The Clock Is Running — And Most Enterprises Aren't Ready

Generative AI has gone from experimental curiosity to enterprise backbone in under three years. Yet in most organizations, the governance frameworks meant to keep that AI safe, fair, and accountable are still catching up. According to industry analysts, less than 30% of enterprises deploying AI have formal testing protocols in place — a gap that regulators around the world are increasingly determined to close. Singapore's announcement this week of the world's first international standard for testing generative AI is more than a regional policy update. It is a global inflection point that every enterprise deploying AI — regardless of geography — needs to take seriously. Enterprises that wait for these standards to be fully finalized before acting will already be behind.

What Just Happened: Singapore's Landmark Proposal Explained

On April 20, 2026, Singapore made a move that will reverberate across boardrooms and compliance teams globally. The country formally proposed ISO/IEC 42119-8, the world's first international standard specifically designed to test generative AI systems. The announcement came during a global AI standardization plenary hosted in Singapore — a significant milestone in itself, as it marked the first time this bi-annual meeting has ever been held in ASEAN.

Co-organized by the Infocomm Media Development Authority (IMDA) and Enterprise Singapore (Enterprise SG), the plenary brought together over 250 AI experts and representatives from more than 35 national bodies, including the US, UK, China, Japan, Germany, France, and South Korea. The proposed standard centres on two pillars: benchmarking — establishing reproducible, agreed criteria for measuring AI performance — and red teaming, the practice of systematically probing AI systems for weaknesses before they reach production.

The proposal builds directly on Singapore's existing AI governance infrastructure, including the AI Verify Toolkit and the Global AI Assurance Sandbox launched last year. This is not a standalone gesture — it is the next layer in a deliberate, multi-year architecture of trustworthy AI.

Source: Computer Weekly, April 2026

Why This Matters: The Speed Problem

"For AI, the standards-setting process cannot afford to move at a glacial pace — otherwise, it risks being made irrelevant by the speed of change in AI." — IMDA Chief Executive Ng Cher Pong, April 20, 2026

IMDA CEO Ng Cher Pong's warning at the opening of the plenary captures the central tension facing every enterprise deploying AI today. In just over three years, AI has evolved from generative AI — systems that produce text, images, and code — to multimodal AI capable of processing multiple data types simultaneously, and now to agentic AI, autonomous systems that plan and execute multi-step tasks without human intervention at each stage.

Regulatory and standards frameworks, by contrast, are still largely addressing generative AI. Agentic AI is already in enterprise pilots. This mismatch creates a dangerous compliance vacuum. Organizations deploying AI systems today may find themselves operating outside the bounds of standards that crystallize over the next 12 to 24 months — facing retrofit compliance efforts that are far more costly, and far more disruptive, than building governance in from the start.

Ng described standards as the infrastructure that enables interoperability, consistency, and trust at scale across national borders. Enterprises should think of AI testing standards the same way — not as regulatory overhead, but as the connective tissue that makes AI systems trustworthy at global scale.

What ISO/IEC 42119-8 Actually Means for Enterprises

For enterprise leaders, the practical question is not whether this standard matters — it clearly does. The question is what it will require and how soon. Here is what ISO/IEC 42119-8 is expected to mean on the ground.

Standardized Benchmarking

Today, AI vendors make performance claims using their own internal testing frameworks. Under ISO/IEC 42119-8, benchmarking methodologies will need to be standardized, reproducible, and comparable across systems and vendors. For procurement and compliance teams, this is significant: evaluating AI systems will increasingly mean asking not just "does it work?" but "how was it tested, and against what internationally recognised criteria?"

Red Teaming as a Governance Norm

Red teaming — the structured practice of stress-testing AI systems for failure modes, biases, and exploitable vulnerabilities — is already considered best practice among leading AI teams. ISO/IEC 42119-8 is expected to formalize it as a governance expectation. For enterprises, this means red teaming will need to shift from a one-off pre-deployment exercise to an ongoing, documented, and auditable practice.

Cross-Border Interoperability

For multinationals operating across Asia-Pacific, Europe, and North America, the current compliance environment is a patchwork of national AI frameworks with overlapping and sometimes conflicting requirements. A harmonized international testing standard reduces that friction meaningfully — enabling enterprises to demonstrate AI trustworthiness against a single recognized framework rather than separately satisfying each jurisdiction.

ISO/IEC 42001 as the Foundation

Changi Airport Group (CAG) recently became the first enterprise in Singapore to achieve certification under ISO/IEC 42001, the international standard for AI management systems, launched globally in December 2023. CAG has credited the certification with helping the organization build clearer internal accountability, structured risk assessment, and systematic oversight of AI use cases. Enterprises should view 42001 as the foundational layer — the management system — and 42119-8 as the next: the rigorous testing methodology that validates what that management system produces.

This is precisely the kind of structured assurance framework that platforms like Trusys.ai are built to support — from continuous audit trails to AI risk scoring that gives compliance teams real-time visibility. [Link to: Trusys AI Governance page]

The Global Standards Race: Why Asia-Pacific Matters

For enterprises headquartered outside Asia, it might be tempting to view Singapore's proposal as a regional development worth monitoring from a distance. That would be a strategic mistake.

Hosting the global AI standardisation plenary in ASEAN for the first time is a clear signal: Asia-Pacific is no longer peripheral to global AI governance conversations. It is increasingly shaping them. Singapore's recent partnership with the American National Standards Institute (ANSI) to deliver AI standards capacity-building workshops across ASEAN member states signals an organized, coordinated effort to bring the region into alignment with — and into the authorship of — international standards.

For multinationals with operations in Southeast Asia, this means compliance complexity is rising. Early alignment with ISO/IEC 42119-8 and related frameworks is not just prudent risk management — it is a competitive differentiator in markets where government and enterprise procurement increasingly requires demonstrated AI trustworthiness.

Three Actions Enterprises Should Take Right Now

Strategy is meaningless without execution. Here are three concrete steps enterprise leaders can begin this quarter.

Action 1 — Audit Your Current AI Testing Practices

Before you can close a gap, you need to know it exists. Map your organization's existing AI evaluation processes — however informal — against the benchmarking and red teaming expectations outlined in ISO/IEC 42119-8. Key questions to answer: Do you have documented testing methodologies for your AI systems? Are those methodologies reproducible and auditable? Have your AI systems been subject to structured adversarial testing? If the honest answer to any of these is "not really," that is your starting point. Identifying these gaps now — and addressing them proactively — is significantly less painful than doing so under regulatory pressure.

Action 2 — Begin ISO/IEC 42001 Certification Preparation

ISO/IEC 42001 is live, globally recognized, and increasingly expected by enterprise procurement teams and regulators. The Changi Airport Group example is instructive: certification is achievable, and the process of pursuing it yields governance dividends regardless of the final outcome. If your organization has not yet assessed readiness for 42001, begin that assessment now. Treat it as the foundation on which 42119-8 compliance will eventually rest. [Link to: ISO 42001 explainer]

Action 3 — Build Governance Infrastructure, Not Just Policies

A well-written AI ethics policy is not a governance programme. Enterprises need real-time AI monitoring, audit-ready documentation, and integrated risk scoring built into their AI deployment pipelines — not retrofitted after the fact. The organizations that struggle most with AI compliance are invariably those that treated governance as documentation rather than infrastructure. Every AI use case deployed without embedded monitoring, traceability, and risk assessment is a future liability. Build the infrastructure now, while the cost of doing so is manageable.

Closing: The Trust Dividend

AI differentiation is narrowing. As foundation models become commoditised and AI capabilities become broadly accessible, the enterprises that stand apart will be those that can demonstrate their AI systems are trustworthy — not just powerful. Singapore's push for global AI testing standards is a structural shift in how that trustworthiness will be defined, measured, and expected.

The enterprises that build their governance infrastructure now will not merely avoid regulatory risk. They will earn something more durable: the confidence of customers who trust their data is protected, of partners who trust their AI outputs, and of regulators who view them as responsible actors rather than compliance risks.

Trustworthiness, built intentionally and verified rigorously, is the competitive moat that no model update can erode.

Trusys.ai helps enterprises build the governance foundation that global AI standards demand.

Source: Singapore pushes for global standard to test generative AI — Computer Weekly, April 2026