Sovereign Stack
A Board-Approved AI Policy Is Not a Document.
It Is a Set of Decisions.

The Approval That Decides Nothing
Here's a scene playing out in boardrooms across Indian financial institutions this year. The agenda reaches item six: AI policy. A well-formatted document appears on screen — principles, commitments, references to the RBI's FREE-AI framework, a paragraph on ethics. The board reviews it, suggests a wording change, and approves. Minutes are recorded. Everyone moves to item seven feeling that AI governance has been handled.
Six weeks later, a relationship manager pastes a customer's bureau report into a public chatbot to summarize it. Was that allowed? The policy doesn't say. It says the institution is "committed to responsible AI use." The RM read that — or didn't — and it changed nothing about what happened at 4:30 on a Tuesday afternoon.
That is the tell. A policy that cannot answer one operational question has not decided anything. And a document that decides nothing is not a policy — it is an intention with a letterhead.
First, Let's Be Clear About What a Policy Is Not
An AI policy is not a values statement. It's not the FREE-AI framework's language restated with your logo on it. It's not a summary of your vendors' terms and conditions, and it's not a commitment to "human-centricity" that no one can operationalize.
Those documents exist to be approved. A policy exists to be used — by the RM with a bureau report, by the product head scoping a GenAI feature, by the auditor reconstructing a decision. The difference between the two is simple: a real policy is a set of decisions, made in advance, by people with the authority to make them.
The Five Decisions a Real AI Policy Makes
One: what is in, and what is out. A real policy draws the boundary of permitted AI use — which tools, which use cases, which data. Not "employees should exercise judgment." A boundary. If pasting customer data into unsanctioned public tools is prohibited, the policy says so in a sentence a new joiner can apply on day one. If document summarization through the sanctioned platform is allowed, it says that too. Every use case a policy refuses to classify gets classified anyway — informally, invisibly, by whoever needed it done that day.
Two: who owns each use, by name. Every AI system in the institution needs an accountable owner — for the credit model, the collections optimizer, the customer-facing chatbot. A committee is not an owner. "The business" is not an owner. When the examiner asks who is accountable for the scoring model's behavior in March, the answer is a person, or it is nobody. There is no third option.
Three: which risk tier each use sits in — and what that tier costs. The FREE-AI framework is explicit that governance should be proportionate to materiality: a document summarizer and a credit decisioning model do not carry the same obligations. A real policy makes the tiering decision — and attaches consequences to it. High tier means independent validation, detailed audit, human sign-off. Low tier means lighter touch. A policy that never assigns tiers has quietly decided that everything will be treated the same, which in practice means everything will be treated lightly.
Four: when the AI must stop and hand off to a human. Somewhere between a chatbot answering a balance query and a model declining a loan application, there is a line where machine judgment must yield to human judgment. A real policy locates that line before the incident, not after it. Which decisions can be fully automated, which need review, which can never be delegated. If your policy is silent here, the line will be drawn for you — by an escalation, a complaint, or an examiner.
Five: what gets recorded, and for how long. Every one of the first four decisions is unenforceable without this one. Ownership means nothing if no one can see what the model did. Tiering means nothing if high-risk uses leave no trace. The policy must decide what a record of AI use contains — the question, the context, the model version, the output, the human who reviewed it — and how long it survives. Decisions without evidence are indistinguishable from no decisions at all.
The Ten-Second Test
Take your current AI policy and put one question to it: can a collections agent use a public AI tool to draft an EMI reminder message that includes the customer's name and outstanding amount?
If the policy produces an answer — yes through the sanctioned tool, no to public tools, here is why — it is doing its job. If it produces a principle ("AI use must align with customer interest"), it has delegated the actual decision to the collections agent. Multiply that by every employee, every tool, and every working day. That is your real AI governance posture: hundreds of policy decisions per week, made at the edge, by the people least equipped to make them, recorded nowhere.
The Risk of Waiting
First, there is the supervisory read. When an examiner reviews an AI policy, the document is compared against operations — what the institution actually runs, what its people actually do. A policy full of principles and empty of decisions doesn't read as early-stage maturity. It reads as a board that approved something it did not engage with. That impression contaminates everything else on the table.
Second, there is the incident you cannot classify. When something goes wrong — a hallucinated figure in a customer communication, a model drifting against a protected group — the first question is whether the use was sanctioned, owned, and tiered. If the policy never decided, the institution cannot even say whether the incident was a violation. You cannot breach a boundary that was never drawn.
Third — and this is the one that compounds — every undecided question keeps getting answered daily by default. Usage patterns harden. Unsanctioned tools become workflow. By the time the real policy arrives, it is not writing on a blank page; it is fighting eighteen months of habit. The cost of deciding grows with every quarter the decisions are deferred.
Closing Thought
The RBI's FREE-AI framework asks boards to approve an AI policy, and most institutions will technically comply. The ones that benefit will be the ones that treat the exercise as what it actually is: a forcing function to make the five decisions above while they are still cheap to make. Decisions age well. Prose does not.
There is also a quieter implication. Decisions only govern if they are enforced where the work happens — in the flow of actual AI use, not in a PDF on the intranet. That is an architecture question as much as a policy question, and it is the gap Anvax exists to close: a governed layer where the policy's decisions are applied at the moment of use, and every application leaves a record. Because a decision that cannot be enforced or evidenced is, in the end, just another sentence in a document.