African Presidents Have Committed To AI Governance. Have You?

No photo availableBySimon Bransfield-Garth
8 min read
Does your organisation know where it stands when it comes to AI governance? We make it possible.  

On 12 of May 2026, African heads of state gathered in Nairobi for the Africa Forward Summit. President William Ruto and President Emmanuel Macron co-chaired two days of discussions on energy, agriculture, health, trade, and digital transformation. Over 30 heads of state signed a Declaration. In Section 6 of that Declaration — the section on digital transformation and artificial intelligence — they committed to advance ‘ethical and pro-innovation AI governance’ across the continent, building on the Paris AI Action Summit, the African Union’s Continental AI Strategy, and the United Nations Global Digital Compact.

It committed Africa to AI governance. However, across this city’s boardrooms, the governance infrastructure to honour it is largely missing. The boards of many of Kenya’s leading companies believe they have time as they have not deployed AI yet. The reality is the board is looking at the wrong picture and there is no time.

It goes something like this. The Group CIO has presented. The CEO has nodded. The conclusion, almost always, is that things are under control. Microsoft Copilot has been approved for a pilot. A policy will be drafted. Review again in six months.

But the reality on the ground is very different. Recent research found that Kenya ranks first globally in ChatGPT usage by internet user share — 42.1 per cent of Kenyan internet users used the platform in a single month, ahead of the US, Japan and China. Let that sink in. As many boards are commissioning five-year AI strategies, our employees are already using AI at a rate that no other country on earth can match. Not because they have been asked to. Because they are resourceful professionals meeting their deadlines, and AI helps them do it faster, simpler, better, and affordably. But there are few controls because the board believes AI has not been deployed yet.

A client brief. A financial summary. A board presentation. Pasted into ChatGPT and returned in minutes, if not seconds. The data goes somewhere. The AI model may be trained on it. The answers coming back may be reliable, or not. And the distant AI model may have learned confidential information that can form part of an answer to a competitor. Nobody has told them to worry about that, because nobody in the organisation has mapped the risk. Because AI has not been deployed yet.

This AI Problem Has A Name

What I have just described is Shadow AI; the AI operating inside your organisation without explicit governance or oversight, typically because it arrived on an employee laptop or embedded in commercial software rather than through a deliberate deployment decision. Every technology-based tool your organisation uses for marketing, HR, finance, legal and procurement has probably quietly added AI capabilities in the past 24 months. Terms and conditions were clicked through. Privacy policies were accepted. It is a done deal as they say. Can you honestly say you reviewed the supplier contract in detail when that update happened?

I had lunch with the managing director of a major Nairobi-based enterprise recently. He told me his business was still in the early stages of evaluating the use of AI. By the time our lunch order arrived, we had identified 21 different applications across his business containing new AI functionality, operating on his data in who knows where. Ranging from HR tools to marketing databases, meeting summarisation and even accounting. Every bit of critical data in the business. The expression on his face as the implications registered said everything. He felt obligated to pay for our lunch.

The reality is that for any Kenyan organisation operating under the Kenya Data Protection Act 2019, and the Office of the Data Protection Commissioner, is actively building its enforcement capabilities. This creates obligations that most governance frameworks simply do not address. Those frameworks were written before AI became embedded in every piece of software the organisation depends on. They describe a world that no longer exists.

Simon Banfield -Garth
This Is Not A Technology Problem

Here is the thing I want every CEO and Chief Risk Officer in Kenya to understand: this is not a technology problem. It is a governance and leadership problem that happens to involve technology. AI is not an IT issue. Even if AI has not been formally deployed, every department has AI and every department head will be held responsible for what it does. Add this to the AI solutions that companies are developing to offer 24×7 customer care, enable instant bank account opening, marshal wayward social media or assess customer sentiment and the impact is as great or greater than the arrival of the Internet. With such power powerful technology, everyone in the business needs to know what they may and may not do with it. It is as pervasive as data protection or cybersecurity. The only question is whether you know enough about it to manage it.

At Akili AI, we have spent the past two years building AI solutions for African financial services organisations, working with banks, insurers, and enterprises across Kenya, Nigeria, and South Africa. The single most consistent finding is that the gap between what leadership believes about their AI exposure and what is actually happening on the ground is enormous, and growing. Some companies are slowing down their formal AI adoption because of concerns about risk, some are not aware of the risks. Companies face the compliance risk of action and simultaneously the competitive risk of inaction.

The solution is to get on top of AI governance and ride the AI wave with confidence. The organisations that are going to navigate the coming period of AI regulatory development, which the Africa Forward Nairobi Declaration has now formally accelerated, with the least disruption are those that start closing that gap now.

The Governance Framework Is Not Complicated

The good news is that this is not a complicated problem to begin addressing. You do not need a digital transformation programme. You do not need a massively expensive and enormously time-consuming consulting engagement. You just need three things.

First, visibility. You cannot govern what you cannot see. The starting point is a clear, honest picture of where your organisation stands on AI readiness — what tools are in use, what risks they carry, what your policy stack looks like against the standard required of a regulated institution.

Second, a governance framework. Not a 50-page strategy document, and not a corporate AI strategy designed for the board and ignored everywhere else in your organisation. The more useful question is not ‘what is our AI strategy?’ but ‘what are the top five business problems we have today that AI could help solve?’ That approach converts AI adoption from a technology-push exercise into a market- pull exercise driven by real operational needs — 24-hour customer care, automated back-office processing, real-time supplier management.

The governance framework is the infrastructure that makes those deployments safe. A practical, maintained structure: an AI ethics policy, a usage policy for employees, a risk register, an oversight committee with a defined meeting cadence, a compliance calendar, and a monthly briefing that keeps your leadership team current as the regulatory landscape evolves. These are not abstract ambitions — they are specific documents and processes, and they are achievable in weeks, not years.

Third, trained people. A governance framework on a shared drive is not a governed organisation. Your staff need to understand what AI they can and cannot use, why the boundaries exist, and what they are personally responsible for when they use an AI tool on behalf of the organization. That training needs to be current, role-specific, and evidenced — because when the ODPC asks, or when your board asks, ‘what have you done to ensure your team are using AI responsibly?’ the answer needs to be more than a lunchtime AI awareness session from 18 months ago.

A Comprehensive Suite of AI Readiness Tools From Akili AI

Akili AI has made the first of those three things available to any Kenyan or African organisation — for free.

Akili Snapshot is a rapid AI readiness assessment that measures your organisation’s maturity across shadow AI exposure, usage policy, staff training, accountability and risk management — and benchmarks your score against industry data. It is fully anonymous. It requires no registration. It takes fifteen minutes and the report it produces gives your risk and compliance team something actionable to bring to the next governance meeting.

Akili Assured — our managed AI governance service — is also available for organisations ready to move from diagnosis to action. It delivers the full governance framework: the policy documents, the compliance calendar, the oversight structure, the risk register, and the monthly management briefing. It comes alongside the expert guidance from the Akili AI team to provide you with the support you need to implement it well, without overloading the organization. Because Akili Assured is built on the latest AI technology itself, the financial investment to acquire it starts at a fraction of what a traditional consulting-led AI governance engagement would require — because access to good governance should not be a function of budget.

African heads of state signed a declaration in Nairobi committing to responsible AI governance. Kenya ranked first in the world for AI adoption. It is time we led on AI governance too. Not because a regulation requires it. Because our customers, our shareholders, and the people whose data we hold deserve nothing less. And because with good AI governance, companies are now free to ride the benefits of the AI wave with confidence.

This article was written by Simon Bransfield-Garth, CEO, Akili AI

Leave a Reply

Your email address will not be published.

Do you have a story that you think would interest our readers? Write to us editorial@cioafrica.co