Effective board governance depends on how vital risk information moves, how it gets prioritised (or not), and what happens when boards are inundated with information rather than insight.

Recent legal cases involving failures of board oversight over non-financial risk have produced important lessons about the limits of governance under pressure. Courts have found shortcomings in senior executives and have declined to find liability on the part of non executive directors in these cases. For boards, the key takeaway isn’t “who won.” It’s what these decisions say about how oversight works (and fails) in real time when risks are escalating and consequences are severe.

Risk getting lost in the pack

Recent case law has included commentary about the trend towards longer and longer board packs. Judges have noted that the volume of information directors are presented with for each meeting can at times be overwhelming and difficult to meaningfully evaluate. This trend can cause directors to take a triage approach where they read what seems central, scan what seems material, and trust that anything alarming would have been “signalled plainly.”

While this approach is understandable, courts have indicated that directors are expected to engage with material they receive, regardless of volume.

The onus is on boards to require management to take a disciplined approach to synthesising information and ensuring its timely provision, so they are enabled to appropriately discharge their oversight responsibilities. In practice, that means setting clear expectations about the length and style of papers and ensuring there is the right balance between information and insight.

Strong board oversight of non-financial risk demands proactive disclosure and proactive challenge

These lessons are a reminder of the need for executives to proactively raise material risks with the board and not wait to be asked.

But directors must in turn cultivate a board culture in which asking questions and pressing for further information is not only permitted but expected. Boards should ensure that governance arrangements, including board policies, committee charters, and meeting practices, normalise and support the raising and escalation of risk issues, rather than relying on the assumption that management will surface everything that matters.

AI as a governance tool

Having outlined the challenge of seemingly ever-expanding board packs and the need for directors to require management to take a more disciplined approach to preparing them, the question naturally arises about the potential uses of AI as a governance tool.

Australian companies are continuing to experiment with how AI can be used to help board directors discharge their duties. Some directors are now using AI enabled tools as part of their pre read to pull out themes, compare versions of papers and keep track of issues that recur across meetings. In parallel, some management teams are starting to use AI to support pack preparation — for example, to draft summaries and extract key risks, decisions and actions from supporting materials.

It is now a "contemporary reality" that directors are using AI tools to help with their preparation, and while this practice is not objectionable there is a need for it to be used in a controlled and considered manner. Several key considerations have been identified for the appropriate use of AI, such as:

• While AI may assist comprehension, it cannot remove the need for directors to actively engage with what they are being told (or not told) and form their own views.
• Organisations should agree a collective position for how AI is to be used for development of board packs by management and the digesting of that content by directors.
• Boards should openly and actively discuss the use of AI and agree protocols for this.

Key questions for board directors to ask now

1. Are our board packs too long for me to read with genuine attention and an enquiring mind? Am I practically having to rely on executive summaries, verbal briefings, or AI-generated distillations?
2. Am I satisfied that management is escalating material risk information to the board and not just responding when asked? When risk information is brought to the board, is it clearly signalled or is the lede being buried?
3. When something does not look right, do I ask questions and does our board culture make that easy?
4. When credible red flags emerged (for example, a shift in regulator tone, competitor failures, credible media or political scrutiny, or material findings from independent reviews) what do we direct management to do, by when, and how do we track closure? If no red flags are being reported, am I satisfied that none exist given my own current knowledge?
5. Does our board have a clear, transparent, and formally adopted policy on the use of AI?

How MinterEllison Consulting can help

Our Risk & Regulatory Consulting team supports boards and executives to operationalise these expectations through practical uplift in governance, risk escalation and reporting design, including:

• Board and executive risk escalation frameworks (triggers, thresholds, decision rights, closure)
• Redesign of board risk reporting (materiality, signalling, pack discipline, “decision-grade” papers)
• Uplift and testing of licence-to-operate controls and governance in high scrutiny environments

If your board reporting and risk escalation frameworks need a refresh, we would welcome the conversation.