AI Governance Bill To Enshrine Human And Organisational Accountability, Says Gobind

Digital Minister Gobind Singh Deo has outlined how Malaysia's AI Governance Bill will place legal responsibility on people and institutions deploying artificial intelligence systems, rather than on the technology itself. Speaking in parliament on June 24, Gobind explained that because AI lacks legal personality and moral agency, accountability must be assigned to those who develop, supply, manage, or deploy the systems. This foundational principle addresses a critical gap in existing law, as the technology expands into daily operations across both government and private enterprise.

The accountability framework being developed represents a comprehensive approach that tracks AI systems from their initial conception through to eventual decommissioning. Gobind stressed that risks and failures do not emerge at a single point in an AI system's lifecycle. A platform initially considered safe can become problematic when adapted for new purposes, integrated with other technologies, or applied to populations beyond its original design parameters. This reality necessitates multiple checkpoints and oversight mechanisms throughout the development and deployment pipeline, he suggested.

The government has consciously designed the bill as a horizontal governance structure that works alongside existing legislation rather than displacing sector-specific regulations. Gobind clarified that where AI issues intersect with criminal law, consumer protection, intellectual property rights, or other specialised domains, the relevant existing laws and regulatory bodies will maintain their authority. This layered approach prevents the new framework from creating jurisdictional conflicts while still establishing overarching principles applicable across industries.

Government oversight will not extend to directly controlling the outputs or content that AI systems generate, Gobind indicated. Instead, the legislative focus targets preventive governance mechanisms designed to mitigate risks before they materialise. This distinction matters for innovation—the government seeks to establish guardrails rather than content gatekeeping, recognising that excessive upstream control could stifle development of beneficial applications.

Among the mechanisms being examined is a mandatory AI incident reporting system. Such reporting would furnish authorities with real-time data on system failures, enabling pattern identification and coordinated prevention of recurring problems. By aggregating incident information across the economy, regulators could develop risk intelligence that guides both enforcement and industry best practices. This approach mirrors successful models in aviation and pharmaceuticals, where incident databases have substantially enhanced safety over decades.

A regulatory sandbox represents another tool under consideration. The controlled environment would allow developers, companies, and government agencies to collaborate in testing AI systems before broader commercial deployment. Participants would operate under relaxed regulatory requirements while maintaining safety oversight, enabling faster iteration and refinement without exposing the public to untested technologies. Such sandboxes have proven effective in fintech and other innovation-heavy sectors across Southeast Asia.

The legislative initiative reflects growing recognition that AI governance cannot simply extend existing technology regulation frameworks. As Gobind noted, accountability cannot rest with the algorithm itself—human responsibility must be clearly assigned and enforceable. This philosophical foundation distinguishes the Malaysian approach from purely technical standards or voluntary industry codes, embedding accountability into law itself.

The timing reflects Malaysia's positioning within regional AI development trends. Countries across Southeast Asia are simultaneously grappling with similar governance questions as AI adoption accelerates. Thailand, Indonesia, and Singapore are pursuing their own regulatory pathways, creating potential divergence in standards. A clearly articulated Malaysian framework could establish competitive advantage by offering developers certainty about accountability expectations while signalling to investors and users that the country maintains rigorous safety standards.

Government commitment to protecting public interests while supporting innovation marks a deliberate balancing act. Gobind stated explicitly that the bill aims to enable safe, responsible, and reliable AI development and adoption within Malaysia. This formulation acknowledges that excessive regulation risks driving innovation offshore, while insufficient oversight exposes citizens to preventable harms. The framework attempts to navigate this tension by focusing on lifecycle accountability and incident management rather than output censorship.

The bill's development also reflects pressure from citizens increasingly experiencing AI-related challenges. As Khoo Poay Tiong noted in parliament, the public seeks legal certainty about who bears responsibility when AI systems cause harm. Current law provides limited recourse because accountability gaps exist—traditional product liability assumes human decision-making, while AI systems operate with degrees of autonomy that complicate attribution. The governance bill addresses this vacuum directly.

Implementing the framework will demand coordination across multiple agencies and industries. Government bodies must harmonise their approaches while working with private sector developers to establish practical compliance mechanisms. Early consultation with industry appears crucial—overly rigid requirements could prove technically infeasible, while loose standards would undermine accountability objectives. The sandbox mechanism offers a venue for this iterative development.

For Malaysian businesses, particularly those developing AI applications or operating in regulated sectors, the framework will create both obligations and opportunities. Companies that proactively implement robust governance practices aligned with the coming legislation will avoid regulatory surprises. Conversely, those unprepared for accountability requirements may face enforcement action or reputational damage when incidents occur. The clear articulation of principles provides time for adjustment before legislative implementation.

The governance bill represents Malaysia's entry into a crowded field of global AI regulation. From the European Union's AI Act to China's algorithmic governance directives, countries worldwide are establishing accountability frameworks. Malaysia's approach appears pragmatic—neither as comprehensive as European regulation nor as state-directed as Chinese models, but firmly anchoring human responsibility. As implementation proceeds, the actual effectiveness of these mechanisms will determine whether the balance between innovation and safety is properly calibrated.