Oversight in the AI era: understanding the audit committee’s role

Insight
June 03, 2025

Artificial intelligence is no longer on the business sidelines — it’s at the core of strategy, operations, innovation and growth. As AI continues to transform business models and unlock new opportunities, boards — and particularly audit committees —have an important role to play in overseeing the risks associated with its use.

While the upside of AI is significant, so too are the risks. To help unlock its full potential, companies need strong governance, risk management, and control frameworks. Below we’ve outlined 6 areas of key risk oversight for audit committees.

Key Areas of Audit Committee Oversight in the Age of AI

1. Financial Reporting, Internal Controls, and Financial Statements

AI is streamlining financial reporting through automation, forecasting, and disclosure drafting. Audit committees must ensure internal controls over financial reporting are updated, risks are managed, and human oversight validates AI outputs.

2. Internal Audit

Internal audit is using AI to enhance planning, testing, and reporting. Audit committees should ensure strong governance over these tools and understand how AI is reshaping audit strategies and skills.

3. External Audit

External auditors are adopting AI to improve audit efficiency and insight. Audit committees should ask how these tools are tested, how risks are addressed, and how regulators are responding.

4. Compliance, Ethics and Fraud Prevention

AI supports compliance by monitoring behavior, analyzing regulation and detecting fraud but ethical use, misuse, etc is also a factor. Committees must oversee how AI is managed, ensure ethical use, and guard against misuse like deepfakes or phishing.

5. Risk Management

AI can improve risk identification and prediction. Audit committees should ensure AI risks are fully integrated into ERM programs and that high-risk models are properly governed and monitored.

6. Cybersecurity

AI enhances both cyber defense and cyber threats. Committees should work with security leaders to understand how AI is used for threat detection and how the company is protecting against AI-driven attacks.

Get the full report here

(PDF of 1.89MB)

Contact us

Ray Garcia

Partner & Leader, Governance Insights Center, PwC US

Stephen G. Parker

Partner, Governance Insights Center, PwC US

Barbara Berlin

Managing Director, Governance Insights Center, PwC US

Tracey-Lee Brown

Director, Governance Insights Center, PwC US

© 2017 - 2025 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.