Examining Kenya’s Artificial Intelligence Bill Amid Geopolitical Pressure and Regulatory Challenges
Across jurisdictions, approaches to artificial intelligence (AI) governance are increasingly converging on flexible, principles-based frameworks. These frameworks aim to balance innovation with oversight, rather than imposing rigid, prescriptive rules at an early stage of ecosystem development. However, Kenya’s Senator Karen Nyamu has proposed a comparatively hard regulatory approach in the Artificial Intelligence Bill, 2026. This is notable at a time when global trends favour adaptive models where regulatory frameworks prioritize principles over prescriptive legislation, balancing innovation with oversight.
Early-stage AI deployment in Kenya is already demonstrating tangible value in high-impact sectors such as telecommunications and financial services. In telecommunications, AI is being used to optimize network performance, enhance customer experience through chatbots and predictive analytics, and strengthen fraud detection and cybersecurity. In financial services, AI-driven credit scoring, fraud monitoring, and personalized financial products are improving efficiency, expanding access to credit, and reducing operational risk.
These use cases illustrate that even at a nascent stage, AI delivers measurable gains, highlighting the importance of a calibrated regulatory approach that mitigates risks while preserving the flexibility necessary to scale innovation across the economy.
A Deep-Dive into the Artificial Intelligence Bill, 2026
Senator Nyamu’s Bill purports to address legislative gaps in existing frameworks such as the Science, Technology and Innovation Act and the Data Protection Act, which were not originally designed for AI. The Bill also seeks to align Kenya’s AI policies with international standards, referencing the European Union Artificial Intelligence Act.
To provide oversight, the Bill establishes the Office of the Artificial Intelligence Commissioner, an independent corporate body tasked with enforcing the Act, conducting risk assessments, and promoting AI literacy.
However, compared to other developed jurisdictions, the approach differs. The United States lacks a single, comprehensive AI legislation. Instead, it depends on an evolving framework that blends existing federal laws, executive orders, and agency guidance, along with emerging state-level legislation. This results in a largely market-driven, innovation-focused environment where regulation grows incrementally rather than through a unified statute. In this ecosystem, companies such as OpenAI and Anthropic lead in AI innovation, developing advanced systems used in commercial, enterprise, and government sectors.
The United Kingdom has also not enacted a single AI law. Instead, it relies on a sector-led, principles-based approach where existing regulators oversee AI within their respective mandates. This framework emphasizes safety, transparency, fairness, accountability, and redress without consolidating these principles into a single statute.
Limitations of Risk-based Regulation During Early Stages of Sector Development
For Kenya’s nascent AI industry, Clauses 25 and 26 of the Bill establish a risk-based regulatory framework with significant implications for innovation, market entry, and operational design. Clause 25 categorizes AI systems into four risk levels:
- Unacceptable Risk: Reserved for systems that pose severe threats, strictly prohibited from use, limiting experimentation, but protecting societal welfare.
- High Risk: Includes AI deployed in critical sectors such as healthcare, education, agriculture, finance, security, employment, and public administration, subject to rigorous oversight.
- Limited Risk: Systems presenting moderate risk.
- Minimal Risk: Systems with negligible risk, facing lighter regulatory obligations.
Clause 26 imposes detailed obligations on high-risk AI systems, including general risk assessments with human oversight and formal human rights impact assessments.
While human-in-the-loop safeguards are sensible for high-risk applications, the compliance complexity in these sectors may pose challenges for emerging players and stifle growing AI-led innovation in Kenya.
Further, the proposed roles of the Office of the Artificial Intelligence Commissioner include developing guidelines, codes of practice, standards, governance frameworks, and ethical norms. While these functions are prudent, industry leaders indicate that a self-regulatory approach has already taken root. For example, the Nation Media Group recently launched its AI policy, while Singapore has issued detailed AI guidelines to support legal and ethical compliance.
Many other proposed roles, such as overseeing AI risk investigations, can already be performed by existing regulators. In banking, for instance, the Central Bank of Kenya‘s prudential guidelines ensure innovation and technological changes are appropriately regulated. There is a risk that duplicating oversight with the Commissioner’s office could reduce efficiency.
Conclusion
While the Artificial Intelligence Bill, 2026, aims to safeguard societal welfare and align with international standards, it presents operational and compliance challenges for Kenya’s nascent AI industry. Lessons from AI leaders such as the United States, as well as emerging self-regulatory practices within the local industry, underscore the importance of a calibrated regulatory strategy. This strategy combines risk mitigation, ethical governance, and adaptive principles to enable Kenya’s AI ecosystem to thrive.
