The Deloitte AI Warning: A Governance Wake-Up Call for Australian Boards

A recent report in the Australian Financial Review (AFR) has sent a ripple through the corporate world. Deloitte has officially instructed its staff to stop inputting confidential information into public AI tools, such as ChatGPT, following a rise in internal data incidents.

While this may seem like a standard operational tweak for a global firm, for Australian boards and committees, it is a significant governance signal. If the world’s leading professional services firms are tightening the screws on AI data leakage, boards must ask themselves: Are we protecting our board information with the same level of rigour?

The Quiet Risk in Board Preparation

The irony of the “AI risk” is that it often stems from a desire to be a better director. AI is an incredible tool for efficiency, and many directors are already using it to:

  • Summarise mammoth board packs.
  • Generate probing questions ahead of meetings.
  • Clarify complex technical or financial jargon.
  • Draft key discussion points.

These actions aren’t the problem, the environment is. Board papers contain the “crown jewels” of an organisation: financial forecasts, M&A strategy, legal advice, and sensitive cyber-risk reports. Pasting this data into a public AI is the modern equivalent of forwarding board papers to a personal Gmail account. Once that data is in a public model, the organisation effectively loses control over it.

A Governance Issue, Not a Technical One

The Deloitte incidents weren’t malicious; they were driven by convenience. This is exactly how governance gaps emerge. While director duties regarding confidentiality and care remain unchanged, the way information is handled has shifted overnight.

Many boards across Australia, particularly in the NFP, association, and independent school sectors, still rely on email, shared drives, or static PDFs. These legacy methods make it far too easy for sensitive material to be “copy-pasted” into unsecured AI tools.

Building a Robust Governance Response

A policy that simply screams “Do not use AI!” will likely fail. Instead, boards need a strategy that combines:

  1. Clear Expectations: Formal policies on AI usage.
  2. Director Education: Understanding the “where” and “how” of data processing.
  3. Secure, Approved Tools: Providing a safe alternative to public platforms.

Why the Platform Matters: The Athena Board Approach

The core lesson from the Deloitte warning is that sensitive information must remain within a controlled environment. This is where the choice of a board portal becomes a matter of risk management rather than just digital storage.

Athena Board serves as a prime example of how to bridge the gap between innovation and security. By moving away from fragmented email chains and unsecured folders, Athena Board provides:

  • Encrypted Distribution: Ensuring papers are only accessible to authorised eyes.
  • Defined Security Boundaries: Creating a “walled garden” where confidential information lives and stays.
  • Audit Visibility: Full transparency over who has accessed what, and when.
  • Safe AI Integration: By using a dedicated governance platform, organisations can eventually leverage AI capabilities within a secure infrastructure, rather than exposing data to the wild.

A Practical Checklist for Your Next Meeting

If you are a director or a member of a governance committee, use this moment to audit your current position. If the answers to these questions are “no” or “unsure,” there is a governance gap to close:

Governance Health CheckYes / No
Do we have formal guidance for directors on using AI with board materials?
Are we certain board papers never leave a controlled environment?
Have we moved away from using email and shared folders for distribution?
Do we use a secure, purpose-built platform like Athena Board?

The Bottom Line

AI will inevitably become a standard part of a director’s workflow. The goal isn’t to ban it, but to ensure it is used safely. For independent schools and NFPs, where student, staff, and donor data is at stake, the pressure to maintain high privacy standards has never been greater.

Good governance in 2026 starts with knowing exactly where your board data lives, and ensuring it never leaves the safety of a secure boundary.

Athena Board can hope, contact us now at sales@athenaboard.com.