While AI governance is a growing concern for financial services leaders, two recent surveys suggest there might be a knowledge and strategy gap at the board level. When board members were asked which skills and experience would expand their board's composition and ensure alignment to the organization's strategy, artificial intelligence and machine learning topped the list, according to Nasdaq's most recent Global Governance Pulse survey.

Meanwhile, a Deloitte survey reveals that while AI is increasingly being discussed in boardrooms, 31% of boards still do not have AI on their agenda. The survey emphasizes the need for boards to accelerate AI adoption to harness its potential and to ensure comprehensive AI education for effective oversight.

AI and machine learning might have topped the aforementioned Nasdaq survey, but cybersecurity and data privacy were a close second (35% to 34%).

Amid new cybersecurity challenges, including deepfakes, boards are being urged to adapt by focusing on resilience rather than prevention. Directors should engage more with CISOs and emphasize risk management over mere compliance. This shift is crucial for navigating the evolving threat landscape and ensuring robust cybersecurity best practices.

Facing a decade of disruption, boards require risk reporting that provides strategic insights rather than exhaustive data. In such a landscape, boards are working to manage how to report different risks in different ways. This article outlines 10 principles for effective risk communication, including linking risk reports to business objectives, focusing on critical risks, and ensuring clear risk ownership. Boards must also embrace an iterative process of feedback and improvement to keep board risk reporting relevant and actionable in a dynamic environment.