How AI Governance Works in the United Nations System

A practical guide to how AI governance operates across the United Nations system, drawing on 20 years of experience at ESCWA, UNHCR, UNICEF, and UNOCHA.

Published 2026-05-09 · By Shahzad Asghar

AI governance in the United Nations is not a theoretical exercise. It is a set of practical decisions about who controls data, who audits algorithms, and who is accountable when automated systems affect the lives of displaced people, member states, and development programmes.

I have spent over 20 years working across UNESCWA, UNHCR, UNICEF, and UNOCHA. In that time, I have learned that AI governance in the UN system operates under constraints that most technology organizations never face. This article explains how it works in practice.

Why AI Governance Is Different in the UN

The United Nations is not a single organization. It is a system of agencies, funds, and programmes, each with its own mandate, data policies, and accountability structures. When I deploy an AI system at ESCWA, the governance requirements differ fundamentally from those at UNHCR.

At UNHCR, the primary concern is protection. Every data point potentially identifies a refugee. Every algorithm that classifies, prioritizes, or routes information carries risks that extend beyond operational efficiency to physical safety. AI governance here means ensuring that no automated decision compromises the principle of do no harm.

At ESCWA, the focus shifts to member state sovereignty. AI systems that analyze economic data, generate policy recommendations, or process development indicators must respect the data ownership rights of 20+ Arab member states. Governance here means building transparent systems that member states trust enough to share their data.

The Four Pillars I Use

Through years of implementation, I have developed a practical framework built on four pillars:

1. Data Governance Before AI Governance

You cannot govern AI if you do not govern data. At UNHCR Jordan, I led a forensic data integrity analysis that identified 63,000 missing contacts and resulted in 165,000 records being inactivated. This work preceded any AI deployment because the AI systems would have inherited and amplified those data quality problems.

2. Accountability by Design

Every AI system I build includes named ownership. When I designed Digital AAP, the AI-enabled accountability platform selected for the UN Global Pulse Accelerator, I ensured that every automated classification had a human reviewer assigned by role, not by name. People rotate. Accountability structures must not.

3. Security as a Governance Function

At UNHCR Jordan, I established the operation's first cybersecurity governance framework. This was not an IT project. It was a governance project that happened to involve technology. The framework covered data classification, access controls, incident response, and vendor management. Without these controls, no AI system can operate responsibly.

4. Transparency That Serves the Field

Governance documentation that sits in a SharePoint folder does not govern anything. I write governance frameworks that field staff can understand and apply. The NIST AI Risk Management Framework provides a useful structure, and I have adapted its principles for UN operating environments. You can read my practical guide to NIST AI RMF implementation.

Frameworks That Guide This Work

Several international frameworks inform AI governance in the UN system:

  • UNESCO Recommendation on the Ethics of AI provides the normative baseline that UN agencies reference when developing AI policies
  • The OECD AI Principles establish interoperability standards that matter when UN agencies work with government partners
  • The EU AI Act creates compliance requirements for any UN system that processes data from or about European citizens
  • The NIST AI Risk Management Framework offers a practical, function-based approach that I have found most useful for operational implementation

What Makes This Hard

The hardest part of AI governance in the UN is not writing policies. It is making them work in environments where staff rotate every two to three years, where field offices operate with minimal IT support, and where the urgency of humanitarian response creates pressure to deploy systems before governance frameworks are ready.

I address this by building governance into the technology itself. Access controls, audit logs, classification rules, and human review requirements are coded into the system, not appended as policy documents.

For a deeper look at my approach to AI governance in the United Nations, visit my comprehensive guide to UN AI governance.

The Path Forward

AI governance in the UN system will continue to evolve. The establishment of the UN Independent International Scientific Panel on AI and the Global Dialogue on AI Governance signal that institutional attention is growing. But the real work happens at the operational level, in agencies and field offices where AI systems interact with vulnerable populations.

That is where I focus my work. Not on governance as theory, but on governance as practice.

← All articles