The boardroom blind spot: Why Nigerian organisations must govern AI before AI governs them
admin
In Nigerian corporate discourse, the word “transformation” has become an overused abstraction that has lost its urgency and precision.
Boards deliberate digital transformation.
Executives champion AI transformation.
Annual reports propose technology-driven transformation. Yet, in most of these same organisations, the board has never once had a formal discussion regarding the actual impact of artificial intelligence on the decisions being made on its behalf.
This disconnect is not just ironic but also dangerous. The adoption of AI in Nigerian organisations is one of the fastest in the world, where usage rates are among the highest globally.
A 2025 global survey by Google and Ipsos found that 48% of the global public had used generative AI in the past year, with adoption significantly higher across emerging economies, including Nigeria. Crucially, this adoption is not occurring in a vacuum, but also in boardrooms, finance, HR, and customer-facing operations, without the full knowledge of the board or any governance framework to guide it.
And yet, while adoption races ahead, governance has barely progressed. The question, then, is not whether Nigerian organisations are implementing AI, but whether the boards in charge are aware of what AI is up to under their watch and are prepared to face the consequences of its failure.
The regulatory window is closing faster than boards realise
For years, the lack of a specific AI law in Nigeria provided organisations with silent comfort. There was no hard enforcement deadline, no obvious liability system, and no direct regulatory penalty for not taking action. That comfort is growing more out of place.
This is a result of Nigeria’s active regulatory stance on AI. Currently, two AI-specific Bills are in review in the National Assembly: the Control of Usage of Artificial Intelligence Technology Bill (HB 942) and the National AI and Robotic Sciences (Establishment) Bill (HB 601), which both seek to establish a formal regulatory and institutional framework for AI governance in Nigeria, including the creation of a central oversight body with powers relating to registration, standard-setting, and supervision of AI systems.
While these remain under consideration, they signal a clear legislative direction towards structured, enforceable AI oversight.
Beyond this legislative momentum, the pace of change is already accelerating in practice. Sector regulators are not waiting for legislation to arrive. The CBN Fintech Report 2025 highlights that AI is largely adopted in Nigeria’s financial services sector, particularly in fraud detection, customer service, and credit assessment.
More significantly, recent CBN guidelines on anti-money laundering now require financial institutions to implement automated monitoring systems within defined timelines, supported by advanced technologies such as artificial intelligence, machine learning, and predictive analytics to enhance the detection of suspicious transactions and risk patterns.
However, this regulatory shift is not confined to the financial sector. The Nigeria Data Protection Commission has intensified enforcement under the Nigeria Data Protection Act through investigations, coordinated enforcement, and mutual oversight, demonstrating a more assertive approach to data governance.
Across the broader regulatory landscape, there are also early indications of a shift towards more technology-enabled supervision, as regulators begin to explore data-driven and automated approaches to oversight.
Taken together, these developments point in a clear direction: AI governance is moving from optional to obligatory. Hence, boards that are not already building frameworks are waiting to be caught by it.
Three governance gaps Nigerian boards can no longer ignore
At a recent high-level governance forum attended by senior board practitioners from some of Nigeria’s leading companies, a chief compliance officer with expertise in anti-money laundering, ethics, and fraud put the scale of the problem in perspective.
She highlighted that Africa loses approximately $88.6 billion annually, equivalent to 3.7% of the continent’s GDP, to illicit financial flows, including money laundering, criminal proceeds, asset misappropriation, procurement fraud, bribery, and corruption.
Governance failures, she observed, occur not where policies are absent, but where organisations have overestimated the effectiveness of the frameworks they already have. She identified three blind spots that she believes Nigerian organisations are systematically underestimating.
The first is AI governance. Almost no one in any Nigerian boardroom today, she claimed, can honestly claim they have never used ChatGPT or a similar AI tool for a professional task. However, most organisations have no formal AI policy governing how these tools are used, how their outputs are verified, or who is accountable for decisions they influence.
The second is third-party risk. While many Nigerian organisations maintain robust internal policies, the greater vulnerability often lies outside the organisation. Vendors are typically onboarded following initial due diligence, but that scrutiny is rarely sustained.
If a joint venture partner or technology provider’s risk profile shifts, as it often can in Nigeria’s operating environment, the organisation using their services bears the resulting regulatory and reputational consequences. Continuous due diligence is therefore not optional; it is the standard boards should now be setting.
The third is the speak-up culture. Many employees have serious concerns but are reluctant to raise them, either out of fear of retaliation or a belief that nothing will be done. Whistleblowing mechanisms that exist only on paper, internally managed, rarely promoted, and never independently evaluated, create the appearance of accountability without any substance.
Hence, effective mechanisms should be independently managed, regularly audited, and reinforced through employee surveys that give boards clear visibility into what is actually happening within the organisation.
AI is already governing your organisation. Is your board aware?
As technology shapes decisions across credit, hiring, fraud detection, and customer analytics, the question is no longer whether organisations use AI, but whether their governance frameworks are keeping pace.
This reframes AI from a departmental concern into a board-level responsibility, and oversight of these systems requires the qualities effective boards are expected to bring, including ethical judgement, stakeholder sensitivity, cross-disciplinary thinking, and long-term accountability.
Thus, boards that engage with AI due to a lack of technological expertise are, in effect, abandoning oversight of one of the most consequential forces within their organisations.
Consequently, structure alone will not close this gap. The most advanced AI policy a board can commission is only as strong as the culture surrounding it. Undeniably, the best audit frameworks, the most detailed risk registers, and the most beautifully written board charters have always been rendered meaningless when the people responsible for upholding them lack the values or the conviction to do so, and AI governance is no different.
Hence, if the organisation’s culture does not reward transparency, honest reporting, and genuine accountability, any AI policy will become what too many governance documents in Nigerian boardrooms already are: compliance rituals. Values, therefore, are not a supplement to governance but its foundation.
It is from that foundation that practical accountability must be built. Therefore, every Nigerian board should be able to answer the following: Where is AI deployed in this organisation, and which decisions does it influence? Does management have a documented AI governance policy, reviewed in the last twelve months? Have the organisation’s AI systems, including those operated by third-party vendors, been tested for accuracy, fairness, and bias? Is there an appointed executive accountable for AI risk, and does that accountability extend to the board level? These questions are the baseline of responsible oversight in 2026.
In Closing: From adoption to accountability
Nigeria stands at a governance inflexion point. AI adoption is accelerating. Regulatory expectations are changing. However, the gap between how fast AI is being adopted and how slowly governance is responding grows wider daily.
Notably, the Society for Corporate Governance Nigeria has spent over two decades building the infrastructure for governance excellence in Nigeria, training more than 40,000 directors, senior executives, and governance professionals across sectors in partnership with the CBN, SEC, the Nigerian Exchange Group, the NCC, and the Financial Reporting Council, with support from the IFC and the World.
Across that body of work, a clear pattern is evident that Nigerian organisations are deploying AI faster than they are governing it.
However, the organisations that address this now, before a regulatory mandate or a crisis forces the conversation, will not only be compliant, but also trusted. And in Nigeria’s current investment climate, where institutional confidence is hard-won, trust is among the most valuable assets a board can protect.
Finally, the governance gap between AI adoption and AI oversight is where institutional risk currently lives. The boards that close it now will not be playing catch-up when regulation arrives. They will already have done the work, and that, in governance, is the only position worth being in.
This article is contributed by the Society for Corporate Governance Nigeria; a foremost institution committed to advancing corporate governance and board effectiveness. Through its programmes, research, and advisory engagements, the Society continues to strengthen governance standards and build capacity across both the public and private sectors. www.corpgovnigeria.org info@corpgovnigeria.org
