Standing topic, or system?

I have watched boards spend ninety minutes on AI in which the CIO ran model accuracy charts, the CISO covered prompt injection testing and the General Counsel summarised the EU AI Act timetable. Nobody asked who owned the AI agenda at executive level. Nobody asked how much agency had been delegated to which agents, what guiderails we had hard coded or who was responsible for each. Nobody asked what the board would see on the dashboard next quarter. Three hours of update across two cycles; zero hours of governance. That gap is what this manual page is built to close.

Most boards now treat AI as a standing topic. Far fewer treat it as a system. And the system you need now must govern a non-human actor at machine speed — not a person at quarterly cadence.

Standing topic produces an update. System produces evidence (real time).

The Stat This Week
65% of organisations now use generative AI in at least one business function. Three in four are running agentic AI in their systems. Fewer than one in five has a defined AI governance operating model that names who is accountable for each agent. Adoption up, agency unowned, evidence flat.

The shorthand

Strip the leading frameworks back. OECD’s updated 2024 principles set the values — human-centred, transparent, accountable. NIST’s AI Risk Management Framework reframes them as an operating loop — Govern, Map, Measure, Manage. The EU AI Act bolts on legal obligation, phased: prohibited practices live since February 2025, general-purpose AI obligations since August 2025, high-risk system obligations from August 2026. The UK’s principles-led approach leaves more discretion but demands the same outcomes. McKinsey, KPMG/INSEAD, the WEF AI Governance Alliance and the Harvard Law School Forum on Corporate Governance translate the same idea into board-level decisions: align posture, allocate capital, classify risk, govern the lifecycle, evidence the controls.

AI governance is value + risk + trust, governed as one system. The first-order board question is no longer “how much risk?” It is “how much agency?”

What changes when the actor isn’t a person

Every board operating model in use today rests on a hidden assumption: the actor executing a decision is a human who can be instructed, supervised, slowed down and held to account. Once decisions and actions are delegated to autonomous agents — pricing engines, customer-routing models, refund bots, credit-check agents — that assumption breaks. This is not a new agenda item. It changes the substance of nearly every board responsibility.

AI doesn’t replace the board’s duties. It raises the metabolic rate at which they must be discharged.

The Frame this week works through the structural break; this Library page operationalises the response.

The Four-Domain Frame, working as a system

The Manifesto introduces the Four-Domain Frame as the navigation grammar of this publication. The Library makes it operational — the same four domains, the same map, applied as a connected system rather than a list.

The Four-Domain Frame · the navigation grammar of TheDirectorBrief. Cross-cutting: 6-dimension scorecard (Value · Adoption · Risk · Compliance · Capability · Trust), 10 building blocks, 6-month implementation arc.

The board’s job is not to approve every tool or model. It is to ensure four things, one for each domain:

• Strategic intent — AI is linked to value, not pilot proliferation. (Strategy & Innovation.)

• Risk discipline — use cases classified, agency assigned explicitly, controls embedded before deployed. (Risk & Resilience.)

• Agency and accountability — every material agent has a named human owner; agency appetite (autonomous / recommend-only / prohibited) decided in advance; accountability never transfers to the agent. (Governance & Accountability.)

• Capability and trust — AI is explainable, fair, secure, lawful and defensible — and the board itself has the literacy to test that. (Capability & Culture, with Governance.)

A board doing only the first will be blindsided. A board doing only the third will miss the upside. The board that does all four turns AI from a risk to be contained into a capability to be governed.

Caremark exposure is not theoretical. Since Marchand v. Barnhill (2019) confirmed that boards owe an oversight duty for mission-critical risks, AI has steadily moved into the centre of that line. ISS and Glass Lewis both updated 2024 stewardship guidance to reference AI oversight and disclosure. If your minutes do not show evidence-based AI oversight — including who owns each material agent — the question is not whether you should worry. It is when.

The six questions that test whether your governance is real

The full Primer carries twenty questions, five per domain. Six are load-bearing. Use these in your next committee. If any of them produces a fluent description rather than a piece of evidence, you have governance theatre.

1. Where does AI create the most value in our business — and where could it destroy the most value?

Tests whether AI is integrated into strategy or banished to the cost line. (Strategy & Innovation.)

2. Do we have a complete live inventory of AI use cases — including GenAI, agents, copilots, shadow agents and vendor-embedded AI?

Tests whether the board has visibility — or only the slice management chooses to show. (Risk & Resilience.)

3. Are there AI uses we should prohibit because they are unethical, unlawful or inconsistent with our values?

Tests whether the board has set a floor. (Governance & Accountability.)

4. How much agency have we delegated to each material AI use case — autonomous, recommend-only or prohibited — and is a named human accountable for each?

Tests whether the operating model is defined or improvised. The new first-order question. (Governance & Accountability.)

5. Can we explain and defend AI-driven decisions to customers, regulators, courts or the media — and would the logs survive disclosure?

Tests whether you are defensible. (Risk & Resilience + Governance.)

6. What is the one AI failure scenario that could cause the most reputational harm — and have we imagined it concretely enough to plan for it?

Tests whether the board has imagined its worst day in enough detail to act. (Risk & Resilience + Capability & Culture.)

Watch, ask, decide

• Watch. The gap between the board’s confidence and management’s evidence. If the dashboard contains adjectives, not metrics, the gap is wide. If you cannot name who owns each material agent, the gap is wider.

• Ask. The chair and the SID — separately — who owns AI at executive level, which committee owns which risks, and when the board last received an end-to-end view rather than a topic-by-topic update. Inconsistent answers are the signal.

• Decide. Before the next cycle, that the board will receive a single integrated AI dashboard, that the AI inventory will be presented live (not quarterly), and that every material agent will carry a named owner, a documented agency appetite and a tested kill switch.

Next week in The Library

Eight ways AI can blow up your business — and the control architecture that catches them. The eight risk families tagged to the Four-Domain Frame, the agentic overlay (what changes when the actor is a machine), the ownership map updated for agency, three lines of defence, and the six-dimension scorecard. The Watch companion lands Tuesday; this Library piece lands Thursday.

About The Library

The Library is the manual and repository — primers, tools, templates, prompts, checklists, training material, implementation plans, reading lists and courses, plus the weekly Monday-Morning build: one tool to test and one prompt to use in your own director workflow, always with a safety note on what not to put into a public LLM. The first three issues are pinned anchors: this framework page, next week’s risk taxonomy, and the six-month implementation plan in week three.

What this is, what it isn’t. This is one sitting director writing for fellow sitting directors. It is not NACD certification. Not Big Four broadcast. Not Board Agenda observation. Not LinkedIn governance commentary. Not vendor evangelism. UK and Anglo-European, with the regulatory rigour of FRC, FCA, EU AI Act and SEC. Read in thirty minutes. Used by Monday.

TheDirectorBrief publishes every Tuesday — AI for boards. Each issue carries five sections: The Frame (strategy), The Watch (governance and risk pulse), Five for the Chair (board and committee debate), Signal (AI news that matters, with STAT and CHART of the week), and The Library (primers, tools, templates, prompts and Monday-Morning builds). One read. Thirty minutes. In your inbox before Monday’s pack.

Subscribe free at TheDirectorBrief.com — or reply to this email. I read every response.

Dharmash Mistry sits on the boards of Halma plc, Rathbones Group, the Premier League and the Football Association. He has held board positions across more than thirty organisations spanning listed companies, regulated financial institutions, major sporting bodies and venture-backed businesses, including the BBC, British Business Bank, the Competition and Markets Authority, Hargreaves Lansdown plc, Dixons plc, Revolut and Lovefilm. Prior to this he was a Partner at the venture capital firms Balderton and Lakestar. AI for Boards is written from inside the boardroom, not from outside it.

Sources

1. McKinsey, State of AI 2024 — generative AI adoption by function. [Primary.]

2. Grant Thornton, 2026 AI Impact Survey — agentic AI deployment and incident response. [Primary.]

3. NACD, 2024 Public Company Governance Survey — AI in the top three director risks. [Primary.]

4. Stanford HAI, AI Index Report 2024 — regulatory mentions across major jurisdictions. [Primary.]

5. Marchand v. Barnhill (Del. 2019) — board oversight duty for mission-critical risks. [Primary.]

6. ISS and Glass Lewis, 2024 stewardship guidance updates. [Primary.]

7. Working paper: Governing AI Agents in the Enterprise (May 2026) — the 6-dimension shift and 8-phase continuous loop drawn from internal research; full table sits in The Watch (this week) and the Primer Section B.

Frameworks referenced: OECD AI Principles (updated 2024); NIST AI RMF 1.0 (2023); EU AI Act 2024/1689; UK DSIT principles; KPMG/INSEAD Global AI Governance Principles 2026; WEF AI Governance Alliance 2024–25; Harvard Law School Forum on Corporate Governance. [Primary, all.]

A BCG survey of 625 CEOs and board members published last month (May 2026) found that 61% of CEOs believe their boards are rushing AI transformation. Not dragging their feet. Rushing it.

The explanation buried in the data is worse than the headline: the directors with the lowest confidence in their own AI knowledge are the most likely to believe their organisation is moving too slowly.¹

The directors who understand AI least are the ones pushing hardest for speed.

This inverts the conventional narrative — that boards are too cautious, too analogue, too late for the AI moment. The 2026 evidence says something more uncomfortable: boards are not behind AI. They are ahead of what they understand. And that combination — urgency without literacy, momentum without oversight — is precisely how consequential decisions get made badly, and at scale.

The Stat This Week
61% of CEOs say their boards are rushing AI transformation — and directors with the lowest AI literacy are the most likely to believe they are moving too slowly. Urgency is being generated by uncertainty, not by analysis. (BCG, May 2026, n=625.)

The silence in the room

I have sat in more than thirty boardrooms across eight countries — start-ups to government-owned entities, regulators to multi-billion dollar listed organisations, across every seat at the table. The pattern is consistent: creative destruction gets treated as business-as-usual until it isn’t. I have watched AI strategy presentations receive twenty minutes of agenda time, wedged between the CFO’s report and AOB. How many of us have sat in meetings approving AI spend with no clear value logic, approving the tech stack without challenging the design choices, treating AI governance as a checklist, measuring success by pilots or tokens, accepting ‘human oversight’ without testing if it’s for real?

Are we asking the right strategic and governance questions of a technology now reshaping how organisations fundamentally compete and operate — price, recruit, source, credit-check, market — where agents, not humans, are increasingly making the decisions?

What I have not heard — not once, in any of those rooms — is the question that matters most:

If a well-capitalised competitor rebuilt our core product around AI in the next eighteen months, what would remain of our competitive position?

That silence is the governance gap. Not speed. Not caution. The absence of the question that wasn’t on the agenda.

The numbers no longer allow a comfortable interpretation

Two findings now sit alongside each other in a way the boardroom cannot ignore.

Deployment is happening regardless of readiness. Grant Thornton’s 2026 AI Impact Survey finds nearly three in four organisations are giving agentic AI access to their systems and processes — piloting, scaling or running it in production. Just 20% have a tested AI incident response plan for when it fails.²

Capital is moving at the same speed. BCG’s AI Radar finds corporations expect to lift AI spending from 0.8% to 1.7% of revenues in 2026, with more than half directed at agentic systems.³ These are not experimental budgets. They are material capital commitments made into a technology most boards do not yet have the fluency to interrogate.

What changes when the actor isn’t a person

Every board operating model in use today rests on a hidden assumption: the actor executing a decision is a human who can be instructed, supervised, slowed down and held to account. Once decisions and actions are delegated to autonomous agents — pricing engines, customer-routing models, recruitment screens, refund bots, credit-check agents — that assumption breaks. And once it breaks, the substance of nearly every board responsibility changes with it.

Governance moves from directing human actors making occasional, reviewable decisions to deciding how much agency to delegate to a non-human actor in the first place. Risk moves from slow, visible and auditable-after-the-fact to fast, opaque and emergent — errors propagating at machine speed before controls catch them. Controls move from detective to preventive, embedded and real-time — hard caps, whitelists, kill switches built inside the agent. Compliance moves from periodic and sample-based to continuous and designed-in. Assurance moves from tracing the decision to validating the guardrails under stress, because the reasoning isn’t transparent. Accountability stays exactly where it has always sat — with a named human — because it can never transfer to the agent.

The new first-order board question is no longer “how much risk are we willing to take?” It is “how much agency are we willing to delegate?” — where agents may act autonomously, recommend-only, or are banned outright; each with a named human owner; each with a tested kill switch.

AI doesn’t replace the board’s duties. It raises the metabolic rate at which they must be discharged.

This is why the Four-Domain Frame is not a synthesis of consulting research. It is the operating system the new reality requires — Strategy, Risk, Governance and Capability held at the same time, because the existing machinery was built for a different actor.

The mechanism — it isn’t ignorance, it’s information architecture

The problem is not that directors are unintelligent. I want to be clear about that — and direct about something more uncomfortable.

The board’s understanding of AI is almost entirely constructed by either a vendor pitch disguised as ‘advice’ or by management. Every briefing, every strategy update, every risk summary — shaped by people whose incentives run toward demonstrating competence, maintaining momentum and presenting AI as a controlled programme rather than an existential variable. This is not cynicism. It is a structural observation about how boards receive information and how management teams, rationally, frame it.

The board hears what the risk framework caught. It is almost never told what the risk framework was incapable of seeing.

We have been here before — and we did not learn the right lesson

When the internet arrived, boards appointed Chief Digital Officers. The CDO became the governance pressure valve — the person who ran the digital programme, attended the right conferences, brought in an army of vendors, seeded experiments and then asked to launch a venture fund. Boards called it digital strategy. Meanwhile insurgent entrepreneurs backed by smart VC money went directly after their core profit pools — disciplined quarterly sprints, real-time customer metrics, not waterfall two-year IT projects out of date at the point of committing funds. Reinvention using technology, not technology applied to what they already did.

The companies that navigated that transition had something different: a willingness to self-disrupt — challenging their own legacy economics before someone else did — and boards and management teams who took a long view of what technology might do to their market, treated governance as part of product quality, and were clear about the problem they were solving and why their solution was meaningfully better. The best live example is Google, managing an AI transition where Search still accounts for over $225 billion — more than 55% of total revenues. The counter-example: Air Canada’s chatbot hallucination case, where no one was governing the model end-to-end.

Stripe and Square went after incumbents’ payment economics; Spotify rebuilt music distribution around access, not ownership; Airbnb did the same to hotels’ fixed-cost economics. On the other side of those bets sat the boards that watched it happen — Kodak, Blockbuster, Nokia, BlackBerry, Sears — and many more will follow. The governance failure was not a failure to understand technology. It was a failure to understand what technology did — to competitive dynamics, to cost structures, to who controlled the customer relationship. Crucially, digital was the CEO’s job, treated as a cross-business imperative with a board-level strategy. Not delegated to one function. Not run as an IT project.

The same structural deficit is repeating itself, in compressed time. We are, in 2026, roughly where we were in 2000 — when the boards that believed they were governing digital transformation were, in most cases, ratifying management’s story about it. The difference is that the cycle is compressed, the capital commitments are larger, and the competitive and regulatory environment is hardening around boards that cannot demonstrate they asked the right questions.

The Four-Domain Frame — the navigation grammar

Stripped back to first principles, the WEF Oversight Toolkit, KPMG/INSEAD’s Global Principles, McKinsey’s AI Trust framework and BCG’s board guidance converge on four domains a board must now own at the same time. Together they are this publication’s single organising scaffold — the Four-Domain Frame. Every weekly issue navigates against it.

1/ Strategy & Innovation: where AI changes the moat

Posture · capital · value. Disruption · advantage

Decisions changed, not just automated

2/ Risk & Resilience: what the framework cannot see

8 risk families; 3 lines of defence. Preventive · real-time

3/ Governance & Accountability: how much agency, evidenced

Agency appetite · named owner. Reserved matters · cadence

Evidence, not attestation

4/ Capability & Culture: whether the board can govern this

AI literacy · composition. NomCo trajectory. Personal practice

The Four-Domain Frame · the navigation grammar of TheDirectorBrief. Cross-cutting: 6-dimension scorecard (Value · Adoption · Risk · Compliance · Capability · Trust), 10 building blocks, 6-month implementation arc.

Most boards govern one of these well. A few govern two. Almost none govern all four simultaneously — which is the only configuration that survives this transition.

The ten questions every board should be asking sit across the four domains. Each carries a consequence: the cost of it going unasked. That cost is the point.

Strategy & Innovation

1. If a well-capitalised competitor rebuilt our core product around AI in the next eighteen months, what would remain of our competitive position?

Most boards govern AI risk inside the existing business. Almost none ask the disruption question — not whether AI creates risk in our operations, but whether it lets a rival make our operations irrelevant. Management is paid to defend the model that exists. The board owns the question of whether that model survives.

2. Is our AI investment buying competitive advantage — or operational parity that every rival will also reach?

Boards are approving AI spending that doubles in a single year. The right governance question is not how much. It is what for. Efficiency gains from AI are real and accessible to every competitor. The organisations building durable advantage are redefining the product, the customer relationship or the cost architecture in ways that are hard to replicate. Does the board know which category its spend falls into?

3. Is AI changing how this organisation makes decisions — or simply automating the decisions it already makes?

This is the line that separates real transformation from expensive process improvement. Most organisations use AI to do existing things faster. Fewer use it to do things differently — to make decisions with information they could not previously access, at speeds the operating model precluded, at a level of personalisation the old margin structure could not support. The board should know which category describes its programme.

Risk & Resilience

4. What is our AI risk framework built to catch — and what is it structurally incapable of seeing?

Risk frameworks identify the risks they were designed to identify. AI introduces categories no pre-AI framework was built to surface: emergent model behaviour, training-data bias at scale, adversarial manipulation, hallucination in high-stakes outputs, and — new in 2026 — agentic systems taking sequences of autonomous decisions across connected processes. An audit committee receiving a RAG status update on AI risk is not governing AI risk. It is receiving a summary of classified risks — which is a different thing entirely.

5. How much agency have we delegated to non-human actors — and did we decide that, or has it happened to us?

Three in four organisations now give agentic AI access to their systems; only one in five has tested what happens when it fails.² The board’s instinct is to ask how much risk. The question that survives the next two years is how much agency. For every material AI use case — pricing, credit, recruitment, customer routing, supply chain, refund handling — there are three possible answers: autonomous, recommend-only, prohibited. Each with a named human owner. Each with a tested kill switch. The boards that have made those calls explicitly will be governing. The boards that haven’t will discover their agency appetite the way pricing committees once discovered their FX exposure: in the incident report.

Governance & Accountability

6. Where does accountability sit when an AI-driven decision causes harm — and has the board formally assigned it to a named human?

This is not hypothetical. The EU AI Act’s requirements are now effective across European markets. The FCA’s AI governance expectations are hardening. D&O exposure on AI-related harm is live and being tested. Most boards have not formally assigned AI accountability — not in committee terms of reference, not in management responsibilities, not in the schedule of matters reserved. Accountability never transfers to the agent. The answer, when it matters, will be found in what was documented. Not in what was assumed.

7. Is AI a standing item on the board agenda — or does it appear only when something goes wrong or management asks for a budget?

Reactive governance is incident response with a board letterhead. The boards building real oversight treat AI as a live strategic conversation — at the frequency and seriousness of financial performance — not as a technology update in the CTO’s slot once a quarter.

Capability & Culture

8. Are we asking management the questions that matter — or the questions management has prepared us to ask?

This is the meta-question, and the one I find most difficult to answer honestly about my own board contribution. When I have been on the presenting side of the table, I knew which questions were coming. I had prepared answers. The questions I had not prepared for were the ones that changed the dynamic — and they were almost never on the agenda. The BCG finding cuts both ways: if boards are pushing faster than management, the question is whether that pressure is informed or anxious. Governance is not about speed. It is about the quality of the decision.

9. Who in this boardroom has used an AI tool to do something consequential in the last thirty days?

I include myself in this question. If your understanding of AI is entirely briefing-derived, your pressure for speed cannot be informed. The board cannot meaningfully challenge management’s AI strategy if its understanding of AI is entirely second-hand. This is not about becoming data scientists. It is the same standard of practical engagement expected of any director overseeing a material business transformation. The board that governed digital without digital experience was the first wave’s structural error. Repeating it knowingly is harder to excuse.

10. Do we have the board composition to govern the company we are building — not just the one we have?

The NomCo’s job has always been to ensure the board has the skills the strategy requires. If the strategy now includes material AI transformation, agentic systems deployment and regulatory navigation under the EU AI Act, the skills required have changed. Not more technologists — more directors with the economic intuition to read what AI does to competitive dynamics, cost structures and the value of human judgment. A board effectiveness review that does not address this is answering the wrong question.

What good looks like

The boards I have seen govern AI substantively well were not, in most cases, the ones with more technical expertise on the register. The difference was a Chair who treated AI as a strategy and accountability question before a technology question — and who created space for the board to interrogate the framing rather than the numbers.

In one such room, the Chair stopped an AI strategy presentation forty minutes in and asked a single question: “What happens to this business if this plays through — what happens to the market we operate in?” The conversation that followed was the most productive AI strategy and governance discussion I have been part of. It changed the decision — not the investment level, the question the investment was designed to answer.

I have also seen the operating model done well: a three-session board sequence on a single strategic debate — market and technology understanding with external experts (information gap closed), options without a proposal (expertise drawn out across the table without bias), then a decision with clear success criteria and risks. That beats forty minutes between the CFO report and AOB. It also beats the 45-minute management pitch with 15 minutes for questions. Given the speed of AI development, this cannot be reserved for the annual strategy away day.

And — increasingly often — the board has had to make the agency question explicit. I sat through a debate on an autonomous customer-routing agent where the discussion moved from “is the model accurate enough?” to “how much can this agent spend per case without human approval; where does the human pick up; what’s the kill-switch test; who gets paged when an anomaly hits?” That conversation took ninety minutes. It was the most useful ninety minutes the board spent that year — because the agency appetite was decided before the agent shipped, not discovered after the incident.

Effective AI governance is not a framework. It is a quality of attention — and the willingness to ask the question that was not prepared for.

Before your next board meeting

Three things. Not ten.

• Watch. Which agenda items involve AI decisions — directly, or in the assumptions behind them — that the board has not explicitly discussed as AI decisions?

• Ask. Of the ten questions above, which three would most change your board’s current AI conversation? Take those three in. One is enough to shift the dynamic.

• Decide. Does your board’s current composition give you the experiential authority to govern the AI strategy you are approving? If the honest answer is no, what are you and the NomCo going to do about it today — not as a future problem?

This week in The Library

Your AI governance isn’t an IT policy. That’s why it’s failing. The companion to this Manifesto — the framework, the board’s four jobs and the six diagnostic questions that test whether your governance is real. Read after this.

Next week in The Frame

The scientists who built AI are calibrating real harm in double digits. The regulators are catching up. Next Tuesday’s Frame works through what that means for fiduciary duty — and why the boards that build governance because Brussels told them to will build the wrong thing. “Skynet didn’t have a board. Your company does.”

About The Frame

The Frame carries the editorial argument of the week — one strategic question worked through with evidence, in-the-seat experience and a so-what a director can act on. Short version in your inbox; long version on Substack for subscribers.

What this is, what it isn’t. This is one sitting director writing for fellow sitting directors. It is not NACD certification. Not Big Four broadcast. Not Board Agenda observation. Not LinkedIn governance commentary. Not vendor evangelism. UK and Anglo-European, with the regulatory rigour of FRC, FCA, EU AI Act and SEC. Read in thirty minutes. Used by Monday.

TheDirectorBrief publishes every Tuesday — AI for boards. Each issue carries five sections: The Frame (strategy), The Watch (governance and risk pulse), Five for the Chair (board and committee debate), Signal (AI news that matters, with STAT and CHART of the week), and The Library (primers, tools, templates, prompts and Monday-Morning builds). One read. Thirty minutes. In your inbox before Monday’s pack.

Subscribe free at TheDirectorBrief.com — or reply to this email. I read every response.

Dharmash Mistry sits on the boards of Halma plc, Rathbones Group, the Premier League and the Football Association. He has held board positions across more than thirty organisations spanning listed companies, regulated financial institutions, major sporting bodies and venture-backed businesses, including the BBC, British Business Bank, the Competition and Markets Authority, Hargreaves Lansdown plc, Dixons plc, Revolut and Lovefilm. Prior to this he was a Partner at the venture capital firms Balderton and Lakestar. AI for Boards is written from inside the boardroom, not from outside it.

Sources

1. BCG, AI in the Boardroom, May 2026 — survey of 625 CEOs and board members. [Primary — verify release.]

2. Grant Thornton, 2026 AI Impact Survey — agentic AI deployment and incident response readiness. [Primary.]

3. BCG, AI Radar 2026 — corporate AI spend as percentage of revenue. [Primary.]

Performance reference: MIT CISR, Board Digital Fluency and Performance, March 2025 — AI-fluent boards outperform peers by 10.9 percentage points in ROE; non-fluent boards trail by 3.8%. Carried in The Library’s board-effectiveness primer. [Secondary.]

Frameworks referenced: WEF AI Governance Toolkit (2024–25); KPMG/INSEAD Global AI Governance Principles (April 2026); McKinsey, State of AI Trust 2026 — Shifting to the Agentic Era; BCG AI Radar 2026. Agentic governance logic drawn from working paper Governing AI Agents in the Enterprise (Library, May 2026). [Primary, all.]