Insights
What we'd tell your board.
Plain-language analysis of AI regulation, assurance and governance in the UAE and GCC — written for the people who have to answer for it, not the people who build it.
Regulatory intelligence
What we're tracking now.
BOARDROOM
Five questions your audit committee should ask about AI this quarter.
You don't need to understand transformers to oversee AI — you need the right questions. These five have never failed to surface something.
AGENTIC AIWhen the AI acts: governing agentic systems before they govern you.
Agentic AI changes the governance question from "is the output right?" to "was the action authorised?" Most frameworks aren't ready.
STANDARDSISO/IEC 42001: signal or checkbox?
AIMS certification is a genuine signal — or expensive wallpaper. The difference is decided before the audit starts.
Where we stand
Positions we'll defend in any boardroom.
Self-assessment is not assurance. The team that built the model reporting on the model is a conflict of interest, not a control.Five questions for audit committees
The EU AI Act is a GCC issue. If your institution serves EU clients or markets, Brussels is already one of your regulators.The UAE's AI regulatory map
Agents need mandates, not vibes. An AI that can act needs the same thing every employee with authority needs: limits, logging and someone accountable.Governing agentic AI
Certification without operation is paper. ISO/IEC 42001 is worth pursuing only if the management system actually runs between audits.ISO 42001: signal or checkbox?
Want this analysis applied to your organisation?
Every article here started as a question a board or audit committee asked us. Bring us yours.
Book a consultation