Nedbank’s Board Bets on AI for Digital Services

A big bank doesn’t change its board committees lightly. When it does—especially by bringing in senior leaders with deep experience in AI, cybersecurity, cloud modernisation, and digital banking platforms—it’s a signal that digital risk and digital growth have moved from “IT’s problem” to “the board’s responsibility.”

That’s exactly what Nedbank did by appointing Natasha Davydova and Sanat Rao to its Group IT Committee, and Dixit A Joshi to the Group Risk and Capital Management Committee, effective 15 January 2026. Read plainly: Nedbank wants sharper oversight on the technology decisions that now shape customer experience, fraud exposure, and new revenue.

For South African e-commerce and digital service providers, this matters more than it might look at first glance. Banks sit in the middle of almost every online transaction—payments, identity checks, credit decisions, chargebacks, fraud controls. When a bank treats AI and cyber as board-level priorities, the whole ecosystem feels it.

Why these appointments matter for AI in South Africa’s digital economy

Answer first: Nedbank’s appointments show that AI, cybersecurity, and responsible tech adoption are now strategic governance issues—not operational afterthoughts.

It’s easy to assume “AI strategy” lives inside product teams and data science squads. Most companies get this wrong. AI doesn’t fail because the model is weak; it fails because of bad incentives, unclear accountability, messy data ownership, and unmanaged risk. Those are governance problems.

Nedbank is effectively acknowledging three realities that also apply to e-commerce and digital services in South Africa:

• Digital trust is the product. If customers don’t trust your fraud controls, privacy posture, or uptime, they won’t transact.
• Regulated environments don’t forgive sloppy AI. Financial services sets the tone for compliance expectations across industries.
• Technology decisions now drive capital outcomes. Cyber incidents, outages, and model risk can affect profitability as directly as pricing.

There’s also a timely angle here. Late December is when many businesses look back at peak-season performance. If you ran online campaigns over Black Friday and the festive rush, you already know where the pressure lands: payment success rates, fraud spikes, customer support backlogs, and delivery updates. Those pain points are increasingly handled with AI—when it’s governed properly.

What “AI at board level” actually changes (beyond the press release)

Answer first: Board-level AI expertise changes three things fast: investment discipline, risk tolerance, and how quickly digital priorities become non-negotiable.

When a board has members who understand cloud architecture, cyber trade-offs, and AI failure modes, conversations change. The questions get sharper. Budget approvals get more precise. And “we’ll fix it later” becomes harder to defend.

1) Investment decisions become more practical

Boards without deep tech expertise often approve vague programmes like “digital transformation” with unclear milestones. Tech-literate boards push for specifics:

• What’s the target architecture (and by when)?
• Which customer journeys will improve measurably this quarter?
• What’s the expected reduction in fraud losses or call-centre load?
• What’s the plan for data quality and model monitoring?

This is relevant to e-commerce too. If your AI roadmap is still “we want personalisation,” you’re not ready. The better framing is: “Which revenue or cost line changes, and how will we measure it weekly?”

2) Cybersecurity becomes tied to customer experience

In 2026, customers won’t separate “security” from “service.” A step-up authentication prompt, a payment decline, or an account lockout is part of the experience.

Board-level cyber oversight pushes organisations to balance:

• fraud controls vs conversion rates
• identity checks vs checkout friction
• security alerts vs support capacity

If you sell online in South Africa, you’ve likely seen the trade-off first-hand: tighten fraud rules and you may reduce chargebacks—but you can also tank approvals for legitimate customers.

3) Responsible AI becomes a business requirement, not PR

Nedbank explicitly highlights AI, machine learning, and AI ethics experience in these appointments. That’s not academic. AI decisions can create real harm:

• biased credit or affordability outcomes
• unfair “fraud” flags that block certain customers
• opaque automated decisions with no explanation pathway

The organisations that win will be the ones that treat responsible AI like quality assurance: defined standards, audit trails, and escalation paths.

Snippet-worthy truth: AI governance isn’t about slowing teams down; it’s about preventing expensive surprises.

What Nedbank’s new directors signal about priorities

Answer first: The combined backgrounds of Davydova, Rao, and Joshi point to four priorities: cloud modernisation, AI-driven operations, secure digital channels, and tighter risk governance.

Nedbank’s statement highlights expertise that maps directly to what’s happening across digital services.

Natasha Davydova: commercial AI, cloud, and cyber in regulated environments

Davydova has served as CIO of AXA UKI and held senior roles across major enterprise tech and financial services organisations. Nedbank notes her expertise in digital transformation, cloud and infrastructure modernisation, cybersecurity, AI and machine learning, and operational risk—a very specific combo.

That combo matters because many AI ambitions die on infrastructure reality. If your data is scattered across legacy systems, your AI team spends 80% of its time doing plumbing. A board that understands modernisation can push the hard work through—clean data layers, reliable pipelines, and better resiliency.

For e-commerce operators, the parallel is direct: you can’t “personalise” on broken product feeds, inconsistent customer IDs, or unreliable event tracking. Fixing the pipes is the strategy.

Sanat Rao: digital banking transformation and AI ethics

Rao brings a blend you don’t often see together: deep leadership in digital banking platforms plus formal study in AI ethics and society and behavioural dimensions of technology adoption.

That last part is underrated. AI projects don’t fail because people dislike technology; they fail because the tool changes workflows and incentives.

If you run a digital services team, ask yourself:

• Will agents trust the AI’s suggested replies?
• Will finance trust automated dispute decisions?
• Will risk teams accept model outputs without explainability?

Adoption is a design problem. Rao’s background suggests Nedbank wants to get this right.

Dixit A Joshi: capital markets and risk discipline

Joshi’s experience as CFO at a major global financial institution signals focus on risk, capital management, and financial discipline. In an AI era, that matters because model risk is financial risk:

• fraud losses are P&L events
• outages create compensation costs and brand damage
• regulatory findings can restrict product moves

For high-growth e-commerce brands chasing speed, this is a useful reminder: if you can’t explain your automated decisions or prove your controls work, you’re building on sand.

Practical lessons for e-commerce and digital service leaders in SA

Answer first: Treat AI like a product and a risk programme—then measure it with the same seriousness you apply to revenue.

Here’s what I’ve found works when you want AI to drive real customer engagement without creating operational chaos.

Build your “AI governance pack” before you scale

You don’t need a bank-sized framework, but you do need a lightweight set of rules. Start with:

1. Use-case register: every AI use case, owner, and business KPI.
2. Data map: where training and inference data comes from, and who owns quality.
3. Model monitoring: drift checks, performance thresholds, and rollback plans.
4. Human-in-the-loop points: where humans must review decisions (refunds, fraud blocks, credit offers).
5. Customer recourse: how customers can appeal automated outcomes.

If you can’t explain your AI system to a non-technical exec in two minutes, it’s not governed.

Use AI where customers actually feel it

AI that customers notice tends to land in four areas:

• Search and product discovery: better relevance, synonyms, and personalised ranking.
• Customer support automation: faster resolution with clear escalation.
• Fraud and identity: fewer false declines and smarter step-up verification.
• Retention and lifecycle marketing: better timing and content, less spam.

The best use cases balance experience and cost. Example: an AI support assistant that resolves delivery-status queries can reduce ticket volume during peak season, while still escalating payment disputes to humans.

Make cybersecurity part of your conversion strategy

This is the uncomfortable truth: security teams and growth teams are solving the same problem—who can you trust.

If you’re scaling online sales, align these functions around shared metrics:

• payment approval rate (by channel and risk tier)
• fraud loss rate
• chargeback ratio
• account takeover attempts detected vs blocked
• average time to resolve disputes

When those numbers are visible weekly, you stop arguing and start tuning.

Don’t ignore AI ethics—customers won’t

Responsible AI sounds abstract until you’re dealing with angry customers whose accounts were locked “for security reasons,” or whose applications were rejected with no explanation.

Do three simple things:

• Explain outcomes in plain language. Not technical logs—customer-readable reasons.
• Audit for bias. Check outcomes by region, device type, language, and income proxies.
• Design for recovery. Quick paths to verify identity, restore access, and resolve disputes.

Banks are forced to do this. E-commerce brands should copy the discipline.

What to expect next: boardroom tech focus will spill into the ecosystem

Answer first: When banks treat AI and cyber as board priorities, partners will feel stricter requirements—and better shared infrastructure.

Over the next 12–24 months, expect more of the following in South Africa’s digital commerce landscape:

• Tighter third-party risk checks for merchants, platforms, and service providers.
• More demand for auditability: model documentation, incident response readiness, and data handling clarity.
• Better fraud collaboration across payment ecosystems, because losses are now tracked and governed more aggressively.
• Rising expectations for reliability: customers won’t tolerate downtime in peak periods.

If you provide digital services—payments, lending, subscription billing, marketplaces—this is a good time to stress-test your AI and security posture before someone else does it for you.

One-liner to remember: The fastest-growing digital businesses will be the ones that can prove they’re trustworthy at scale.

Next steps for teams building AI-powered digital services

If you’re following our series on how AI is powering e-commerce and digital services in South Africa, Nedbank’s board move is a useful compass: AI is no longer an “innovation” department topic. It’s operational, financial, and reputational.

A practical next step is to run a 30-day internal sprint:

• Pick one customer journey (checkout, support, refunds, onboarding).
• Identify one AI improvement and one risk control to ship together.
• Measure impact weekly with a small set of KPIs.

If you want help prioritising AI use cases, setting up responsible AI guardrails, or mapping cybersecurity to conversion and retention, that’s exactly the kind of work that turns interest into reliable growth.

What would change in your business if AI decisions had to stand up to board-level scrutiny?