Compensation Committee
The AI Compensation Challenge
As technology transforms how companies compete, grow and operate, how should adoption flow through to pay practices?
As companies flood hundreds of billions of dollars into AI initiatives, boards face a once-in-a-generation reset to help reimagine—and manage—the cyber, workforce, reputational and governance risks. A guide to the future that’s happening right now.
Boards know AI matters. How best to govern it? That’s not as clear.
In a recent Corporate Board Member recent survey of corporate directors, AI ranked as the second most pressing concern for boards and the top capital investment priority. But was also cited as the most overlooked area of board oversight. The findings underscore that even as companies pour billions into AI initiatives their directors agree is a strategic imperative, governance is struggling to keep up.
“What I see is a real disconnect,” says Brian Stafford, CEO of the governance software provider Diligent, which partnered with Corporate Board Member on the survey. “Boards are treating AI as a strategic priority, but many still don’t have the structures, expertise or operating discipline to oversee it well.”
That gap is emerging at a critical moment. While companies are under pressure to accelerate AI adoption to drive growth, efficiency and innovation, they are also confronting a growing list of concerns—from cybersecurity vulnerabilities and workforce disruption to reputational risks and questions about whether management teams are moving quickly enough to capture AI’s promised value. The technology’s potential is vast, but equally so is the risk of squandering it. During this formative period, stakeholders need to feel confident that management and boards are capable of insuring that AI is introduced, implemented and scaled in ways that unlock real value while also being deployed responsibly, securely and effectively.
For many boards, building that level of trust may require a shift in mindset, says Neil Sahota, chief AI officer at Consolidated Analytics, an AI advisor to the United Nations and author of Own the A.I Revolution, who serves as a director for Spirits Capital and several nonprofits. Focusing on instilling controls, putting guardrails in place and gaining efficiencies can help companies manage AI adoption-related risk while still delivering value. But it may also stifle the level of innovation necessary to realize AI’s true potential.
“Boards are focused on trying to govern yesterday’s problems,” he says. “They look at AI as a technical issue rather than an organizational issue and think that the companies that have the best AI will succeed. But the ones that will actually succeed will be the companies that have the best organizational turnouts.”
Boards that view AI in the context of procurement—which tools, which models, which vendors—can tend to get mired in its power to automate existing processes, grow revenue and improve margins. Those gains have demonstrable value, but the real value creation opportunity requires a broader scope and more visionary approach to harnessing AI. “We need to think about how AI will change what we do as an organization,” says Sahota. “How is it influencing our decision-making? Because that’s the real superpower of AI, helping us facilitate making better decisions. What we want to move to is a business consciousness where, through AI working with people, we can understand small changes in real time and quickly adapt. If you’re thinking about automation, you’re not taking that leap.”
Companies with problem areas—silos, disconnects, misuse of tools, work-arounds—that merely automate flawed processes, Sahota warns, also risk amplifying those issues. Instead, boards should challenge management teams to consider how AI can improve decision-making, enhance understanding of customers and operations and help organizations adapt more quickly to changing conditions. Directors should ask broad strategic questions: How is AI creating new forms of value in the industry? What assumptions underpin the models being used? And how are leaders ensuring AI tools and usage reflects the realities of their business, customers and workforce?
As technology transforms how companies compete, grow and operate, how should adoption flow through to pay practices?
The likelihood that AI will infiltrate nearly every facet of business is now widely acknowledged, and compensation planning is no exception. The boards of companies striving to integrate AI into operations, long-term strategy and products now face a new set of questions: Should AI metrics be embedded in incentive plans, and, if so, how?
While it’s still early days for most boards navigating the intersection of AI and executive pay, some are exploring incorporating AI-related goals into their compensation programs. “Where we’ve seen this so far is principally in annual bonus plans rather than as part of long-term incentives,” says Noah Kaplan, a managing director at FW Cook, noting that the approach generally falls into one of two buckets.
In some cases, AI initiatives are incorporated within the part of the bonus plan covering broader strategic goals, with boards evaluating progress on internal AI projects or adoption efforts. Such assessments are generally performed on a qualitative basis, rather than against pre-established quantitative targets. For example, one company has established AI-related KPIs tied to critical business priorities that focus executives on AI literacy and enablement, with scoring of the KPIs used to modify bonus plan funding that is based on top- and bottom-line performance.
The shift from to treating AI as a full-board strategic issue extends beyond oversight, capital allocation and protocols to CEO succession planning. As AI compresses product development timelines and alters competitive dynamics, directors are putting greater emphasis on expertise in navigating faster technology cycles, refreshing product portfolios and adapting organizations to rapidly changing customer expectations when searching for new leadership.
“The thing that good boards always need to have ready is, ‘what is the profile of the CEO of the future?’” says Sharon Wienbar, a board member at Enovis, Resideo Technology and Ingram Micro. “All of my companies, and any companies, doing a CEO search in the last handful of years, have looked for tech savvy—for someone who has driven higher-velocity new product introductions, has deeper technological expertise and been able to hire more tech talent.”
That shift reflects recognition that AI is arriving alongside robotics, additive manufacturing, supply-chain redesign and other technology-enabled advances that can reshape competitive dynamics by changing both the process by which products are made and what products are capable of doing. The boards of product-oriented companies are increasingly asking management where AI can and should be embedded into products, where it can improve enterprise operations and whether the potential rewards justify the investment and uncertainty that accompany it.
“It’s making sure that we all understand where we have risk and what risk we’re taking,” says Wienbar. “What I think we want to understand as board members is ‘what is our approach? Where do we think there’s opportunity? How fast should we go and why? Where in our product line is there real opportunity for advancement? How will we benchmark against competition when we get there or they get there?’ Those kinds of questions. This is the board-level conversation.”
Boards that treat cybersecurity as a compliance issue will stay stuck in reactive mode. But the starting point for strategic capability is simpler than most directors assume.
Four business days. That’s the floor regulators have set: how long a public company has to disclose a material cyber incident under current SEC rules. The question is whether boards of directors are building above it or still scrambling to meet it. It’s not much time for a board of directors that hasn’t pre-defined what “material” means, assigned who owns the response or ever run a serious tabletop exercise.
The SEC didn’t invent board accountability for cybersecurity. It just made ignoring it more expensive. The EU’s DORA (Digital Operations Resilience Act) and CSRD (Corporate Sustainability Reporting Directive) have added equivalent obligations for firms operating across Europe, and regulators across much of the world are following a similar pattern. In all cases, ignorance will not be tolerated as a defense.
Cybersecurity is another key area where traditional board-level oversight needs to evolve. Trust in AI depends on confidence that the systems are secure, the data feeding them is protected and the outputs they generate can be relied upon. At the same time, as companies embed AI into products, workflows and decision-making processes, the attack surface expands dramatically. Sensitive information moves through more systems. Employees gain access to powerful new capabilities. Third-party AI vendors become integrated into critical operations. The result is a threat environment that looks very different from the one most cybersecurity programs were built to address.
The issue is particularly acute for organizations whose business models depend on ensuring that proprietary information is secure. In the AI age, the clients of tech-centric and knowledge management companies increasingly demand assurances that proprietary data, intellectual property and AI workloads will remain protected, notes Bill Perlstein, global segment leader of FTI Consulting’s forensic and litigation practice and a board member at Global AI and Nano DX.
Responsible AI adoption is a daily and deep boardroom discussion at Global AI, he says, pointing to significant technology expertise in the AI infrastructure company’s boardroom, including John E. Kelly III, known as the father of Watson and former IBM CEO Virginia Rometty. “The company and the board are both at the forefront of worrying about AI protocols and governance because the need for client confidentiality, state-of-the-art protections for their data and making sure that you’re respecting whatever your agreement is for the use of the information is so critical to the business model.”
Such client expectations shift the focus of cybersecurity oversight from preventing and mitigating breaches to creating confidence among stakeholders that the company’s AI systems, data and infrastructure are secure by design. Organizations can no longer afford to approach cyber risk as a continuous cycle of identifying vulnerabilities and pushing out patches, a model predicated on threats being linear and manageable. AI-enabled cyber attackers are now able to combine multiple minor weaknesses across systems, applications and even business processes into a single exploit path.
In practice, that means vulnerabilities that might once have been deemed “low risk” in isolation can become strategically significant when linked with others, says Greg Sullivan, founding partner of the cybersecurity risk management provider CIOSO Global. “It’s time to get off the ‘patch treadmill,’” he says. “AI accelerates vulnerability chaining, making severity-based patching less effective. Boards should focus on attack-path management and secure-by-default engineering.”
In the AI era, cybersecurity oversight needs to be less focused on remediation metrics and more about ensuring the company is structurally harder to penetrate in the first place. Directors should be asking whether management understands how AI is changing the company’s threat landscape, whether security controls are being designed into systems from the outset and whether the organization is becoming more resilient—not simply more responsive—to attacks.
As investor stewardship becomes more technology-enabled, successful outcomes will depend on these factors.
Artificial intelligence is beginning to reshape how institutional investors approach stewardship, particularly in the high-stakes areas of executive compensation and board elections. As asset managers look for ways to evaluate more ballot items with greater speed and precision, AI is emerging as a powerful tool for analyzing pay practices, governance structures and voting patterns at scale. That shift has important implications for boards of public companies, especially as institutional shareholders apply increasing scrutiny to compensation committees and director oversight.
AI Gives Institutions the Ability to Conduct Proxy Analysis at Scale
One of the clearest effects of AI is the ability to scale proxy analysis far beyond what stewardship teams could historically do through manual review alone. AI tools can rapidly ingest proxy statements, compensation tables, peer pay data, governance disclosures and prior voting outcomes, allowing investors to identify perceived outliers across large portfolios much faster than before. For issuers, that means compensation proposals and director slates are more likely to be screened against consistent criteria, with less room for weak disclosure, unclear rationale or misalignment between pay and performance to escape attention.
For Sahota, the biggest cyber-related risk is not necessarily external attackers but the unintended consequences of empowering employees with AI tools without robust training and usage protocols. “The next insider threat may not be malicious—it may be ambitious,” he says.
In practical terms, AI has transformed employees into force multipliers. Marketing professionals can generate code. Analysts can build applications. Teams can access and process information in ways that previously required specialized expertise. While those capabilities can accelerate innovation, they can also create new risks if governance, training and oversight fail to keep pace.
While headlines about AI’s impact on workforces tend to focus on employees’ fear of being replaced, unauthorized use and over-reliance are emerging as common issues, notes Matt Plass, chief market strategy officer at the ethics and compliance company LRN Corporation. “Shadow AI is commonplace among employees, and many feed company data into ungoverned LLMs,” he says. “A key safeguard is to select and roll out a standardized company AI that can be monitored and controlled. Without this, you can be sure that the majority of employees are using personal GPT or Claude accounts with little or no oversight and significant data risk.”
Another risk is that technology intended to bring quality improvements backfires, he adds. “AI gets you 80 percent of the way to task completion almost immediately,” says Plass. “It looks ‘good enough,’ and the last 20 percent of required rigor quietly disappears.”
Mitigating the risk of unauthorized use or over-reliance entails getting much more explicit about accountability, instilling auditability, documentation, human oversight and clear data boundaries. “When AI creates a bad outcome, ‘the model did it’ is not a defense,” says Stafford. “Someone owns the decision, someone owns the control environment and someone owns escalation.”
For Nina Richardson, a board member at Silicon Labs, Resideo, Cohu and Tonal, an early focus on safety, privacy and IP protection with employees’ AI usage has evolved to also encompass examining the ROI of that usage. “Every company I’m involved with began with approvals of which AI programs could be used and who could use them for what purpose,” she says. “Now, because people are spending a lot of money on tokens, we’re starting to pay more attention to where the biggest bang for those now very expensive bucks will come from. We’ve been having conversations about the cost benefits associated with what we’re doing and how use of this resource needs to be prioritized across the organization.”
There is no single solution fit for all organizations or all leaders, but most can get onto a productive AI adoption path by asking some key questions.
The twin stars of accountability and responsibility rule every CEO and public company director’s life, day in and day out—to responsibly make decisions and be accountable for the results. But how do leaders move forward and own the outcomes when everything around them is changing?
Geopolitical and trade policies are shifting in ways unprecedented in our lifetimes, and technology is evolving at a blistering pace, making navigation tricky and progress elusive. All of this is creating new kinds of challenges in an environment where partnerships, supply chains and vendor selection are even more critical.
AI presents a particular flavor of these novel challenges for decision-makers—its disruptions and opportunities reliably strain resources—and the imagination. The pressure to select the right tools and agents, prioritize opportunities with strategy, effectively managing risk and understanding competitors’ moves, all heighten the burden on CEOs and boards to discern the right path for the best results. Further complicating the path is the convergence of AI with other technologies (robots!) and necessarily immature technology policies, all of which impose complex variables for security, privacy and efficacy.
As with most boards, those conversations have yet to surface in discussions of executive incentive plans. But a handful of companies have began implementing AI metrics in incentive pay calculations, says Martin Rowinski, CEO of Boardsi, who expects to see more companies adopt AI goals in compensation programs.
“Juniper Networks used a 10 percent annual incentive metric called ‘Win the AI Opportunity,’” he reports. “Qorvo used a 20 percent long-term incentive objective tied to exploring and deploying AI tools to improve productivity. Recursion Pharmaceuticals used an annual incentive goal to ‘lead the data & AI revolution’ in therapeutic R&D. These are early examples, but they point to where executive compensation is heading.”
“Compensation committees have a meaningful role [in AI initiatives] because incentives shape behavior,” agrees Stafford. “If leadership is rewarded only for speed or experimentation, you will get speed and experimentation. If leaders are rewarded for disciplined execution, responsible adoption and measurable outcomes, you are far more likely to get durable value.”
As boards begin to think through how executive incentives should reflect AI adoption and productivity gains, a broader structural question is emerging: where does AI oversight actually belong within the boardroom itself?
The answer is evolving. Early in their AI journeys, the boards on which Richardson serves opted for full-board ownership of AI as a standing strategic issue. “That usually means discussion of it at every meeting and deep dives every other quarter, depending on what’s happening in the business,” she says. “That doesn’t mean audit doesn’t worry about the risk factors associated with AI or nom-gov doesn’t pay attention to whether or not we’re in compliance with whatever requirements come up, but things are moving too fast to relegate it only to a specific committee.”
Recognition that AI’s impact cuts across every dimension of the enterprise was also a factor in three of the companies recent deciding to create dedicated annual “strategy days,” an extended session focused entirely on long-term issues, with AI now occupying a central place on the agenda. Discussions often extend beyond operational efficiency or near-term deployment to broader questions of business model disruption, regulatory uncertainty and global competitiveness.
“Strategy days are not only presentations by management,” Richardson says. “They’re in-depth conversations about possibilities, things that people have observed and what we think about a number of vectors. What will our industry look like going forward? Where are we going to use AI? Where is it going to fit in? Those are the kinds of macro-level conversations we’re having there.”
That kind of deliberate, expansive thinking may be exactly what the moment demands. It charges the full board, fully engaged and fully willing with asking hard questions about where an industry is heading and whether the company is positioned to meet it. AI cuts across risk governance, cybersecurity, workforce, reputation, compensation—all of it. The boards that understand that, and govern accordingly, won’t just be overseeing a technology. They’ll be helping to shape the companies that master it.
Array
(
[data_type] => boolean
[data] => False
[template] => /home/ka26lne/public_html/wp-content/plugins/elementor/modules/page-templates/templates/header-footer.php
)
Array
(
[data_type] => boolean
[data] => False
[template] => /home/ka26lne/public_html/wp-content/plugins/elementor/modules/page-templates/templates/header-footer.php
)
Array
(
[data_type] => array
[data] => Array
(
[ID] => 15192
[key] => field_62ffbcd2ee33a
[label] => State Select
[name] => ce_profile_shipping_address_state_select
[aria-label] =>
[prefix] => acf
[type] => select
[value] =>
[menu_order] => 14
[instructions] =>
[required] => 0
[id] =>
[class] =>
[conditional_logic] => 0
[parent] => 15171
[wrapper] => Array
(
[width] =>
[class] =>
[id] =>
)
[relevanssi_exclude] => 0
[hide_admin] => 0
[choices] => Array
(
[AL] => Alabama
[AK] => Alaska
[AZ] => Arizona
[AR] => Arkansas
[CA] => California
[CO] => Colorado
[CT] => Connecticut
[DE] => Delaware
[DC] => District of Columbia
[FL] => Florida
[GA] => Georgia
[HI] => Hawaii
[ID] => Idaho
[IL] => Illinois
[IN] => Indiana
[IA] => Iowa
[KS] => Kansas
[KY] => Kentucky
[LA] => Louisiana
[ME] => Maine
[MD] => Maryland
[MA] => Massachusetts
[MI] => Michigan
[MN] => Minnesota
[MS] => Mississippi
[MO] => Missouri
[MT] => Montana
[NE] => Nebraska
[NV] => Nevada
[NH] => New Hampshire
[NJ] => New Jersey
[NM] => New Mexico
[NY] => New York
[NC] => North Carolina
[ND] => North Dakota
[OH] => Ohio
[OK] => Oklahoma
[OR] => Oregon
[PA] => Pennsylvania
[RI] => Rhode Island
[SC] => South Carolina
[SD] => South Dakota
[TN] => Tennessee
[TX] => Texas
[UT] => Utah
[VT] => Vermont
[VA] => Virginia
[WA] => Washington
[WV] => West Virginia
[WI] => Wisconsin
[WY] => Wyoming
[AA] => Armed Forces (AA)
[AE] => Armed Forces (AE)
[AP] => Armed Forces (AP)
)
[default_value] =>
[return_format] => value
[multiple] => 0
[allow_null] => 1
[allow_in_bindings] => 1
[ui] => 0
[ajax] => 0
[placeholder] =>
[create_options] => 0
[save_options] => 0
[_name] => ce_profile_shipping_address_state_select
[_valid] => 1
)
[template] => /home/ka26lne/public_html/wp-content/plugins/elementor/modules/page-templates/templates/header-footer.php
)