What Is the ASEAN Guide on AI Governance and Ethics?
The ASEAN Guide on AI Governance and Ethics is a voluntary framework adopted in February 2024 by all 10 ASEAN member states. It provides a common set of principles and practical guidance for responsible AI development and deployment across the region.
In January 2025, ASEAN published an expanded edition specifically addressing Generative AI, and in March 2025 adopted the ASEAN Responsible AI Roadmap (2025-2030) to coordinate member states' implementation efforts.
While the guide is not legally binding, it is increasingly shaping national AI policies across the region. Singapore, Malaysia, Indonesia, Thailand, Vietnam, and the Philippines are all using it as a foundation for their own AI governance frameworks — some of which are becoming mandatory.
Why This Matters for Businesses
Southeast Asia is one of the fastest-growing digital economies in the world. The ASEAN digital economy is projected to reach $2 trillion by 2030. If your company develops or deploys AI in any ASEAN market, this guide represents the baseline expectation for responsible AI behavior.
More practically:
- National regulators reference it: Singapore's IMDA, Malaysia's NAIO, Indonesia's Ministry of Communication, and others cite the ASEAN Guide when developing local requirements
- Financial regulators align with it: MAS (Singapore), BNM (Malaysia), OJK (Indonesia), and BOT (Thailand) have all incorporated its principles into sector-specific rules
- DEFA will formalize it: The ASEAN Digital Economy Framework Agreement (expected by end of 2026) will create legally binding AI governance interoperability rules based on these principles
The Seven Guiding Principles
The ASEAN Guide establishes seven core principles for AI systems:
1. Transparency and Explainability
AI systems should be designed to be transparent. Users and affected individuals should understand how AI decisions are made, to the extent that is technically feasible and appropriate to the risk level.
2. Fairness and Equity
AI systems should not produce unfair bias or discrimination. Developers and deployers should assess and mitigate potential biases throughout the AI lifecycle, with particular attention to impacts on vulnerable groups.
3. Accountability and Responsibility
Clear lines of accountability must exist for AI systems. Organizations should designate individuals or teams responsible for AI governance, and there should be mechanisms for redress when AI causes harm.
4. Human-Centricity
AI should be developed and used for the benefit of people and society. Human oversight should be maintained for high-risk AI applications, and individuals should have the ability to opt out of AI-driven decisions that significantly affect them.
5. Reliability and Safety
AI systems should be robust, reliable, and safe. This includes adequate testing, monitoring for performance degradation, and mechanisms to handle failures gracefully without causing harm.
6. Privacy and Data Governance
AI systems must respect data privacy and comply with applicable data protection laws. Data used for AI training should be collected, stored, and processed in accordance with national data protection frameworks.
7. Responsible Stewardship
Organizations should act as responsible stewards of AI technology, considering long-term societal impacts and contributing to the broader AI governance ecosystem.
The Generative AI Expansion (January 2025)
The expanded guide for Generative AI addresses risks specific to large language models, image generators, and other GenAI systems. Key additions include:
Nine Focus Areas for GenAI Governance
- Accountability: Clear ownership of GenAI outputs and decisions
- Data governance: Responsible sourcing and handling of training data, including copyright considerations
- Trusted development and deployment: Safety testing, red-teaming, and staged rollouts
- Content provenance: Mechanisms to identify and label AI-generated content
- Incident reporting: Processes for detecting, reporting, and responding to GenAI incidents
- Testing and assurance: Regular evaluation of GenAI model capabilities and limitations
- Cybersecurity: Protection against adversarial attacks, prompt injection, and data poisoning
- Transparency: Disclosure of GenAI use, capabilities, and limitations to users
- Human oversight: Maintaining meaningful human control over GenAI applications
The ASEAN Digital Economy Framework Agreement (DEFA)
DEFA is expected to be the most significant development for AI governance in the region. Key points:
- Status: Substantial conclusion reached in negotiations; expected signature by end of 2026
- Scope: Legally binding digital trade rules covering cross-border data flows, digital payments, cybersecurity, and AI governance
- AI provisions: Will create interoperability standards for AI governance across ASEAN members
- Impact: Will harmonize some aspects of AI regulation that currently vary by country
For businesses, DEFA means that operating across multiple ASEAN markets will eventually become simpler — but compliance standards may also become more uniform and potentially more stringent.
How Countries Are Implementing the Guide
| Country | National Framework | Status | Binding? |
|---|---|---|---|
| Singapore | Model AI Governance Framework + PDPA | Operational | PDPA: Yes; AI Framework: Voluntary |
| Malaysia | AIGE Guidelines + PDPA | Operational | PDPA: Yes; AIGE: Voluntary |
| Indonesia | Perpres on AI Ethics + UU PDP | Expected early 2026 | PDP Law: Yes; AI Perpres: Pending |
| Thailand | Draft AI Law + PDPA | Draft stage | PDPA: Yes; AI Law: Pending |
| Vietnam | AI Law No. 134/2025 | Effective March 2026 | Yes (first binding AI law in SEA) |
| Philippines | NPC AI Guidelines + DPA | Operational | DPA: Yes; Guidelines: Advisory |
How to Align Your Business
For Companies Operating in a Single ASEAN Market
Follow the national framework for that country (see our dedicated guides for each jurisdiction). The ASEAN Guide provides useful supplementary guidance, especially for areas not yet covered by national regulations.
For Companies Operating Across Multiple ASEAN Markets
Use the ASEAN Guide's seven principles as your baseline governance framework, then layer on country-specific requirements. This approach:
- Gives you a consistent internal AI governance standard
- Ensures you meet the minimum expectations across all markets
- Prepares you for DEFA harmonization when it takes effect
Practical Steps
- Map your AI systems to the seven ASEAN principles
- Conduct a gap analysis against each country's specific requirements
- Implement a regional AI governance framework based on the ASEAN Guide
- Train your teams on both regional principles and national requirements
- Monitor regulatory developments — 2026 is a critical year with Vietnam's AI Law, Indonesia's Perpres, Malaysia's potential legislation, and Thailand's draft AI law all converging
Related Regulations
- Singapore Model AI Governance Framework: The most mature implementation of ASEAN principles
- Vietnam AI Law (No. 134/2025): First binding AI law in SEA
- EU AI Act: Global reference framework that influenced ASEAN's approach
- Colorado AI Act: Similar risk-based approach in the US context
Frequently Asked Questions
No, the ASEAN Guide is voluntary. However, member states are increasingly incorporating its principles into national laws and regulations. Vietnam has enacted a binding AI law, Indonesia is finalizing mandatory requirements, and Malaysia is considering dedicated AI legislation. The upcoming DEFA agreement may formalize some of these principles as binding cross-border standards.
Yes. In January 2025, ASEAN published an expanded edition specifically addressing Generative AI governance. It adds nine focus areas including content provenance, incident reporting, cybersecurity against prompt injection, and transparency requirements for GenAI systems.
The ASEAN Guide serves as a regional baseline. Each member state develops its own national framework — some voluntary (Singapore, Malaysia), some mandatory (Vietnam). National laws take precedence, but the ASEAN Guide provides consistency for companies operating across multiple markets.
DEFA (ASEAN Digital Economy Framework Agreement) is a legally binding trade agreement covering digital commerce, data flows, cybersecurity, and AI governance across ASEAN. Negotiations reached substantial conclusion, and signature is expected by end of 2026. It could enable the ASEAN digital economy to reach $2 trillion by 2030.
Yes, for three reasons: (1) It represents the baseline expectation that regulators across the region use when evaluating AI practices. (2) It prepares you for mandatory requirements that are rapidly emerging. (3) It provides a consistent framework for multi-market operations. Companies that align with the ASEAN Guide now will find it much easier to comply with binding requirements as they roll out.
References
- ASEAN Guide on AI Governance and Ethics. ASEAN Secretariat (2024). View source
- Expanded ASEAN Guide on AI Governance and Ethics — Generative AI. ASEAN Secretariat (2025). View source
- ASEAN Digital Economy Framework Agreement Progress Update. World Economic Forum (2025)