Nowhere are the phrases "a double-edged sword" and "it cuts both ways" more apt than to describe the potential that artificial intelligence (AI) has in our world today. As AI rapidly becomes a game changer, this is no longer merely a technological issue. Boards today must oversee both the opportunities and risks of AI, yet governance maturity in many organizations is struggling to keep pace with the speed of adoption.
What are the gaps?
Can AI be used in ways that backfire on us? Consider the now infamous case of a judge in India who was found to have adjudicated on a property dispute using fake judgements generated by artificial intelligence.[1] The said judge cited not just one previous ‘judgement’, but a whopping four, all of which were products of the AI engine’s hallucination.
This illustrates how AI outputs can be unreliable and must be used with caution and proper oversight. Organizations today are using AI to transform how they work, make decisions, and create value. Yet alongside these opportunities, AI can also be used in ways that backfire—producing inaccurate information, flawed decisions, and ethical risks.
For boards, the challenge is how to harness the potential of AI, while putting in guardrails so as not to inadvertently imperil the trust generated over time. As decision-makers, this responsibility is heightened, as they set the direction for both the use of AI and the standards that govern it.
KPMG’s AI Governance Principles for Boards
KPMG International and INSEAD Corporate Governance Centre (“INSEAD”) have launched the AI Governance Principles for Boards — a principles-led framework intended to help boards navigate one of the most significant governance challenges of our time.
The framework recognizes the board’s role in providing strategic oversight: setting expectations, challenging assumptions, overseeing risks, and ensuring that AI adoption aligns with the organization’s long-term strategy, values, and risk appetite.
Figure 1: AI Governance Principles for Boards
Briefly, the five principles espoused by KPMG and INSEAD are for boards to:
1. Ensure that AI initiatives are what the company wants in the long term.
2. Exercise sufficient oversight over AI initiatives, choices and investments.
3. Oversee transitions from a human workforce perspective.
4. Ensure that AI engines reflect the right ethical boundaries.
5. Continuously revisit its policies, structures, and processes so that the board can keep up with developments in the AI space.
Taken together, these principles reinforce an important reality:
Boards today are increasingly required to “govern at two speeds” — balancing immediate oversight of AI-related risks while simultaneously making longer-term decisions around business transformation, workforce evolution, operating models, and competitive positioning.
Trust will become increasingly central to successful AI adoption. Organizations that invest early in governance, accountability, transparency, and trustworthy AI practices are likely to be better positioned to scale AI confidently while maintaining stakeholder confidence. As highlighted in the KPMG-INSEAD paper, trust is not a constraint on AI adoption, but rather the foundation that enables AI to be deployed responsibly and sustainably.
To achieve that, Boards need to evolve, strengthening their understanding of emerging technologies and adapting governance structures and oversight processes to align with the organization’s strategy in an evolving AI landscape.
Are Malaysia’s boards quick enough to match the pace of AI?
A cursory glance at the latest round of annual reports issued by Malaysian public-listed companies provides some glimpses as to how ready are Malaysian PLC boards to tackle the AI conundrum. In a sample of 2025 corporate governance reports from five of the largest PLCs on Bursa Malaysia – and hot off the press, four of these reports, regrettably, featured no mention on how the board is actively addressing the issue of AI as part of its oversight responsibility. The fifth one only mentioned the need to recruit directors with knowledge or experience in AI matters.
The Malaysian government, to its credit, has taken important race in this AI race through the establishment of the National AI Office (NAIO), which came into being in December 2024 to lead efforts in governing AI development in the country. Notably, the NAIO also highlights on its website, the National Guidelines on AI Governance and Ethics, which is published under the auspices of the Ministry of Science, Technology and Innovation. This document outlines a set of 7 principles for governing AI use, covering widely understood concepts such as accountability, transparency and fairness.
In addition, boards may also benefit from referring to the ASEAN Guide on AI Governance and Ethics, which was published in 2024 and is available on the ASEAN Secretariat website. This document also outlines a number of principles for boards to consider in harnessing the potential of AI.
Ultimately, there is no shortage of principles that boards may use to customize towards their own AI policy document and to guide their oversight of AI use. The more pressing question is whether boards are prepared to discharge their responsibilities in overseeing the company’s interaction with AI, before regulatory expectations, stakeholder scrutiny, or business disruption force the conversation.
