Learning from United Way, Oxfam, and Save the Children: Best-in-Class AI Policies

Before examining specific policy examples, it's essential to understand the magnitude and implications of the nonprofit AI governance gap. Research from organizations including Whole Whale and Forvis Mazars consistently finds that while the vast majority of nonprofits have adopted AI tools, only a small fraction have created formal governance structures. This gap has widened as AI adoption accelerated through 2024 and 2025, with organizations rushing to implement tools without establishing foundational policies.

The risks of ungoverned AI use manifest in multiple ways. Data privacy violations occur when staff upload sensitive beneficiary information to AI platforms that retain data for training purposes or share information with third-party partners. Algorithmic bias creeps into decision-making when AI tools trained on biased data sets influence hiring, service delivery, or resource allocation. Mission drift happens gradually as organizations optimize for what AI can measure rather than what matters most to their missions. Donor trust erodes when organizations cannot transparently explain how they use AI or demonstrate that technology serves rather than supplants human judgment.

Several factors have contributed to this governance gap. Many nonprofit leaders feel overwhelmed by the pace of AI development and uncertain about their technical capacity to create effective policies. Limited resources mean AI governance competes with numerous other priorities. The absence of sector-specific regulatory requirements creates a vacuum where organizations wait for external mandates rather than proactively establishing internal frameworks. Perhaps most significantly, many organizations view AI policy development as a technical challenge rather than a governance and values alignment exercise that leadership and boards are well-equipped to address.

The good news is that effective AI governance doesn't require technical expertise or massive resources. As we'll see from the examples of United Way, Oxfam, and Save the Children, the most important elements are clarity about organizational values, systematic thinking about risks and opportunities, and commitment to aligning technology decisions with mission. Organizations that have implemented policies report that the process often takes less time than anticipated and generates valuable organizational alignment beyond just AI governance.

Oxfam International's AI governance framework stands out for its comprehensive, rights-based approach grounded in fairness, accountability, and transparency. The organization has articulated clear principles that connect AI governance to their broader commitment to human rights and social justice, creating a model particularly relevant for international nonprofits working across diverse cultural contexts. Oxfam grounds their AI safeguards in the UN Guiding Principles on Business and Human Rights, demonstrating how established international frameworks can guide technology governance.

The rights-based framework means Oxfam evaluates AI applications not just for effectiveness or efficiency, but for their impact on human dignity, agency, and equity. This orientation leads to different questions than a purely technical evaluation would generate. Rather than asking simply whether AI can perform a task, Oxfam asks whether AI performing that task respects the rights and dignity of affected individuals, whether it reinforces or challenges existing power imbalances, how it affects the most marginalized groups, and whether benefits and risks are distributed equitably.

Oxfam's approach pays particular attention to cultural context and the realities of working in the Global South. The organization recognizes that AI systems trained predominantly on data from wealthy countries may perform poorly or reinforce biases when applied in different cultural contexts. They have established protocols for evaluating whether AI tools are appropriate for specific cultural settings, ensuring that beneficiary communities have voice in decisions about technology affecting them, and adapting AI applications to local contexts rather than imposing one-size-fits-all solutions.

The framework emphasizes transparency as both a practical necessity and a human rights commitment. Oxfam believes that people affected by AI-informed decisions have a right to understand how those decisions were made, what data informed them, and what recourse exists when AI produces harmful outcomes. This commitment to transparency extends to donors and partners, with Oxfam openly discussing both the benefits and limitations of their AI applications.

Accountability mechanisms form a crucial part of Oxfam's governance structure. The organization has established clear lines of responsibility for AI decisions, regular audits of AI systems for bias and effectiveness, processes for affected individuals to challenge AI-informed decisions, and mandatory impact assessments before deploying AI in sensitive contexts. These accountability structures ensure that commitments to rights-based AI translate into operational realities rather than remaining aspirational statements.

While United Way, Oxfam, and Save the Children have developed distinct approaches tailored to their unique missions and contexts, several common themes emerge that offer valuable lessons for any nonprofit developing AI governance. These shared elements represent consensus best practices that transcend organizational specifics and provide a foundation for effective AI policy regardless of sector or size.

First, all three organizations treat AI governance as fundamentally about values and mission rather than merely technical capabilities. They begin policy development by articulating core principles, connecting AI governance to existing organizational commitments, and establishing clear criteria for when AI serves mission and when it doesn't. This values-first orientation prevents the common trap of adopting technology because it's available rather than because it advances purpose, and it creates stable guidance that remains relevant even as specific AI tools evolve.

Second, effective policies balance enabling innovation with establishing clear boundaries. None of these organizations takes an absolutist stance, either prohibiting AI entirely or allowing unrestricted use. Instead, they create frameworks that encourage beneficial AI applications while clearly defining prohibited uses and requiring special scrutiny for high-risk applications. This nuanced approach recognizes that AI offers genuine benefits while also posing real risks that require active management.

Third, robust governance requires ongoing oversight rather than one-time policy creation. All three organizations have established processes for regular review of AI applications, monitoring for bias and unintended consequences, updating policies as technology and organizational needs evolve, and responding to problems when they arise. This commitment to active governance reflects understanding that AI deployment is not a set-it-and-forget-it proposition but requires sustained attention.

Fourth, transparency serves as both an ethical commitment and a practical necessity. These organizations communicate openly about AI use with stakeholders, document decision-making processes, and create accountability mechanisms. This transparency builds trust with donors and beneficiaries, enables external oversight that catches problems internal processes might miss, and creates organizational discipline around AI decisions.

Fifth, effective AI governance involves diverse perspectives rather than delegating decisions solely to technical staff. All three organizations involve program staff who understand service delivery realities, beneficiary representatives who can identify potential harms, leadership who can ensure strategic alignment, and external expertise when internal capacity is insufficient. This multi-stakeholder approach produces more robust decisions than any single perspective could generate.

The examples from United Way, Oxfam, and Save the Children demonstrate that effective AI governance doesn't require matching the scale or resources of these large international organizations. The fundamental approaches, starting with values, tailoring to mission, involving diverse perspectives, and committing to ongoing oversight, apply equally to organizations with $500,000 budgets as to those with $50 million budgets. The key is adapting these principles to your specific context rather than attempting to replicate frameworks designed for different circumstances.

Begin by assembling a small working group that includes diverse organizational perspectives. This doesn't need to be a large committee; three to five people with different roles and viewpoints can be highly effective. Include someone who understands your programs and beneficiaries, someone with technology or data management responsibility, someone from leadership who can ensure strategic alignment, and ideally someone who can represent beneficiary perspectives or serve as an ethics voice. This group becomes your AI governance core team.

Start your policy development with a values discussion rather than jumping immediately to rules and procedures. Spend time discussing what matters most to your organization about AI use. What opportunities does AI present for advancing your mission? What risks or concerns keep you up at night? How do your existing organizational values apply to AI decisions? This values conversation creates the foundation for everything else and ensures your policy feels coherent with organizational identity.

Conduct a realistic assessment of your current AI use. Many organizations discover they're using more AI than they initially realized once they inventory tools across departments. Document what AI tools are currently in use, what data is being shared with these tools, which decisions or processes involve AI, and where staff feel uncertain about whether AI use is appropriate. This inventory identifies gaps between current practice and desired governance while revealing where guidance is most urgently needed.

Draft a simple initial policy focused on essential elements rather than trying to address every possible scenario. Cover your core principles and values regarding AI, clear categories of encouraged, approval-required, and prohibited uses, essential data protection requirements, and processes for questions, approvals, and escalation. You can always add detail later based on actual experience. A simple policy that gets used beats a comprehensive policy that sits on a shelf.

Implement with intention to learn rather than seeking perfection. Roll out your policy with explicit framing that you'll refine it based on experience, create easy channels for feedback and questions, track where staff encounter confusion or barriers, and schedule a formal review after three to six months. This learning orientation reduces anxiety about getting everything perfect initially while building organizational muscle for ongoing governance.