI into enterprise risk management, and the December 2026 Privacy Act compliance deadline GRC teams must own.
AI and Psychosocial Hazards in Australian Workplaces: What Employers Must Do
2026
All Australian jurisdictions now have psychosocial hazard regulations. AI-driven monitoring, algorithmic performance management and AI-enabled work intensification create psychosocial risks employers are legally required to identify, assess and control.
AI Governance for Australian SMEs: What You Actually Need to Do
2026
If you have fewer than 200 staff and you're using AI tools, your governance obligations are real but manageable. Privacy Act, ACCC consumer law, AI6 basics, and a practical action list — without the enterprise overhead.
AI Governance for Australian Startups: What Founders Need to Know Before It Becomes a Problem
2026
The moment you process a user's personal data through AI, governance obligations attach. Australian startups building AI products face Privacy Act, consumer law, and increasingly investor due diligence requirements. Build it right early.
AI and the Future of Work in Australia: What 2026 Actually Looks Like
2026
AI is not replacing all jobs or none of them. The honest picture of what's changing in Australian workplaces in 2026 — which roles are transforming, what skills matter, what employers must tell employees, and how Australian law protects workers in the transition.
AI Governance Strategy for Australian Mid-Market Organisations: Between SME and Enterprise
2026
With 50–500 staff and real regulatory exposure, mid-market Australian organisations face enterprise-grade AI risks with business-grade resources. How to build governance that is proportionate, defensible, and scalable.
Building an Enterprise AI Governance Programme in Australia: From Policy to Operating Model
2026
An AI policy document is not an AI governance programme. What mature enterprise AI governance looks like in Australia in 2026 — the operating model, the roles, the controls, and how to build it without starting from scratch.
Your Complete AI Rights Guide as an Australian Employee in 2026
2026
Employers are using AI to hire, manage performance, monitor productivity, and make employment decisions. Australian law gives you more rights in this area than most workers realise. A complete, practical guide.
AI Governance for Australian Not-for-Profits and Charities: What the ACNC and Privacy Act Require
2026
NFPs and charities using AI for fundraising, service delivery, and administration face the same Privacy Act obligations as commercial organisations — plus ACNC accountability requirements and donor trust considerations that make governance especially important.
Getting Started With AI: A Practical Guide for Everyday Australians
2026
AI tools are becoming part of everyday work and life. This guide cuts through the hype and the fear — what these tools actually are, what they are good for, what to be careful about, and how to start using them confidently and safely.
AI in the NHS: Your Rights as a Patient When Algorithms Inform Your Care
2026
The NHS is deploying AI in radiology, diagnostics, triage, and clinical decision support at scale. Patients have rights under UK GDPR, the NHS Constitution, and the MHRA regulatory framework when AI influences their care.
AI in UK Benefits and Welfare: Your Rights When Algorithms Affect Your Claim
2026
The DWP and HMRC use algorithmic tools in fraud detection, Universal Credit assessments, and tax calculations. If AI has affected a benefit decision about you, here is what rights you have and how to challenge it.
AI in Hiring and Employment Decisions: What UK Employers Must Do to Stay Compliant
2026
Using AI in hiring, performance management, or redundancy selection creates specific UK GDPR, Equality Act, and employment law obligations. Here is the compliance framework for UK employers.
AI in UK Healthcare: What NHS Trusts and Private Healthcare Providers Must Do
2026
AI in clinical settings is regulated by MHRA as a medical device, subject to DSPT requirements, UK GDPR, and NHS governance frameworks. Here is the compliance landscape for UK healthcare AI.
AI in US Healthcare: Your Rights as a Patient When Algorithms Influence Your Care
2026
US hospitals and insurers use AI for prior authorisation, diagnosis, risk stratification, and treatment planning. Patients have rights under HIPAA, the ACA, and emerging state laws when AI influences clinical and coverage decisions.
AI Denied My Credit or Insurance in the US. What Are My Rights?
2026
AI drives most US credit and insurance decisions. When it denies you or charges you more, federal and state laws give you specific rights to know why, challenge the decision, and seek remedies for algorithmic discrimination.
AI Governance for US Healthcare Organisations: FDA, HIPAA, CMS, and State Requirements
2026
Healthcare AI in the US is regulated by FDA as a medical device, subject to HIPAA for data handling, and faces increasing CMS oversight for AI in Medicare and Medicaid decision-making. Here is the governance framework.
AI in Hiring and Employment: A Compliance Guide for US Employers
2026
US employers using AI in hiring, monitoring, or employment decisions face EEOC enforcement, NYC Local Law 144, state AI hiring laws, and growing plaintiff's bar attention. Here is the compliance framework.
AI and Your Rights in Singapore: PDPA, Consumer Protection, and What You Can Do
2026
Singapore has a sophisticated AI governance framework led by PDPA obligations and IMDA's AI Verify programme. Here is what individual rights exist when AI affects you — in hiring, financial decisions, or consumer contexts.
AI at Work in Singapore: Your Rights as an Employee Under MOM Guidance and the PDPA
2026
Singapore employers are increasingly using AI in hiring, performance management, and monitoring. Here is what rights employees have under the PDPA, TAFEP advisories, and Fair Consideration Framework when AI affects employment.
AI Governance for Singapore SMEs: PDPA, AI Verify, and Government Support Programmes
2026
Singapore SMEs using AI face PDPA compliance requirements and can benefit from IMDA's AI Verify framework and government AI support programmes. Here is the practical starting point for responsible AI use in Singapore.
PDPA and AI: The Practical Guide for Singapore Businesses Using AI Tools
2026
Singapore's Personal Data Protection Act applies to all AI tools that process personal data of Singapore residents. Here is what PDPA compliance looks like in practice — from chatbots to hiring tools to customer analytics.
India's DPDP Act and AI: What Organisations Need to Know About the Digital Personal Data Protection Act 2023
2026
India's Digital Personal Data Protection Act 2023 fundamentally changes the data governance landscape for organisations processing data of Indian residents — including through AI systems. Here is the compliance framework to build.
AI in India's Financial Services: RBI, SEBI, and IRDAI Frameworks for AI Governance
2026
India's financial regulators — RBI, SEBI, and IRDAI — have published guidance on AI governance that financial services firms must incorporate. Here is the regulatory landscape for AI in Indian financial services.
AI and Your Rights in India: DPDP Act, Consumer Protection, and What You Can Do When AI Affects You
2026
India's Digital Personal Data Protection Act 2023 creates data rights for Indian residents — including rights over personal data used in AI systems. Here is what those rights are and how to use them.
What the EU AI Act Means for You: Your Rights as an Individual When AI Affects Your Life
2026
The EU AI Act is often discussed from a business perspective. But it creates important protections for individuals — rights to explanation, human review, and protection from the most harmful AI uses. Here is what it does for you.
AI at Work in the EU: What the AI Act and GDPR Mean for Workers' Rights
2026
EU workers have strong AI-related rights across two complementary frameworks: GDPR's automated decision-making protections and the EU AI Act's high-risk AI requirements for employment AI. Here is the complete picture.
AI at Work in the UK: Your Rights Under UK GDPR, the Equality Act, and Employment Law
2026
UK employees have specific rights when employers use AI — automated decision-making rights under UK GDPR, Equality Act protection against algorithmic discrimination, and consultation obligations.
AI Governance for UK Small Businesses: What the ICO, ACAS, and UK GDPR Actually Require
2026
UK small businesses using AI tools face UK GDPR obligations and ICO enforcement. Here is what actually applies and what to prioritise without the complexity of the EU AI Act.
AI at Work in the US: Your Rights When Employers Use AI in Hiring, Monitoring, and Performance
2026
US workers have a patchwork of AI-related rights — EEOC guidance on algorithmic hiring, Illinois and NYC AI laws, NLRA protection for collective action, and growing state worker surveillance laws.
AI Governance for US Small Businesses: FTC, State Privacy Laws, and What You Need to Do
2026
US small businesses face FTC enforcement on deceptive AI practices, growing state consumer privacy laws, and sector-specific obligations in healthcare, finance, and education.
EU AI Act for Small Businesses and SMEs: What Actually Applies to You
2026
Most EU AI Act analysis targets large enterprises. This guide covers what small businesses and SMEs actually need to do — which obligations apply, which exemptions exist, and what the real compliance burden looks like.
GDPR and AI: The Practical Guide for European SMEs Using AI Tools
2026
GDPR applies to every AI tool that processes personal data — and most business AI does. This guide covers the practical obligations for European SMEs: lawful basis, automated decision rights, DPIAs, and the biggest compliance mistakes.
AI Deepfakes and Your Rights: What to Do If Your Image or Voice Is Used Without Consent
2026
AI-generated deepfakes are increasingly used to harass, defraud, and defame individuals. Here is what legal protections exist globally and what you can do if you are a victim.
AI Enforcement in 2026: The Cases Every Organisation Should Know
2026
Global AI enforcement shifted from guidance to penalties in 2023-26. Regulators in Australia, the EU, UK, and US moved against biometric AI, AI hiring tools, and AI consumer practices. Here are the enforcement actions that set today's compliance expectations.
What Boards Need to Know About AI Governance in 2026: Director Duties, Liability, and Oversight
2026
AI governance is now a board-level responsibility. Directors who cannot demonstrate meaningful oversight face personal liability exposure, regulatory scrutiny, and institutional investor pressure.
AI Vendor Due Diligence: What to Ask Before Procuring Any AI System
2026
Most enterprise AI is now procured, not built. Third-party AI creates governance obligations you must own — you cannot outsource AI accountability to your vendor. Here is the due diligence framework.
AI Incident Response: What to Do When Your AI System Fails or Causes Harm
2026
AI systems fail differently from conventional software — systematic bias, model drift, hallucination. When they do, the response has legal, regulatory, and reputational dimensions that standard incident response playbooks do not address.
What Is the Australian Privacy Act? How It Applies to AI Systems
2026
Australia's Privacy Act 1988 and the 13 Australian Privacy Principles (APPs) govern how personal information is handled — including by AI systems. Here is what organisations need to know.
What Is APRA CPS 230? How Operational Resilience Requirements Apply to AI Systems
2026
APRA's CPS 230 Operational Risk Management standard (effective July 2025) applies to all APRA-regulated entities and has significant implications for AI governance — particularly for material business processes, third-party AI, and AI incident response.
What Is Data Governance? How It Differs from AI Governance and Why You Need Both
2026
Data governance and AI governance are distinct but interconnected. Good data governance is a prerequisite for good AI governance — you cannot govern AI well without governing the data it uses.
AI Ethics Policy: What It Should Contain, Why Generic Statements Fail, and How to Make It Operational
2026
An AI ethics policy articulates principles for AI use. A credible one has specific commitments, red lines, and enforcement mechanisms — not generic statements of values that amount to ethics-washing.
AI Governance for Indian Businesses: DPDP Act, IT Act, and What SMEs Need to Do Now
2026
Indian businesses using AI face obligations under the DPDP Act 2023 and IT Act — without the complexity of a comprehensive AI-specific law. Here is the practical starting point for Indian SMEs.
Enterprise AI Compliance in India: DPDP Act, RBI, SEBI, IRDAI, and the Governance Framework
2026
Large organisations in India using AI face overlapping obligations from the DPDP Act, sector regulators, and the IT Act. Here is the enterprise governance framework for AI compliance in India.
AI in UK Insurance: FCA Consumer Duty, PRA Expectations, and What Insurers Must Do Now
2026
UK insurers using AI in underwriting, pricing, and claims face obligations from FCA Consumer Duty, PRA model risk expectations, the ICO's UK GDPR guidance, and the FCA's pricing practices rules. Here is the complete governance framework.
AI in EU Insurance: EIOPA Guidelines, Solvency II Implications, and the EU AI Act for Insurers
2026
EIOPA's Consultative Expert Group on Digital Ethics published a report on AI Governance Principles in June 2021, and EIOPA itself published a formal Opinion on AI Governance and Risk Management in August 2025. Combined with Solvency II model risk obligations and the EU AI Act, EU insurers face a layered AI governance framework. Here is the complete picture.
AI in US Insurance: NAIC Model Bulletin, State Regulators, and the Governance Framework for Insurers
2026
US insurance is state-regulated, but the NAIC's 2023 Model Bulletin on AI establishes a national baseline. Here is the governance framework US insurers need — covering NAIC expectations, state insurance commissioner requirements, and CFPB oversight of credit insurance.
AI in Singapore Insurance: MAS Expectations, PDPA Obligations, and the FEAT Framework for Insurers
2026
Singapore insurers using AI in underwriting, claims, and distribution face MAS expectations through the FEAT principles and Veritas framework, PDPA obligations on personal data, and MAS Notice 133 consumer protection requirements.
AI in Insurance: Your Rights When Algorithms Set Your Premium or Deny Your Claim
2026
Insurers worldwide use AI to set premiums, assess claims, and detect fraud. These AI systems can make mistakes, perpetuate bias, and produce decisions you have not been given adequate reasons for. Here is what rights individuals have globally.
AI Controls Framework: The Practical Guide for Enterprise Risk and Compliance Teams
2026
An AI controls framework defines the specific controls — preventive, detective, and corrective — that govern AI risk across an organisation. Here is how to design, implement, and evidence an AI controls framework that satisfies internal audit, external regulators, and boards.
AI Internal Audit: What Audit Committees Should Demand and How to Test AI Controls
2026
AI is now a material risk for most organisations, but few internal audit functions have developed the methodology to audit it effectively. Here is the framework for auditing AI — what to test, how to test it, and what good AI audit evidence looks like.
AI Model Risk Controls: Validation, Monitoring, and What Regulators Actually Expect
2026
Model risk management frameworks — originally designed for quantitative financial models — are being extended to cover AI. Here is the AI model risk control framework that financial services regulators and internal audit functions expect to see.
AI Controls for Financial Services: The Framework Your Regulator Expects to See
2026
Financial services regulators globally — APRA, FCA, Federal Reserve, MAS, ECB — have all published guidance that implies or explicitly requires AI controls. Here is the complete controls framework for financial services firms, mapped to regulatory expectations.
AI Controls for SMEs: A Practical Checklist That Does Not Require a Risk Team
2026
Enterprise AI controls frameworks are designed for large organisations with dedicated risk and compliance teams. SMEs using AI need a proportionate, practical approach. Here is a working AI controls checklist for organisations without specialist risk infrastructure.
Third-Party AI Controls: The Vendor Management Framework for AI Risk
2026
Most enterprise AI risk is third-party AI risk — AI embedded in software you buy, not AI you build. Vendor AI governance requires specific controls beyond standard vendor management. Here is the framework.