AI on Corporate Boards: Challenges for India's Corporate Law Framework

[Arnav and Ria are students at West Bengal National University of Juridical Sciences.]

A rising trend can be observed about artificial intelligence (AI) being integrated into business decisions, specifically as an analytical and predictive component for companies and their decision making authorities. Towards this end, there are discussions in India about whether AI can add value to the position of independent directors (ID), based on Sections 149 and 166 of the Companies Act 2013 (CA) which frame board independence, accountability, and duty of care. Although other countries around the world have turned to AI-assisted board support systems, these have not, till date, officially introduced AI as a director. In this regard, there are a number of legal obstacles to AI potentially being introduced as an ID in view of India’s existing legal framework. This article analyses these legal and governance hurdles, set amidst focused comparisons to other countries, and identifies practical ways and means to add value to the position of these IDs with AI.

Role of Independent Directors and Regulatory Obstacles in India

Under the CA, there are strict statutory limits on the formal inclusion of AI in the overall structure of the board. According to Section 2(34), a “director” is defined as a person who has been appointed to the company's board of directors. The prescribed definition indicates that only natural persons qualify for directorship position. This is further supported by the necessity that directors must apply for a Director Identification Number under Section 152 and Section 153, which is founded on the legal identity of the director, that is, the natural person. Finally, for this role of being a director, only individuals qualify, as specified by Section 149(1), thereby ruling out any possibility of the presence of AI systems possessing any form of directorship role.

Further, the IDs appointed under Section 149(6) of the CA are supposed to fulfil certain qualitative requirements, like integrity, relevant expertise, and the absence of a material pecuniary relationship with the company or the promoters or management. These requirements are rooted in personal reputation, ethical standing, and demonstrable independence, all of which are intrinsically human attributes. AI, lacking legal personality and social repute, cannot establish “arm’s length” independence or be assessed against standards of character and probity that underpin the concept of an ID in Indian corporate law landscape.

Apart from appointment, fiduciary duties under Section 166 provide a substantive legal hurdle. In Vaishnav Shorilal Puri v. Kishore Kundan Sippy, court ruled that a directors' fiduciary principle of loyalty, under circumstances as in Section 166, requires directors to give first preference to the corporation rather than allowing self-serving activities. Thus, directors are expected to display due and reasonable care, skill, diligence, and independent judgment, while making decisions in good faith in a manner that is in the best interests of their company and its members, requiring presumptions of intention, morality, and judgment that do not exist in algorithmic systems. Therefore, directors' responsibility for actions in an AI-produced manner do not impair their accountabilities, rendering them ‘officers in default’ under Section 2(60). Even for listed companies, Securities and Exchange Board of India (Listing Obligations and Disclosure Requirements) Regulations 2015 (LODR) provides an additional legal hurdle that requires independent directors to exercise their unbiased and active diligence, making them difficult to substitute with other systems, including algorithms.

Additionally, IDs are required to provide objective, unbiased strategic advice and act as an umbrella to organisations through which they can oversee both financial and operational risk by conducting financial audits and monitoring risk through audit and risk management committees as specified within Section 177 of the CA. As part of their oversight function, IDs check the integrity of whistleblowers' protection mechanisms. IDs also play a vital role during investigations of related-party transactions under Section 188 of the CA. However, the approval or disapproval of any related-party transaction based on fairness and propriety will continue to reside with IDs. This aligns with the ‘business judgment’ rules anticipated by Section 166, in protecting IDs who make reasonable decisions based upon good faith – whereas decisions made via algorithms potentially expose IDs to claims of negligence.

Furthermore, using the results and outputs from AI systems without having proper audits and governance of the processes that were used to create these outputs could put a board at risk of contravening Section 179 regarding delegation limits, thus exposing directors to significant liability (including criminal liability for fraud under Section 447). Therefore, while AI may help improve a board’s efficiencies and governance capabilities, owing to the existing limitations in the law, AI can, at the maximum, play a supplementary role in enhancing and not replacing the current roles of IDs in India’s corporate governance framework.

Comparative Global Insights

Jurisdictions across the globe take a cautious and pragmatic approach toward the incorporation of AI systems within corporate governance structures. Such holistic approach helps reinforce the supremacy of human discretion and insight, providing a reference point for the CA without requiring a change in the essentials of directorial status.

Under the Companies Act 2006 in the UK, the fiduciary duty for company directors is established by Sections 171 to 177 encompassing Section 172's fiduciary duty for company success. The case of Regal (Hastings) Ltd. v. Gulliver established that directors contravened the ‘no profit’ principle by deriving a benefit through a corporate opportunity utilizing company information even in the absence of any pre-existing relationship. The inability of AI to satisfy the essential aspects for the role of the independent director in light of similar principles for company laws in the UK and India makes monitoring by a natural individuals necessary. Thus, it is difficult to exonerate the role of senior management personnel in light of the increasing role of AI.

The EU AI Act has specified certain use cases for AI under the annexes, especially under Annex III, to be classified as ‘high-risk’, with controlling human oversight and risk management under Article 14, without completely banning AI for fiduciary or governance purposes. This is consistent with the transparency regime under the General Data Protection Regulations, much like India’s Digital Personal Data Protection Act 2023 (DPDP Act) focuses on the concept of data fiduciary, although it introduces novel concepts of risk levels that do not exist under the DPDP Act or Section 134 of the CA.

The Singapore Code of Corporate Governance, currently under review by the Corporate Governance Advisory Committee since 2025 with guidance by the Monetary Authority of Singapore, encourages the board’s supervision of risk related to AI through frameworks supporting human accountability. This ‘comply or explain’ approach responds to LODR regarding free independent directors on committees, as found in the Section 179 delegations under the CA in the case of India. In Delaware, the Caremark requirement mandates demonstrating bad faith for AI risk supervision defaults, as opposed to the ‘officer in default’ requirement found under Section 2(60) in the CA.

Potential Pathways for Navigating the Indian Corporate Governance Landscape

On the back of this comparative analysis, it is crucial to note that the Indian scenario has a unique setup of legal, regulatory, and practicable impediments, which makes it a rather complex task to integrate AI into the decision-making process at a boardroom level. The most glaring deficiency, which has emerged due to the legal and regulatory framework, is that Section 2(34) of the CA, has restricted the position of a director only to natural persons, discounting any possibility of involving AI in this process.

Apart from corporate governance, the factors which further increase the challenges are the liability factors. According to Sections 447 to 449 under the CA, the directors may also have strict liability on matters like fraud, misrepresentation, or concealment involving boardroom dealings. The AI systems will not come under the definition of ‘independent directors’ as prescribed under Section 149(6) of the CA and lack the capability to perform ‘stakeholder-centric’ obligations, which require sound judgment and a balancing approach. This problem further intensifies with the advent of the DPDP Act, which strictly provides for strict guidelines concerning data used for the training of AI systems.

A balanced strategy may include a hybrid model where human accountability and AI technology as a facilitator can coexist. For the short term, AI can work as a ‘corporate observer’ through permissible delegation under Section 179 of the CA within a board committee framework. In such a framework, the inputs given by AI will help, but the final decision  will be taken by the IDs, which will further have to be validated by comprehensive review and internal audit requirements. Further ethics and literature training on AI ethics for IDs, as has been mooted by professional bodies for governance, with a cautiously worded indemnity clause on the risk of technology implementation can be undertaken to aid the process. 

Amendments to the current statutory framework concerning Section 2(34) might help in complementing the ‘AI-supported director’ system, making it clear that the function of the director is conducted by human entities yet enabling the incorporation of the usage of AI tools by the director. The Ministry of Corporate Affairs (MCA) can further assist in the process by releasing relevant guidelines that are to be followed by companies while undertaking certain initiatives in this direction.

Conclusion

To ensure that AI is implemented effectively, organizations must assess possible bias and inaccurate data prior to deploying the AI system. Ensuring an established veto protocol allowing a person to negate the recommendations of AI and having a third-party verification in place at periodic intervals during the life of the system can serve as crucial safeguards in this regard. MCA and SEBI guidelines regarding the pilot use of AI in non-critical board committees can also provide legitimacy and a framework for continuing to evaluate the technology. Together, these measures can, to an extent, ensure balance between innovation with accountability and support improved governance outcomes without the need for significant structural changes to CA and associated legal frameworks.