Insights
Practical AI governance guides, regulatory analysis, and research — for enterprise leaders, businesses, and individuals navigating the AI landscape.
Boards, APRA, ASIC, controls & programmes
Start herePrivacy Act, ACCC consumer law, AI6 basics
Start hereFounder guide, investor due diligence, EU AI Act
Start hereYour rights, Right to Disconnect, AI at work
Start here
AI Governance for Australian Law Firms: Professional Obligations, Privilege, and Practical Steps
Australian law firms are adopting AI for research, document review, contract analysis, and drafting. The professional obligations of solicitors and barristers — confidentiality, competence, candour to tribunals — apply fully to AI-assisted legal work. Here is what Australian legal practitioners need to know.
Read article
Your First 30 Days of AI Governance: A Practical Plan for Australian Organisations
2026
Whether you are starting from scratch or trying to catch up with what the regulators expect, this 30-day plan gives you a structured path to defensible AI governance. Structured around the Australian Government's AI6 framework — six essential practices for responsible AI governance.
Your Privacy Rights When Your Employer Uses AI: An Australian Employee Guide
2026
Your employer using AI to monitor, assess, or make decisions about you has privacy implications that many Australians do not know about. Here is what the Privacy Act, state laws, and Fair Work Act give you the right to know and do.
Singapore PDPA and AI: What the Personal Data Protection Act Means for AI Systems
2026
Singapore's Personal Data Protection Act applies fully to AI systems that collect, use and disclose personal data. The PDPC has issued AI-specific advisory guidelines that organisations must understand alongside the Model AI Governance Framework.
MAS and AI in Singapore Financial Services: FEAT Principles, Veritas, and Regulatory Expectations
2026
The Monetary Authority of Singapore has the most developed AI governance framework for financial services in Asia. MAS's FEAT principles, the Veritas methodology, and evolving model risk expectations set the standard for banks, insurers, and asset managers across the region.
India's Digital Personal Data Protection Act 2023: What It Means for AI Systems
2026
India's DPDP Act came into force in 2023, establishing a comprehensive data protection framework that applies directly to AI systems processing personal data. With 1.4 billion people and a massive AI industry, understanding India's data protection framework is essential for any organisation operating in or building AI for the Indian market.
UK AI Governance: The Pro-Innovation Approach, ICO Guidance, FCA Expectations, and What It Means Post-Brexit
2026
The UK has chosen a principles-based, sector-led approach to AI regulation rather than a comprehensive AI law. But that doesn't mean AI governance in the UK is simple — ICO, FCA, CMA, Ofcom, and MHRA all have relevant powers, and UK companies with EU customers still face the EU AI Act.
US AI Governance for Enterprise: Navigating Federal Agencies, State Laws, and the Absence of Federal Legislation
2026
The United States has no comprehensive federal AI law — but that doesn't mean US enterprises are ungoverned. FTC, CFPB, EEOC, and sector regulators all have active AI enforcement programs. State laws are proliferating. And the EU AI Act applies to US companies with EU customers.
EU AI Act Omnibus 2026: The Complete Guide to What Changed on 7 May 2026
2026
The EU AI Act Omnibus reached provisional agreement on 7 May 2026, extending the high-risk AI deadline from August 2026 to December 2027. This is the definitive guide to what changed, what did not, and what organisations must do now.
Australia's Guidance for AI Adoption (AI6): The Six Essential Practices Replacing the 10 Guardrails
2026
On 21 October 2025, Australia's National AI Centre published new Guidance for AI Adoption, replacing the 2024 Voluntary AI Safety Standard with a streamlined framework of six essential practices. This is the authoritative guide to what changed and what it means for Australian organisations.
Brazil LGPD and AI Governance 2026: ANPD Priorities, Enforcement, and What Organisations Must Know
2026
Brazil's LGPD applies fully to AI systems processing personal data. In 2026, the ANPD became an independent regulatory agency with strengthened enforcement powers and made AI a top supervisory priority for 2026-2027. Here is what organisations operating in Brazil need to understand.
Canada AI Governance 2026: AIDA Is Dead, Quebec Law 25 Leads, and What Organisations Must Do
2026
Canada's federal AI legislation (AIDA) died in January 2025 when Parliament was prorogued and will not return in its original form. Canada has no federal AI law. Quebec's Law 25 is the strongest privacy legislation in the country. Here is what organisations in and doing business with Canada actually need to know.
Japan's AI Promotion Act 2025: The World's Most Innovation-Friendly AI Law
2026
Japan passed its first dedicated AI law in May 2025 — the AI Promotion Act. It has no penalties, no prohibitions, and no mandatory conformity assessments. But METI guidelines carry real weight, and the new AI Strategic Headquarters chaired by the Prime Minister signals Japan's serious approach to AI governance.
South Korea's AI Framework Act 2026: The First Comprehensive AI Law in Asia-Pacific
2026
South Korea's AI Framework Act took effect January 22, 2026 — making it the first country in APAC to have a comprehensive AI law with real obligations for high-impact AI systems. Unlike Japan's approach, South Korea's law requires transparency, risk assessments, human oversight, and carries financial penalties.
UAE AI Governance: DIFC Regulation 10, Federal PDPL, and the World's Most Ambitious AI Strategy
2026
The UAE has no single AI law but three concurrent binding frameworks: the Federal PDPL (effective January 2026), DIFC Regulation 10 on autonomous AI systems (full enforcement January 2026), and ADGM data protection rules. Plus the world's first national AI system as an advisory Cabinet member.
China's AI Governance: PIPL, CAC Regulations, and the World's Most Comprehensive AI Rulebook
2026
China has the world's most complete suite of AI-specific regulations — the Algorithm Recommendation Provisions, the Deep Synthesis Provisions, and the Generative AI Service Management Provisions — all alongside PIPL's comprehensive data protection framework. Here is the complete picture.
AI Governance in Germany and the DACH Region: EU AI Act, BaFin, BSI, and German Law
2026
Germany sits at the heart of EU AI Act implementation. BaFin has specific expectations for AI in financial services. The BSI sets cybersecurity standards for AI systems. German market surveillance will set enforcement precedent across the EU.
AI Governance in Manufacturing and Supply Chains: Regulatory Obligations and Practical Governance
2026
Manufacturing and supply chain AI — predictive maintenance, quality control, demand forecasting, robotics — sits at the intersection of EU AI Act Annex I product safety law, OT cybersecurity obligations, and employment law. Here is the complete governance picture.
AI Governance in Energy and Utilities: Critical Infrastructure, OT Security, and Grid AI
2026
AI in energy and utilities — grid management, demand forecasting, asset health, renewable integration — is classified as high-risk under the EU AI Act (critical infrastructure). NIS 2 cybersecurity obligations apply. And AI is increasingly embedded in safety-critical operational technology.
AI Governance for Cybersecurity Organisations: Using AI Responsibly, Defending Against AI Threats
2026
Cybersecurity organisations face a dual governance challenge: governing their own use of AI in threat detection, incident response, and security products; and advising clients on AI-specific cybersecurity threats. Both dimensions create specific governance obligations.
AI Governance in Real Estate: Automated Valuations, Tenant Screening, and Fair Housing Law
2026
AI in real estate — automated valuation models (AVMs), tenant screening algorithms, mortgage underwriting AI, property recommendation engines — intersects with fair housing law, anti-discrimination law, and consumer protection in ways that create significant legal exposure. Here is the governance picture.
AI and Your Rights at Work: A Global Guide for Employees
2026
If your employer uses AI to monitor you, assess your performance, or make decisions about your employment, you have rights. This plain-English guide covers what employers can and cannot do with AI in the workplace across Australia, the UK, the EU, and the US.
AI Governance in Hong Kong: PCPD, SFC, HKMA, and the China AI Regulation Intersection
2026
Hong Kong operates a distinct AI governance framework under common law, with PCPD enforcing the Personal Data (Privacy) Ordinance, SFC and HKMA setting financial sector expectations, and increasing alignment with Mainland China's CAC regulations creating a unique dual-compliance environment.
ASEAN AI Governance: The Regional Framework and Country-by-Country Landscape
2026
ASEAN has a regional AI governance framework built on voluntary principles, but individual member states — Thailand, Vietnam, Indonesia, Malaysia, Philippines — are developing their own approaches at different speeds. Here is the complete picture for organisations operating across Southeast Asia.