This product has already been purchased.
Purpose-built AI is reshaping the way Australian boards lead, decide and protect the organisations they oversee.
Presented by Diligent
Australian boards have never carried a heavier load. Cyber threats are escalating in frequency and sophistication. Regulatory reform – from the Privacy Act 1988 overhaul to ASIC’s updated disclosure expectations to the Cyber Security Act 2024 – is arriving faster than most governance frameworks can absorb. Stakeholder expectations, whether from institutional investors, regulators or the broader community, have reached a level of scrutiny that demands something conventional board processes were simply not built to provide.
Yet in many boardrooms, directors are still making consequential decisions on the basis of voluminous, fragmented reports assembled manually in the days before a meeting. The problem is not a lack of information, it is a lack of signal, says Andrew Amos, Diligent’s vice president, APAC.
“Boards are looking at hundreds of pages of documentation they’re supposed to read, absorb and understand. In some cases, they’re not really sure where to start,” says Amos. “With the right prompt, AI can help them see what actually matters within those reports by identifying buried risks, highlighting decisions that haven’t been followed through and bringing together, into a single view, fragmented pieces of information.”
This is the governance gap that AI, applied thoughtfully and purposefully, is beginning to close.
What boards are missing
Without clarity, contradictions within a voluminous board pack could go unnoticed. Legal risks buried in annexures might be missed. Questions that should be put to management may never be formed, because the insight that would have prompted them was lost in the pages.
This is not a failure of directors. It is a structural problem that has been endemic to large-organisation governance for decades. This is something AI is uniquely positioned to address.
A Diligent Institute survey found 66 per cent of directors globally are already using AI for their board work. Yet in the same study, 46 per cent said they were open to using consumer-grade tools like ChatGPT or Gemini for that purpose. This raises questions about data security and governance integrity.
The opportunity AI presents is not to replace the judgement of experienced directors; it is to make that judgement better informed. To surface what matters. To connect the dots that manual processes leave disconnected.
The risk of using generic tools
There is a meaningful and important distinction between general-purpose AI tools and purpose-built governance platforms. It is a distinction that every director should understand.
Consumer AI tools are designed to be all things to all users. They are excellent at summarising general content and answering broad questions. But they were not built with an understanding of materiality thresholds, disclosure obligations or the specific regulatory frameworks that apply to Australian listed companies, superannuation funds or ASX-governed entities.
More critically, when sensitive board data is entered into a consumer AI tool, that information does not simply disappear. It enters an environment with no audit trail, no role-based permissions, no version control and no explicit alignment with the governance workflows that directors and company secretaries rely upon.
“Generic AI is great for drafting an email,” says Amos. “It’s not optimal for governing a company. Consumer models aren’t built with the understanding of materiality, of disclosure or of the regulatory nuances that are out there. They’re built to be a one-size-fits-all solution.”
Purpose-built governance AI, by contrast, is trained on how board meetings are meant to function. It understands what internal audit looks like. It knows how to interpret risk management frameworks, compliance requirements and regulatory obligations. Critically, it operates within the existing permission and security architecture of an organisation’s board portal, meaning the access controls already applied to board materials extend seamlessly to AI-driven insights.
“A lot of the reasons data breaches occur is because data is being moved around. Having AI already embedded in the tool you’re using is an undervalued benefit,” notes Amos.
The oversight imperative
None of this changes the fundamental responsibility of directors. AI does not govern. It does not decide. It does not replace the judgement, accountability or legal obligations that sit with every person around the board table. What it does is support that judgement at a speed and scale no human process can match.
“It’s an assistant or an aid,” says Amos. “It’s not a replacement for an actual human director.”
This distinction matters enormously, especially as the regulatory environment evolves. Australian corporate regulators are watching the AI space closely and there is a credible scenario – perhaps sooner than many expect – in which boards that had access to AI-powered governance tools and chose not to deploy them will face questions about whether their oversight was adequate.
“The question shouldn’t be, what does it cost us? It should be, what is the cost of not going down this path?” says Amos. “The cost of not doing anything outweighs the cost of doing something, when you put into perspective the evolving risk landscape of geopolitical uncertainty and constant regulatory change.”
Better governance in practice
For boards that have moved beyond hesitation, the benefits are concrete and measurable. Time, first and foremost.
Board packs that once required days of reading can be initially interrogated in minutes. Key risks can be surfaced and contradictions flagged. Questions for management are generated from the content itself rather than from what individual directors notice. The preparation burden on company secretaries and governance teams can be substantially reduced.
But the more profound shift is strategic. When directors are not spending the majority of their time consuming information, they can spend it on the work only they can do: deliberation, challenge, oversight and long-term strategic direction.
“According to Diligent Institute research, cyberthreats and AI governance now rank among the top two issues on board agendas globally, ahead of traditional growth and geopolitical concerns,” says Amos.2 This reflects how fundamentally the risk and opportunity landscape has shifted.”
Used by 75 per cent of the ASX 200, Diligent brings AI directly into the boardroom to turn board packs, risk reports and compliance data into clear, decision-ready insight — automating board book compilation, agenda and minutes drafting, risk surfacing, audit and assurance workflows, and entity oversight, all on an enterprise-grade, ISO 27001–certified platform with strict data sovereignty controls.
In development is an AI Board Member capability, not as a replacement for human directors, but as a system that allows boards to interrogate their board papers through the lens of different specialist perspectives or personas.
A director facing a complex cyber decision can ask how a cybersecurity expert would approach the issue. A board preparing for a capital markets transaction can consider the perspective of a sophisticated activist investor. The perspectives and personas can be drawn from the organisation’s own documents and governance history.
“These are the types of insights boards would never have had available to them before,” says Amos. “As a result, they can get in front of these things before they become issues or risks, as opposed to being reactive after they occur.”
Adoption and why it matters now
Diligent research shows 57 per cent of board leaders in Asia Pacific have incorporated AI into their work processes. While the Australian market reflects a broader regional pattern, adoption is not evenly distributed and it doesn’t track neatly to organisation size or sector. Major financial institutions, which one might expect to be most cautious given the sensitivity of their data, are in many cases the most advanced, notes Amos.
“Their boards are actively demanding AI capability and their executive teams are exploring how to leverage it strategically,” he says. “At the other end of the spectrum, small NFPs are in some cases embracing AI more willingly than large multinationals, which still rely on spreadsheets and email chains.”
The AICD’s own early research into AI use by directors and boards confirms the picture. Practice is evolving but uneven, with collective board adoption lagging behind individual director use, a dynamic that creates governance risk in itself.
“Top-down initiative is the way forward,” says Amos. “How are you using and embedding AI in your day-to-day life, whether you’re the chair of the board or the marketing intern? The very progressive boards are embracing it with open arms. They may not know much about it yet, but they’re asking the right questions.”
That shift from individual experimentation to board-level mandate with appropriate guardrails is precisely where governance leadership is being exercised now. Boards having this conversation today will be considerably better positioned than those beginning it in six or 12 months.
The technology is not standing still. The regulatory environment is not standing still. The risk landscape is certainly not standing still. The question worth putting to your next board meeting is not whether AI belongs in the boardroom. It is whether your current governance infrastructure is still robust enough to support the decisions your organisation needs to make.
Five questions every director should be asking about AI
Before your board adopts any AI-powered governance tool, these are the questions that should be on the table:
1. What problem are we actually solving? Is it to save time? For better risk detection? Sharper strategic insight? Clear purpose drives meaningful adoption.
2. What data is the AI accessing and is it secure? Understand whether data is stored within your governance environment or exported to third-party systems with different security standards.
3. Is the AI learning from our data or has it been pre-trained? Governance-specific AI tools, like Diligent, are pre-trained on how board processes work, applying protocols and frameworks
4. How is AI-generated content labelled? Any output generated by AI should be clearly identified as such, preserving accountability and director responsibility for decisions.
5. How does this connect to our strategic objectives? AI adopted as a convenience tool delivers partial value. AI embedded in an organisation’s strategic direction delivers transformational change.
Learn more.
Latest news
Already a member?
Login to view this content