Ame StuartEngage
← All commentary

The board question has changed: from “should we?” to “are we in control?”

Ame Stuart

Originally shared on LinkedIn, 1 June 2026.

For the last two years, boards have circled the same question about generative AI: should we be doing this? That question has quietly closed. Customers, regulators and competitors have answered it for us. The question that now matters — the one that separates serious institutions from the rest — is sharper and far less comfortable: are we in control of what we have already deployed?

From experimentation to accountability

I spent last week with the IBM NED Talks community, sitting alongside chairs and non-executive directors from across financial services, insurance and critical infrastructure. The mood has shifted. Twelve months ago the conversation was about use cases and pilots. Now it is about accountability, traceability and the line of sight from a model output to a human decision-maker.

Three patterns came up again and again:

  1. Shadow adoption is the real exposure. The risk is rarely the flagship AI programme the board sponsored. It is the dozen small tools quietly embedded into workflows by well-meaning teams — with no inventory, no owner and no off-switch.
  2. Governance is being asked to do work it was never designed for. Model risk frameworks built for credit scorecards do not stretch cleanly to systems that generate language, summarise customer calls or draft regulatory responses. Boards are discovering the gap in real time.
  3. The accountability question is personal. “Who signs?” is no longer rhetorical. When an AI-assisted decision harms a customer, regulators want a name, a role and a paper trail — not a committee.

Control as a growth lever

It is tempting to read all of this as a brake. It is the opposite. The institutions that can credibly answer “are we in control?” will be the ones trusted to deploy AI into the parts of the business where the upside actually lives — underwriting, advice, fraud, complex servicing. Control is what unlocks scale, not what prevents it.

For boards, the practical move is not another policy. It is three quieter disciplines:

  • A single, current inventory of every AI system in use — built, bought or embedded — with a named accountable executive against each.
  • A decision-rights map that makes explicit where a human must remain in the loop, and where automation is genuinely safe to run unattended.
  • A regular, evidenced board conversation — not an annual paper — on incidents, near-misses and the model behaviours that surprised the first line.

The next twelve months

The boards that will look prescient in 2027 are not the ones moving fastest on AI. They are the ones who can show, on any given Tuesday, who is accountable for which system, what it is doing, and how they would know if it stopped behaving. That is not a compliance posture. It is a competitive one.

If this resonates, I’d welcome the conversation — particularly with chairs and audit/risk committee members navigating the same shift.

← Back to all commentaryOpen a conversation