The Governance Illusion
They Knew. They Always Knew. The Problem Was Never Knowledge.
In April 2025, the Australian Prudential Regulation Authority accepted a Court Enforceable Undertaking from a major Australian bank and raised the bank’s operational risk capital add-on to $1 billion.
The language APRA used was precise and deliberately uncomfortable.
“Despite this programme being in place for several years, APRA has yet to observe significant improvements in the bank’s non-financial risk management.”
A remediation programme had been running. Frameworks had been built. Policies had been documented. Risk committees had convened. Reports had been produced. And APRA, after reviewing it all, concluded that none of it had produced any observable improvement.
I know this because I was there.
I joined that bank in May 2019. I left in September 2025 — the same month ASIC announced a record $250 million penalty against the bank for misconduct spanning bond markets and retail banking. During those six years, I worked on data and AI capability inside one of Australia’s most systematically regulated financial institutions. I was vocal internally about the gap between what the documents said and what the systems actually did.
In July 2025, two months before I left, McKinsey handed APRA a root cause analysis that, in plain language, named exactly what I had spent years raising.
“NFR policies and practices perceived as compliance-focused and not business-oriented.”
“Good news culture masks problems, preventing decision-makers from recognising emerging risks.”
“Reluctance to challenge and deliver bad news.”
“Mechanical delivery without sustainable outcomes.”
I did not need McKinsey to tell me. The institution knew before I arrived. Their own 2018 Self-Assessment, completed as part of the post-Hayne Royal Commission process and never made public, was referenced only once in passing in Promontory’s November 2025 Establishment Report and had already identified these same weaknesses. That was seven years before McKinsey confirmed them. Seven years of knowing. Seven years of remediation programmes. One billion dollars of locked capital and a Court Enforceable Undertaking later, something finally moved.
What moved it was not better frameworks. It was the consequences.
That observation is the subject of this article. Not the bank specifically. Every institution. Every sector. And now, with particular urgency, AI governance.
This Is Not a New Problem. It Is a 49-Year-Old One.
The gap between governance on paper and governance in practice has a precise academic birthdate.
In September 1977, John W. Meyer and Brian Rowan published Institutionalised Organisations: Formal Structure as Myth and Ceremony in the American Journal of Sociology. Their central finding has not aged. Organisations, they argued, adopt formal governance structures not primarily for operational effectiveness, but to conform to “rationalised institutional myths” that confer legitimacy. And critically:
“Because attempts to control and coordinate activities in institutionalised organisations lead to conflicts and loss of legitimacy, elements of structure are decoupled from activities and from each other.”
Decoupling. A formal structure adopted without being implemented. Governance that exists to be seen, not to enforce.
This is not a fringe academic observation. It is the foundational theory of a field. DiMaggio and Powell extended it into institutional isomorphism in 1983, the mechanism by which organisations converge on the same governance structures under competitive and regulatory pressure, regardless of whether those structures actually work. Bromley and Powell refined it in 2012 into two distinct failure modes: policy-practice decoupling, where policies are adopted but not implemented; and means-ends decoupling, where policies are implemented but fail to produce their intended effect.
The governance profession has had a name for this problem since before most current boards and risk executives entered the workforce. It simply never solved it.
Michael Power named the assurance profession’s contribution to the problem in 1997. His book, The Audit Society: Rituals of Verification, argued that the expansion of auditing had produced not substantive assurance but something more pernicious: comfort production. The audit process becomes
“a world in itself, self-referentially creating auditable images of performance”
Decoupled from the organisational processes it is meant to evaluate. What auditors produce is a reassurance signal directed at external audiences — investors, regulators, boards. Not an honest assessment of operational reality.
What Power described in 1997 is what the AI governance industry now calls governance theatre. The terminology is new. The phenomenon is not.
The Frameworks Warned Against Themselves
Here is the part of the history that does not get told often enough.
The major corporate governance frameworks did not miss this problem. They saw it coming and said so explicitly. They simply could not prevent it.
The Cadbury Report (1992) — which introduced the world’s first comply-or-explain governance code — explicitly warned that rule-based measures risk encouraging boards to comply with the literal text of a regulation rather than its underlying spirit. Cadbury foresaw the failure mode before the ink was dry on the code he wrote. Six years later, the Hampel Committee (1998) formally identified what it called a “box-ticking culture” and noted that institutional shareholders and proxy advisors had reduced governance evaluation to binary yes/no conformance metrics. The Combined Code that followed tried to correct it. The incentive structure was unchanged.
COSO ERM (2004, revised 2017) explicitly recast enterprise risk management as a continuous discipline rather than a compliance exercise. The 2017 revision existed precisely because the 2004 version was being used as a checklist. King IV (2016) was the most direct:
“It cannot be claimed that good governance is in place simply by virtue of having implemented the recommended practices or by ticking the boxes. Box-ticking compliance is one of the major stumbling blocks towards governance that adds value.”
King IV said this in 2016 because every framework before it had failed to prevent it. The frameworks kept warning against the dysfunction. The dysfunction kept persisting.
The post-failure record confirms that knowledge was never the issue.
Enron held six consecutive Fortune “Most Innovative Company” awards from 1996 to 2001. Its board was cited among the best-credentialed in corporate America. It complied with regulatory requirements nearly to the end. The board formally waived its own code of conduct to approve the CFO’s related-party transactions — an act that required explicit board approval, demonstrating full awareness that an exception was being made.
The 2008 Global Financial Crisis produced regulatory frameworks with formally approved risk appetites that were systematically overridden in practice. The Senior Supervisors Group’s 2009 report found that institutional arrangements “conferred status and influence on risk takers at the expense of independent risk managers and control personnel.” Risk officers existed. They lacked authority.
And then there is the finding that closes the case.
In May 2019, APRA published an information paper covering self-assessments by 36 Australian financial institutions across banking, insurance and superannuation. The finding was unambiguous:
“The majority of self-assessment findings were reported to be already known to boards and senior leadership, and some issues had been allowed to persist over time… these issues were often only prioritised when there was regulatory scrutiny or other adverse events.”
Thirty-six institutions. Across multiple sectors. Already knew. Chose not to remediate. Until someone with consequences showed up.
This is not incompetence. It is the entirely rational response of agents operating inside a system that rewards the production of audit-ready documentation more reliably than it rewards the harder, more expensive, more conflict-generating work of substantive control.
What Calculated Compliance Actually Looks Like From Inside
McKinsey’s root cause analysis — the one shared with APRA in July 2025, the one that confirmed what a 2018 Self-Assessment had already said — named six enterprise-wide root causes of non-financial risk management failure.
Reading them now, from outside the institution, they are clear. Reading them from inside, while they were forming, they were harder to name precisely because they were the water you were swimming in.
The six causes were: culture manifesting as reluctance to challenge; capability gaps in risk expertise; blurred accountability across Lines 1 and 2; governance forums operating at an “emerging level” compounded by a good news culture; non-financial risk frameworks perceived as compliance-focused and not business-oriented; and projects delivered in a “mechanical way without sustainable outcomes.”
Four behavioural drivers underlay all six: reluctance to challenge and deliver bad news; complacency and limited self-reflection; insularity and lack of curiosity; and lack of responsiveness that allowed problems to persist and compound.
The report also noted — once, in Promontory’s Establishment Report, in a sentence that Banking Day described as the most consequential line in the document — that “these weaknesses were first identified in the bank’s 2018 Self-Assessment.”
Seven years.
The frameworks had been compliant with APRA’s requirements throughout. The remediation programmes had been documented and reported. The risk committees had met. The governance forums had convened. And the underlying weaknesses had persisted, largely unchanged, for seven years because the cost of surfacing them in a way that required substantive action exceeded the cost of documenting their being addressed.
What the institution could not produce on its own — what six years of frameworks, policies, and remediation programmes could not produce — was what APRA’s billion-dollar capital add-on and a Court Enforceable Undertaking finally forced: the institutional cost of paper governance exceeding the cost of real governance.
I am not describing this as an indictment of the individuals involved. The people building these frameworks, including myself, were working in good faith within a system structured to reward the appearance of control. What APRA named in April 2025 was not a personnel failure. It was a structural one. The system had been optimised for audit sign-off, not operational effectiveness, for long enough that the distinction had become invisible.
That is what calculated compliance looks like from the inside. It does not feel like evasion. It feels like governance.
AI Governance Is Reproducing the Same Pattern. Faster.
Between 2016 and 2020, the global AI ethics community produced 84 major governance documents. Jobin, Ienca and Vayena, writing in Nature Machine Intelligence in 2019, analysed them and found
“a global convergence emerging around five ethical principles… with substantive divergence in relation to how they should be implemented.”
Principles everywhere. Implementation nowhere. In 2019. The field was four years old and already replicating a pattern that corporate governance had been living with for four decades.
Ben Wagner named it in 2018 as ethics washing — the use of ethics guidelines as a marketing instrument rather than a governance framework, specifically as a strategy to pre-empt binding regulation. Brent Mittelstadt argued in Nature Machine Intelligence the following year that “principles alone cannot guarantee ethical AI” and that high-level principles require elaboration into mid-level norms and low-level technical requirements before they have operational purchase.
The AI governance field has been diagnosing its own paper-governance problem since before most of its frameworks were written. It has not solved it either.
< 30%
of US federal AI governance mandates were actually implemented
Lawrence et al., AIES 2023
The major frameworks, examined against the paper-versus-practice distinction, are honest about their limits if you read them carefully. The NIST AI Risk Management Framework (2023) is voluntary, not certifiable, and explicitly not a specification for runtime controls. Koch (2026) demonstrated that governance standards, including the NIST AI RMF, “do not by themselves yield implementable runtime guardrails”. An organisation can complete every documentation requirement in the framework while its deployed AI agent operates without a single enforceable control at runtime.
ISO/IEC 42001 (2023) is the strongest current standard — certifiable and explicit in requiring evidence of live control, not just documented policy. It is still a management system standard. It specifies what must be governed. It does not specify how enforcement is technically implemented.
The EU AI Act (2024) is binding. It is also slipping. The Commission missed its 2 February 2026 deadline for Article 6 guidance. In November 2025, it tabled the Digital Omnibus proposing to defer Annex III high-risk AI obligations to December 2027. CEN/CENELEC’s harmonised technical standards — the documents that would translate legal requirements into testable technical controls — were due in April 2025 and are now expected no earlier than the end of 2026. As of March 2026, only 8 of 27 EU Member States had fully designated competent national authorities.
The most sophisticated AI governance regulatory instrument in the world is, in operational terms, currently producing implementation documentation rather than implementing it.
1%
of organisations consider their AI governance mature — largely because they have not addressed dynamic risks in deployed systems
Lawson et al., 2025
Lawrence et al., writing in the proceedings of AIES 2023, found that fewer than 30 per cent of US federal AI governance mandates had been implemented, attributing the failure primarily to “bureaucratic capacity gaps — insufficient expertise, leadership and personnel” — and to regulatory mandates too vague to act on.
The pattern is not difficult to see. It is the same pattern. It is just running faster, on systems that can act in milliseconds, in organisations that have inherited the compliance-first methodology of the GRC profession without inheriting its hard-won lessons about why that methodology keeps failing.
What AI Has That Traditional Governance Never Did
Here is where the argument shifts.
Traditional corporate governance had no equivalent of a runtime control plane. Enforcement meant after-the-fact audit, regulatory action, and litigation — all retrospective, all operating on timescales measured in months or years. The gap between a governance failure and its detection was wide enough to drive a remediation programme through.
AI governance has something different. It has a parallel technical lineage, from ML safety, adversarial robustness, DevSecOps and access governance, that makes governance enforceable at the point of action, not at the point of audit.
Runtime guardrails intercept model inputs and outputs in real time. Runtime authorisation layers evaluate whether a proposed agent action has the structural right to execute before executing it. Policy-as-Code systems translate governance norms into machine-readable constraints evaluated deterministically at execution time. Cryptographic audit architectures generate tamper-proof evidence as a natural byproduct of enforcement, not as a separately produced document.
Lavi (2026) formalised the core distinction as the Right-to-Act protocol: a non-compensatory decision boundary in which, if any required structural constraint fails, execution halts — full stop. Not a weighted risk score where a high confidence rating can compensate for a failed control. A hard blocker. This is the logical structure that traditional governance, with its materiality thresholds, compensating controls and risk appetite tolerances, was architecturally incapable of producing.
Koch’s layered translation method (2026) operationalises the gap between governance intent and runtime enforcement by compiling governance objectives into design-time constraints, runtime mediation layers, and assurance feedback loops. The governance document is the input, not the output, of a control design process.
“An organisation can satisfy a governance framework while its deployed agent still lacks meaningful runtime controls.” Koch (2026), arXiv:2604.05229
The technical architecture exists. The question is whether organisations adopt it or use it as the raw material for more sophisticated-sounding documentation.
What Changes the Verdict
The research finding I am most confident in is this: the gap between governance on paper and governance in practice is not an epistemic failure. It is a structural one. The institutional environment systematically rewards the production of governance documentation over the implementation of governance controls, and rationally-acting organisations respond accordingly.
The fix is not better frameworks. Every decade produces better frameworks. The fix is changing what the institutional environment rewards.
These are the specific developments that would constitute evidence that AI governance is breaking the pattern rather than repeating it:
EU AI Act enforcement actions that turn on runtime failures, not documentation gaps. Until a regulator penalises an organisation specifically because its AI system acted without enforceable controls, not because its documentation was incomplete, there is no enforcement precedent that distinguishes paper governance from operational governance.
Procurement standards require runtime evidence packs. When enterprise and government buyers require suppliers to produce signed runtime decision logs, continuous monitoring telemetry, and live test results as qualification conditions — rather than governance policy documents — the economics shift.
Assurance firms’ pricing effectiveness testing. The audit economics that Power described in 1997, the firm paid to produce comfort rather than substantive assurance, have not changed. They will change when buyers pay for live system testing rather than document review.
CEN/CENELEC technical standards that translate legal requirements into testable controls, on time. The EU AI Act’s compliance regime is currently a statement of what must be governed, not a specification of what must be tested.
Until these materialise, the honest verdict is that AI governance is producing better-branded documentation about implementation rather than implementation itself.
The Question Nobody Is Asking
ASIC Chair Joe Longo said something at the September 2025 press conference announcing the bank’s $250 million penalty that has stayed with me.
“We have been here before with them. The bank has a history of non-compliance in market matters.”
Eleven ASIC proceedings in just over a decade. A 2018 Self-Assessment identified the same weaknesses that McKinsey confirmed in 2025. A remediation programme running since 2019 that produced no observable improvement in non-financial risk management. A billion dollars of capital locked up.
And the response — a comprehensive Root Cause Remediation Plan, seven workstreams, Board-approved, quarterly reporting to an independent reviewer, written attestation from Accountable Persons once remediation is complete.
More documentation. More attestations. More governance frameworks. To fix the failure of the last governance frameworks.
The bank’s chair said in April 2025: “The bank understands that with issues of such importance, we will be measured by what we do, not what we say.”
That sentence contains, without apparently intending to, the entire argument of this article. Governance that is measured by what you do requires that what you do is observable, enforceable, and consequential. It requires that someone with authority — a regulator, a buyer, a board — can verify the doing, not just the saying.
The AI governance industry is, right now, producing a great deal of talk. The frameworks are proliferating. The principles are converging. The certifications are being pursued. The roadmaps are being published.
The question nobody is asking is the one that a non-executive director asked about the 43-page AI governance framework in an earlier piece in this series.
“If the CEO came to you tomorrow and said we need to move faster on AI because the competitor down the street just announced something — what exactly does this framework prevent?”
If your answer involves a policy document rather than an architecture, you have built governance. You have not built control.
The distinction has been named, diagnosed, theorised and documented for 49 years. The consultants know it. The regulators know it. The frameworks know it — they say so explicitly, in the text.
What changes is not more knowledge. What changes is the cost of paper governance exceeding the cost of real governance. Regulators can create that cost. Buyers can create that cost. Boards — if they understand what they are actually approving — can create that cost.
Until someone does, the governance illusion will persist. Better branded, more technically sophisticated, more expensively certified.
But still an illusion.
References
Academic and Theoretical Sources
Meyer, J.W. and Rowan, B. (1977). Institutionalized Organizations: Formal Structure as Myth and Ceremony. American Journal of Sociology, 83(2): 340–363.
DiMaggio, P.J. and Powell, W.W. (1983). The Iron Cage Revisited: Institutional Isomorphism and Collective Rationality in Organizational Fields. American Sociological Review, 48(2): 147–160.
Power, M. (1997). The Audit Society: Rituals of Verification. Oxford University Press.
Bromley, P. and Powell, W.W. (2012). From Smoke and Mirrors to Walking the Talk: Decoupling in the Contemporary World. Academy of Management Annals, 6(1): 483–530.
Wagner, B. (2018). Ethics as an Escape from Regulation: From Ethics-Washing to Ethics-Shopping? In Being Profiled: Cogitas Ergo Sum. Amsterdam University Press.
Jobin, A., Ienca, M. and Vayena, E. (2019). The Global Landscape of AI Ethics Guidelines. Nature Machine Intelligence, 1: 389–399.
Mittelstadt, B. (2019). Principles Alone Cannot Guarantee Ethical AI. Nature Machine Intelligence, 1: 501–507.
Lawrence, R. et al. (2023). Exploring AI Governance in U.S. Federal AI Directives. Proceedings of AIES ’23. ACM.
Lawson, C. et al. (2025). State of AI Governance Maturity. Industry survey report, 2025.
Koch, C. (2026). From Governance Norms to Enforceable Controls: A Layered Translation Method for Runtime Guardrails in Agentic AI. arXiv:2604.05229. April 2026. [Preprint — not peer-reviewed.]
Lavi, G. (2026). Right-to-Act: A Pre-Execution Non-Compensatory Decision Protocol for AI Systems. arXiv:2604.24153. April 2026. [Preprint — independent researcher, not peer-reviewed.]
Governance Frameworks and Standards
Cadbury, A. (1992). Report of the Committee on the Financial Aspects of Corporate Governance. Gee Publishing / London Stock Exchange.
Hampel, R. (1998). Committee on Corporate Governance: Final Report. Gee Publishing.
COSO (2004; revised 2017). Enterprise Risk Management — Integrating with Strategy and Performance. Committee of Sponsoring Organizations of the Treadway Commission.
King IV Report on Corporate Governance for South Africa (2016). Institute of Directors in Southern Africa.
Senior Supervisors Group (2009). Risk Management Lessons from the Global Banking Crisis of 2008. Financial Stability Forum.
NIST (2023). AI Risk Management Framework 1.0. National Institute of Standards and Technology, U.S. Department of Commerce.
ISO/IEC 42001:2023. Artificial Intelligence — Management System. International Organization for Standardization.
EU Artificial Intelligence Act (2024). Regulation (EU) 2024/1689 of the European Parliament and of the Council. Official Journal of the European Union.
Regulatory and Institutional Sources
APRA (2019). Self-Assessments of Governance, Culture and Accountability: Information Paper. Australian Prudential Regulation Authority, 22 May 2019.
APRA (April 2025). APRA accepts Court Enforceable Undertaking from ANZ and increases capital add-on to $1 billion. APRA media release, 3 April 2025.
ASIC (September 2025). 25-201MR ANZ admits widespread misconduct and agrees to pay $240 million in penalties. ASIC media release, 15 September 2025.
ASIC (December 2025). 25-314MR Federal Court orders $250 million combined penalties against ANZ. ASIC media release, 19 December 2025.
ANZ / McKinsey (November 2025). Root Cause Analysis Summary. Published 14 November 2025. anz.com.au
Promontory (November 2025). Independent Review of ANZ’s Root Cause Remediation Plan: Establishment Report. Published 14 November 2025. anz.com.au
Oliver Wyman (April 2025). Global Markets Business Review. Published 3 April 2025. anz.com.au
Banking Day (November 2025). ‘Root-cause’ spotlight darkens ANZ. bankingday.com, 16 November 2025.
European Commission (November 2025). Digital Omnibus Proposal COM(2025) 836. Proposal to defer EU AI Act Annex III high-risk obligations to December 2027, 19 November 2025.


