Board Members Embrace Generative AI Amid Lack of Oversight and Policies
In a notable trend, a significant number of board directors are integrating generative artificial intelligence (GenAI) into their corporate tasks, highlighting a growing reliance on next-generation technologies. Recent findings reveal that 82% of board members are utilizing GenAI for board-related functions, a marked increase from 66% just nine months prior. However, the adoption of this innovative technology is occurring in a largely unregulated environment, as 69% of respondents indicate they lack formal policies outlining how GenAI should be employed in their work.
According to the latest Director Confidence Index, a quarterly survey conducted by Diligent Institute and Corporate Board Member, only 6% of surveyed board directors reported having a specific policy governing their use of AI in the boardroom. This absence of clear guidelines poses significant challenges, particularly for Chief Information Officers (CIOs) and IT teams, as the proliferation of "shadow AI" is becoming increasingly apparent not just among employees but also within the highest levels of corporate governance.
Dottie Schindlinger, executive director at the Diligent Institute, emphasized the gravity of this situation, stating, "Shadow AI exists in the boardroom too, and we can’t pretend it doesn’t." She expressed concern over the unpredictable use of GenAI, pointing out that boards frequently utilize AI systems that are outside corporate control. "We don’t know what they’re doing with GenAI because we don’t have a policy in place, and we don’t train them. We don’t provide them the right tools. That’s the problem," said Schindlinger.
Encouragingly, the survey revealed that nearly half (49%) of board members are aware of their colleagues using consumer-facing AI tools for corporate tasks. In addition, 30% of directors admitted to employing AI technologies to summarize board books and meeting materials—documents that often contain highly sensitive and proprietary information. This trend raises significant concerns, particularly as any board-generated information could be subpoenaed in the event of legal proceedings. "Any information the board creates is subpoena-able in the event of a lawsuit," Schindlinger noted, highlighting risks that come with indiscriminate use of public-facing AI tools.
The growing disconnect between IT departments and board members has been attributed to cautiousness about data privacy and security. While CIOs and IT teams are usually vigilant regarding these issues, their hesitance to introduce AI tools to boards has left directors to explore whatever options are available, often without consideration for privacy safeguards. "They’re not providing AI to their board because they’re concerned about privacy risks," Schindlinger explained, "and by not providing their board with understood, known tools, the board is using whatever it wants."
To address this issue, Schindlinger proposes a collaborative approach where CIOs partner with legal teams and board members to establish comprehensive policies that allow for the secure and responsible use of AI. A critical first step, according to Schindlinger, involves engaging in open dialogues with board members to ascertain their current usage of AI technologies. "Just have a no-blame, no-judgment conversation with the board," she advised, recommending the option of anonymous surveys if informal discussions may inhibit transparency.
Once CIOs gain an understanding of the board’s AI usage, they can source specialized tools intended for governance that meet the board’s unique needs while adhering to stringent data security measures. "Pick tools that are used for governance, built for use in the boardroom, that handle data appropriately, that are completely segregated from public models," Schindlinger reiterated.
Following tool selection, the establishment of a clear policy framework is essential. These policies should be concise yet specific to the board’s context. Additionally, training programs must be implemented to equip board members with the knowledge needed to navigate these tools effectively and safely. "Train everybody on what’s in the policy, why it’s in the policy, what’s not in the policy, why it’s not in the policy," she advised.
Schindlinger also noted that apprehension among board members regarding AI technology could stem from a lack of understanding or a fear of being perceived as uninformed. Simple and accessible training sessions focusing on AI literacy—covering basic concepts like how GenAI operates—can alleviate concerns and facilitate a smoother integration of AI tools within the board’s workflow.
In conclusion, Schindlinger pointed out that CIOs should frame these discussions around the board’s overarching responsibilities, noting that institutional investors and proxy advisors are all leveraging AI tools. "You do not want to be behind investors and proxy advisors," Schindlinger cautioned, "You don’t want to be behind the market." The need for effective governance and responsible use of technology is more pressing than ever as the corporate world evolves in step with rapid advancements in artificial intelligence.