Insights
Practical AI governance guides, regulatory analysis, and research — for enterprise leaders, businesses, and individuals navigating the AI landscape.
Boards, APRA, ASIC, controls & programmes
Start herePrivacy Act, ACCC consumer law, AI6 basics
Start hereFounder guide, investor due diligence, EU AI Act
Start hereYour rights, Right to Disconnect, AI at work
Start here
Agentic AI and the Accountability Vacuum: Who's Responsible When AI Agents Fail?
Autonomous AI agents are taking real-world actions, booking travel, executing trades, sending emails, making purchases. Our governance frameworks are dangerously unprepared for this.
Read article
AI Governance for Small Business: Where to Start
2026
You don't need an enterprise compliance team to govern AI responsibly. Five practical steps, a named owner, and a one-page policy, exactly what small businesses need to start governing AI responsibly.
AI Investment Due Diligence: What Investment Firms Should Be Asking When Evaluating AI Companies
2026
A practical six-dimension framework for VC and PE firms evaluating AI companies, from technology verification to regulatory exposure to governance maturity and exit readiness.
Australia's AI Governance Gap: What the Regulatory Retreat Means for Enterprise Risk
2026
Australia abandoned mandatory AI guardrails months after announcing them. For enterprise organisations, the result is genuine uncertainty that creates its own class of risk.
What Questions Should Your Board Be Asking About AI?
2026
AI is now a material risk for most organisations. Directors who cannot articulate the right questions cannot discharge their oversight obligations. This is the board-level governance framework: 12 questions, the answers that signal genuine governance, and the answers that signal gaps.
EU AI Act Compliance 2026: What the Omnibus Extension Means for Organisations Outside the EU
2026
The EU AI Act Omnibus (May 2026) extended the Annex III high-risk AI deadline to December 2027. But transparency obligations, GPAI model rules, and prohibited AI bans are already in force. The compliance map for organisations outside the EU.
The EU AI Act Just Got Simpler. But You're Not Off the Hook
2026
The EU agreed to simplify AI Act compliance via the Digital Omnibus. SMEs get lighter requirements. But the August 2026 transparency deadline and core high-risk obligations are unchanged.
Five Signs Your Organisation's AI Governance Is Inadequate
2026
A self-diagnostic for boards, executives, and risk teams. If any of these five signs apply to your organisation, your AI governance needs attention before something goes wrong.
How to Use AI Safely at Work: A Practical Guide
2026
What employees and business owners actually need to know about using ChatGPT, Claude, Copilot and other AI tools at work, what to share, what never to share, and how to verify AI outputs.
How to Write an AI Policy for Your Organisation
2026
A practical guide to writing an AI usage policy that employees will actually follow, what to cover, what makes policies fail, and a complete section-by-section structure you can adapt immediately.
The US State AI Law Patchwork Is Now Your Problem
2026
Connecticut just passed the most comprehensive US state AI law ever. Colorado's Act is being gutted. Texas and California are enforcing. 2026 is the year US AI regulation stopped being theoretical.
What Is AI Governance? A Plain-English Guide
2026
AI governance explained clearly, what it is, why every organisation needs it, and what good governance actually looks like in practice. For businesses of all sizes.
What Is High-Risk AI Under the EU AI Act? A Complete Guide
2026
A plain-English explanation of what high-risk AI means under the EU AI Act: which systems qualify, what obligations apply, and what organisations need to do before August 2026.
AI Governance in Healthcare: What Clinical Leaders Need to Know
2026
Hospitals and health systems are deploying AI faster than governance is keeping up. This guide covers what clinical AI governance requires, and what happens when it fails.
AI Governance for Financial Services: Regulators Are Watching
2026
Banks, insurers, and investment firms face growing regulatory scrutiny for AI use in credit, fraud, and customer decisions. Here is what a compliant framework looks like.
ISO 42001: A Practical Implementation Guide for 2026
2026
ISO 42001 is the international standard for AI management systems. This guide covers what it requires, how it relates to EU AI Act compliance, and how to implement it without building a bureaucracy.
AI in Hiring: The Governance Risks HR Leaders Cannot Ignore
2026
Resume screening, video interview analysis, and psychometric AI tools are transforming recruitment, and creating significant legal exposure. What HR leaders need to know.
Writing an AI Policy for Your Small Business: A Step-by-Step Template
2026
Most AI policy guides are written for enterprises with legal teams. This one is for small business owners who need something practical, defensible, and done in an afternoon.
AI Governance for Law Firms and Legal Teams: Privilege, Confidentiality and Compliance
2026
Law firms and in-house legal teams are adopting AI rapidly, but the professional obligations that govern legal practice create governance requirements that go beyond standard enterprise AI policy.
AI Governance in Education: What Universities and Schools Must Get Right
2026
Educational institutions are navigating AI on two fronts simultaneously, managing student AI use and governing their own institutional AI deployments. Both require formal governance.
Model Risk Management in the Age of AI: Updating SR 11-7 Thinking for Modern ML
2026
The Federal Reserve's SR 11-7 model risk management guidance was written for statistical models. Modern machine learning breaks many of its core assumptions. Here is how to adapt it.
AI Governance in the Public Sector: Accountability, Transparency and Democratic Oversight
2026
Government use of AI raises accountability questions that private sector governance frameworks do not fully address. Public sector AI governance must answer to citizens, not just shareholders.
AI in Your Supply Chain: Managing Third-Party AI Risk
2026
Most organisations' AI risk does not come from the AI they build, it comes from the AI embedded in the software, services and platforms they buy. Third-party AI risk management is now a board-level concern.
When AI Goes Wrong: Building an AI Incident Response Capability
2026
Every organisation using AI will eventually experience an AI incident, a system failure, a biased output, a regulatory breach, or a reputational event. Most have no plan for when it happens.