When technology outruns governance: reclaiming human oversight

By Nqobani Mzizi

The irony was difficult to miss. A draft policy intended to guide South Africa’s artificial intelligence (AI) future had to be withdrawn after fictitious references were found in it. In that moment, a document meant to guide responsible thinking about AI became a lesson in why AI itself must be governed with care. 

The Department of Communications and Digital Technologies withdrew the Draft National AI Policy after an internal process, with Minister Solly Malatsi acknowledging that the department had not met the standard expected of an institution entrusted with leading South Africa’s digital policy environment. The issue went to credibility, trust and the discipline of human verification in this AI era.

The incident should be treated as a valuable governance warning, rather than an embarrassment to be quickly forgotten. AI can generate, summarise, analyse data and accelerate work that would otherwise take many hours. Yet it can also fabricate, distort, mislead and create a false sense of confidence. The danger is not only that AI may be wrong. It is that it may be wrong with fluency. 

This is the governance risk of our age. Technology is moving faster than many boards, executives and public institutions are prepared to govern. Artificial intelligence is already shaping decisions in recruitment, procurement, fraud detection, risk monitoring, legal review, compliance reporting and strategic analysis. In many organisations, it is now embedded in how work is done, information is processed and decisions are influenced.

Yet technology does not carry fiduciary responsibility. When an AI-generated report misleads a board, an automated decision harms a customer, a digital system exposes personal information, or a model produces biased outcomes, accountability will not rest with the machine. It will rest with the humans who approved, deployed, relied on or failed to interrogate it. Technology may assist judgement. It cannot exercise judgement. 

This is where boards must reclaim human oversight. The more powerful technology becomes, the more deliberate governance must become. Reliance on AI without questioning its sources, assumptions and consequences can create grave problems. It can compromise strategy, weaken controls, damage trust and expose organisations to reputational, regulatory and ethical harm. In this environment, human judgement must accelerate, not retreat.

King V arrives at an important moment in this conversation. It requires accountability for decisions, actions and outcomes arising from AI deployment, with attention to ethics, human centricity and explainability. 

This is a significant governance shift. Technology governance can no longer be treated as a narrow IT matter. It is a boardroom responsibility because technology now affects strategy, risk, ethics, stakeholder trust and long-term value. A board that does not understand how technology is shaping the organisation may find itself governing through systems it cannot properly interrogate. 

AI governance therefore belongs across the governance architecture. The board must set direction, determine risk appetite and insist on accountability for the ethical and responsible use of technology. It must understand where AI is used, what decisions it influences and how the organisation assures itself that those decisions remain fair, lawful and aligned to purpose.

The audit and risk committee has a critical role. AI affects internal controls, cyber risk, data quality, assurance, model risk, vendor dependence and the reliability of information presented to the board. A committee receiving AI-generated dashboards or automated risk reports must ask how the information was produced, what data underpins it and whether assurance has tested its reliability. Digital tools may make reporting faster, but speed without assurance can become a governance hazard. 

The social and ethics committee also has a vital role. AI raises questions of fairness, bias, privacy, dignity, employee surveillance, customer treatment and responsible innovation. An AI system used in recruitment may appear efficient while quietly reproducing bias, while customer analytics or automated decision-making tools may intrude on privacy or produce unfair outcomes for vulnerable groups. These issues are ethical governance matters and must be framed accordingly.

Executive leadership must then give practical effect to the board’s expectations. It must resist the temptation to adopt AI for appearance, speed or competitive signalling without the discipline of proper controls. Digital transformation should not be measured by what has been implemented. It should be measured by what has been improved through its adoption. 

This is where minimum digital fitness for every director becomes unavoidable. Directors need not become data scientists, software engineers or AI specialists. They need enough understanding to ask intelligent questions. They must be able to distinguish between operational technology detail and strategic technology consequence. They must know when to demand assurance, request independent expertise and slow down a decision that appears technologically impressive but governance-light.

A digitally unfit board is vulnerable to deference. It may accept jargon where clarity is required, confusing automation with control, dashboards with insight and technology investments with genuine institutional capability. In the age of AI, ignorance can become negligence, and that is a serious governance risk. 

The problem is compounded by the polish of AI-generated outputs. AI can produce reports that sound authoritative, minutes that appear coherent, strategies that look sophisticated and summaries that feel complete. The language may be confident even when the content is weak, thereby creating a form of false assurance. The board pack may be neatly prepared, with persuasive slides and credible-looking references. Yet the work may be unverified and the assumptions unfounded.

This is why human oversight must be real rather than ceremonial. It is not enough to say that a person reviewed an AI-generated output if that person did not have the skill, authority or discipline to challenge it. A human in the loop who merely rubber-stamps the machine creates the illusion of oversight. 

Human oversight requires informed judgement. It requires verification of sources, testing of assumptions and willingness to question what appears efficient. It requires boards and executives to ask where AI was used, what role it played, who checked the output and what accountability remains with the organisation. In this sense, AI governance makes responsible innovation possible.

Digital transformation without governance becomes organisational drift. Organisations may acquire systems, automate processes, sign vendor contracts and celebrate innovation without asking whether technology advances purpose, controls and stakeholder outcomes. Transformation can become expensive motion without institutional direction. Boards must guard against this. Boards could therefore consider a digital governance committee to deepen oversight of technology, data and AI-related risks. 

The withdrawn AI policy offers a lesson that extends beyond government. If a national policy process can be compromised by insufficient verification, any organisation can suffer the same fate. A board report can contain fabricated sources. A legal summary can omit material risk. A procurement motivation can rely on untested analysis. A strategic recommendation can be shaped by data that no one has examined. The risk is already present and must be confronted appropriately.

The answer is not to fear AI. The answer is to govern it. Boards must embrace technology with curiosity and discipline, avoiding blind confidence. Innovation needs to be encouraged while insisting on accountability. Even more critical is that they must ensure that committees are equipped to interrogate digital risks, executives are clear on responsibilities and directors are sufficiently digitally fit to govern what they approve. 

Technology will continue to move faster than board packs, committee cycles and policy reviews. That reality cannot be wished away. Yet speed does not cancel accountability. AI may help organisations see further, work faster and decide with greater analytical support, but it cannot carry conscience, fiduciary duty or institutional responsibility. Those remain human burdens.

When technology outruns governance, boards must not chase it blindly. They must reclaim the one thing no system can provide: judgement.

* Nqobani Mzizi is a Professional Accountant (SA), Cert.Dir (IoDSA) and an Academic.

** The views expressed do not necessarily reflect the views of IOL or Independent Media.

BUSINESS REPORT