Artificial Intelligence Governance Training for New Zealand Leaders
Aotearoa has no dedicated AI legislation, yet 76% of New Zealand leaders are already prioritising AI agents across their organisations. The Companies Act 1993, Privacy Act 2020, and Treaty of Waitangi create binding obligations that apply to every system your organisation operates today. We deliver governance training programmes that equip directors and executives with the knowledge and capabilities to lead with confidence.
The Awareness Gap Is a Governance Risk for NZ Businesses
New Zealand was the last OECD country to publish a National AI Strategy in July 2025, and 25% of leaders say governance is the "missing link" in their digital transformation efforts. With 81% wanting artificial intelligence regulation but only 6% able to identify what rules already exist, organisations across Aotearoa face an urgent governance challenge.
No AI Act Does Not Mean No Compliance Obligations
Without dedicated AI legislation, businesses must interpret existing law through governance frameworks that connect disparate obligations. The Companies Act 1993 imposes personal liability on directors under sections 131-138 for failures of care and diligence, including failure to oversee emerging technology risks. The Privacy Act 2020 applies its 13 Information Privacy Principles to every automated decision your organisation makes. The Health Information Privacy Code governs AI in healthcare. We help leaders translate these obligations into practical steps their teams can follow.
Treaty of Waitangi Obligations Extend to AI
Te Tiriti o Waitangi creates constitutional obligations for how AI systems collect, process, and use data relating to Māori. The concepts of kaitiakitanga and tino rangatiratanga demand that organisations approach Māori data governance with genuine partnership, not tokenistic compliance. Leaders across both government and the private sector must understand Māori data sovereignty, the concept of data as a taonga, and how Treaty principles shape responsible innovation in te ao Māori. Our programmes ground these obligations in practical governance, ensuring your organisation honours Aotearoa's unique constitutional foundations.
NZ Regulators Are Already Scrutinising AI Governance
The FMA expects financial services firms to govern AI-driven advice and lending decisions with the same rigour as human decision-making. The RBNZ is scrutinising AI in credit risk models and expects operational resilience across all technology-dependent processes. The Office of the Privacy Commissioner has signalled enforcement on automated decision-making without transparency. These regulators are not waiting for dedicated legislation, and neither should your organisation. Our programmes equip leadership teams with the knowledge they need before regulatory action forces the issue.
Leadership Governance Training vs Staff AI Literacy: Why the Distinction Matters
Your board does not need to build a machine learning model. They need to understand which governance strategies to adopt, which risks to escalate, and where personal liability sits under the Companies Act 1993. We design each programme to match the audience, equipping your leadership team with the governance knowledge to oversee AI across the organisation.
Staff AI Literacy
For general workforce
- • Safe use of generative AI tools at work
- • Protecting personal and organisational data under Privacy Act 2020
- • Recognising AI-generated content, hallucinations, and bias
- • Productivity gains and workflow integration
- • Following your organisation's AI acceptable use policy and compliance requirements
Leadership Governance Training
For directors and executives
- Companies Act 1993 director duties applied to AI governance
- Privacy Act 2020 compliance: 13 Principles for automated decisions
- Treaty of Waitangi obligations and Māori data governance frameworks
- FMA and RBNZ regulatory expectations and risk management strategies
- Public Service AI Framework and OECD AI Principles implementation
Leadership Training Modules Built for Aotearoa
Five targeted modules addressing the specific governance challenges New Zealand organisations face. Delivered on-site or virtually, each module stands alone or combines into a comprehensive programme. Every module is grounded in NZ-specific obligations, not generic international content repurposed for the local market.
Artificial Intelligence Governance Fundamentals
The foundation module for any leader who needs to understand what AI governance means in a country without dedicated AI legislation. We walk your team through how existing NZ law applies to AI systems, where the governance gaps create risk, and what responsible oversight looks like in practice. This module establishes the baseline every organisation in Aotearoa needs.
Covers:
- What AI governance means for NZ organisations and why it matters now
- The NZ regulatory patchwork: mapping existing compliance obligations to AI risk management
- AI risk categories for businesses: operational, reputational, legal, and ethical
- NZ's National AI Strategy, Algorithm Charter, and OECD AI Principles: what they signal for governance strategies
- Building governance when there is no prescriptive law
Duration
4 hours
Format
On-site or virtual
Audience
All leaders
Executive and Board AI Governance
Designed for directors and C-suite executives who carry personal liability under the Companies Act 1993. We cover sections 131-138 director duties as they apply to AI decisions, NZX Corporate Governance Code reporting expectations, and the oversight practices boards must adopt. This module addresses the specific obligations that make AI governance a board-level responsibility.
Covers:
- Companies Act 1993 ss 131-138: duty of care, good faith, and reckless trading applied to AI
- Personal liability scenarios: when AI failures become director compliance failures
- Board committee structures and governance frameworks for AI oversight and risk management
- NZX Corporate Governance Code: reporting on technology governance and AI oversight
- The 20 questions every board should ask their team about AI strategies and risk exposure
- Documenting AI governance solutions for annual reporting and IoD expectations
Duration
8 hours
Format
On-site or virtual
Audience
Directors, C-suite
Public Service AI Framework: Governance Strategies for Government
For government chief executives, deputy secretaries, and senior public servants responsible for implementing the Public Service AI Framework across their organisations. We translate framework principles into operational governance, procurement decisions, and citizen-facing deployment approaches. This module addresses the unique obligations that government agencies face, including Treaty of Waitangi partnership requirements and the Algorithm Charter for Aotearoa.
Covers:
- Public Service AI Framework: principles, compliance requirements, and accountability structures
- Treaty of Waitangi obligations in government AI: partnership, protection, and Māori data governance
- AI procurement governance: risk management frameworks for vendor assessment
- Transparency, accountability, and public trust in automated government decisions
- Equity impact assessments and OECD AI Principles for AI affecting diverse communities
- Lessons from NZ government AI deployments: approaches that worked and failures to avoid
Duration
8 hours
Format
On-site or virtual
Audience
Public sector leaders
Privacy Act 2020 Compliance for AI
A deep dive into how the Privacy Act 2020 and its 13 Information Privacy Principles apply to AI systems across NZ organisations. We cover collection limitations, purpose constraints, cross-border data transfers, and the Office of the Privacy Commissioner's expectations for automated decision-making transparency. This module gives your team the frameworks they need to deploy AI without breaching privacy obligations that carry real enforcement consequences.
Covers:
- All 13 Information Privacy Principles mapped to AI use cases in NZ businesses
- IPP 1-4: lawful collection and purpose limitation strategies for training data
- IPP 6: access rights and compliance obligations when AI makes decisions about individuals
- Cross-border data transfer governance frameworks for cloud-hosted AI models
- Health Information Privacy Code: additional risk management obligations for healthcare AI
- Privacy impact assessments for AI: when and how your team should conduct them
Duration
4 hours
Format
On-site or virtual
Audience
All sectors
Māori Data Governance, Te Tiriti, and Artificial Intelligence
Unique to Aotearoa. This module addresses the intersection of Te Tiriti o Waitangi, Māori data sovereignty, and AI governance, an area where no other country's frameworks can guide New Zealand organisations. We work with your leadership team to understand how Treaty of Waitangi principles, the concepts of kaitiakitanga and tino rangatiratanga, and Māori data governance obligations shape AI oversight across both public and private sectors. In Aotearoa, this is not optional. It is a constitutional requirement.
Covers:
- Te Tiriti principles applied to AI: partnership, protection, and participation
- Māori data sovereignty: data as a taonga, collective rights, and tino rangatiratanga
- Engagement strategies with iwi and hapū on AI systems that affect Māori communities
- Bias, fairness, and risk management: preventing disproportionate harm to Māori through AI
- Governance that honours kaitiakitanga in data stewardship and AI adoption
- Practical steps for incorporating Treaty of Waitangi obligations into AI policy
Duration
4 hours
Format
On-site or virtual
Audience
All sectors
Built for the NZ Regulatory Environment
Our Consultants Interpret Existing Law, Not Hypothetical Legislation
Most AI governance training assumes a dedicated AI Act exists. Aotearoa has no such legislation. We teach leaders how to apply the Companies Act 1993, Privacy Act 2020, HIPC, and sector-specific regulations to the AI decisions their organisations are making right now. The frameworks we build with your team are grounded in enforceable obligations, not speculative future rules that may never materialise in their current form.
Sector-Specific Strategies, Not Generic Content
Financial services leaders receive FMA and RBNZ-focused governance strategies. Healthcare leaders work with HIPC compliance scenarios. Government leaders train on Public Service AI Framework implementation and Treaty of Waitangi obligations. We tailor every module to the challenges your sector actually faces, reflecting how organisations in Aotearoa operate, not how those in other jurisdictions do.
Leaves Your Team with Actionable Governance Frameworks
Participants receive board question frameworks, AI governance policy templates, risk management checklists, and compliance documentation suitable for NZX annual reporting or IoD governance reviews. These are practical tools your organisation can deploy the following week to strengthen oversight of AI systems and demonstrate informed governance to regulators, shareholders, and stakeholders.
Which NZ Organisations and Leaders Should Attend
Government and Public Sector Leaders
- Public service chief executives overseeing AI adoption
- Deputy secretaries and tier-two leaders overseeing AI governance strategies
- Crown entity board members with compliance and risk management responsibilities
- Local government executives deploying AI solutions
- Government chief digital officers and innovation leads
Financial Services Organisations
- Bank and insurer board directors navigating AI governance frameworks
- FMA-licensed financial advice providers adopting AI
- Chief risk officers and compliance leads building AI strategies
- KiwiSaver and fund manager executives implementing AI solutions
- RBNZ-regulated entity senior management teams
Healthcare, Education, and Other NZ Businesses
- Health NZ board members governing AI in clinical settings
- NZX-listed company directors seeking governance frameworks for AI
- University and polytechnic leadership teams managing AI adoption
- Infrastructure and energy sector executives deploying AI solutions
- IoD members seeking specialist AI governance competence
Common Questions About Our AI Governance Training
If NZ has no AI-specific law, why do our leaders need AI governance training?
Because existing laws already create binding compliance obligations. The Companies Act 1993 holds directors personally liable for failures of care and diligence, including failure to oversee emerging technology risks that affect their organisations. The Privacy Act 2020 governs automated decisions about individuals. The FMA expects financial services businesses to govern AI-driven advice and lending. The RBNZ expects operational resilience across all technology-dependent processes. The absence of a dedicated AI Act does not reduce your obligations; it makes them harder to interpret without specialist guidance.
How does the Treaty of Waitangi affect our organisation's AI governance strategies?
Te Tiriti o Waitangi creates constitutional obligations around how data relating to Māori is collected, stored, and used in AI systems. The principles of partnership, protection, and participation, along with concepts like kaitiakitanga and Māori data governance, apply to every AI decision that affects Māori communities. For government agencies, the Public Service AI Framework explicitly requires Treaty consideration. For private sector businesses, failing to address these obligations creates legal, reputational, and ethical risk. Our programmes help your team develop governance that honours these obligations substantively, rather than treating them as an afterthought.
We are a financial services organisation. What modules are relevant?
Module 2 (Executive and Board AI Governance) covers Companies Act 1993 director liability directly relevant to financial services businesses. We also tailor content around FMA conduct expectations for AI-driven financial advice, RBNZ expectations for AI in credit risk modelling and operational resilience, and the anti-money laundering compliance implications of AI-based customer screening. Financial services leaders typically combine Module 1, Module 2, and Module 4 for comprehensive governance frameworks that address the full spectrum of their risk management obligations.
Can modules be combined into a custom programme for our organisation?
Yes. Most organisations combine two or three modules into a one- or two-day programme tailored to their sector, governance maturity, and AI priorities. Government agencies often combine Modules 1, 3, and 5 to address Public Service AI Framework and Treaty of Waitangi obligations. Financial services businesses typically combine Modules 1, 2, and 4 for comprehensive FMA and RBNZ compliance coverage. We also deliver individual modules as standalone sessions for board strategy days, committee meetings, or leadership team workshops.
What governance frameworks and documentation do participants receive?
Every participant receives a completion certificate, a summary of key compliance obligations covered, and practical toolkits including board question frameworks, risk management assessment templates, and AI governance policy drafting guides. These materials support NZX Corporate Governance Code reporting, IoD governance reviews, and internal board documentation. Organisations also receive an AI governance maturity assessment that benchmarks their position against OECD AI Principles and NZ-specific regulatory expectations.
Equip Your Leadership Team with AI Governance Expertise
The gap between public expectation and leadership knowledge is a governance risk that affects businesses and organisations across Aotearoa. Your directors already carry personal liability under the Companies Act 1993. The Office of the Privacy Commissioner is already enforcing Privacy Act 2020 obligations. The FMA, RBNZ, and Public Service AI Framework are already shaping compliance expectations. We deliver the training your team needs to close the gap before it becomes a regulatory failure.