From Zero Risk to Risk Acceptance: Vietnam's 2025 Pivot to AI, Data, and Digital Government

Risk-Based Management: From Zero-Risk Thinking to Real Oversight

The minister was clear: past policy relied on zero-risk thinking. Monitoring came late, usually after small issues turned into major incidents.

That mindset is being replaced by risk acceptance and risk-based management. The shift is only workable because operations and data are moving into the digital environment.

As the minister put it, with digital systems and AI - "like a Buddha with hundreds of hands and thousands of eyes" - one person can oversee 100 million people, even an entire country. The message was blunt: move fast into the digital environment and apply AI, or be overwhelmed.

2025: A Runway for Innovation

In 2025, the institutional framework for science, technology, and digital transformation was completed at an unprecedented level. The National Assembly passed synchronized laws: the Law on Science, Technology and Innovation; the Law on Digital Transformation; the Law on Artificial Intelligence; and the amended Law on High Technology.

These updates reflect a deeper shift: innovation, data, and digital technology now sit alongside capital and labor as core production inputs. Crucially, new regulations allow more experimentation: risk acceptance, liability exemptions in R&D, and flexible funding.

That change clears long-standing barriers. High-risk research, breakthrough technologies, and new business models now have room to move from lab to market.

Digital Government, Economy, and Society: Execution at Scale

Government is moving from "digitizing processes" to data- and AI-driven governance. National data platforms expanded in scale and processing capacity, with stronger interconnections across ministries, sectors, and localities.

Digital infrastructure was restructured toward modern, flexible cloud-based models aligned with new standards. Trusted digital infrastructure - digital signatures, electronic identification, authentication - is now common across government, business, and citizens.

Adoption is visible in outcomes: end-to-end online public services, electronic transactions, and data use exceeded targets. The Digital Transformation sector acted as a "midwife" for businesses, especially SMEs, lowering costs and risks and improving competitiveness. The digital economy's share of GDP continued to rise toward strategic goals.

Key Results That Matter

Digital trust and services

• 38.2% of adults owned digital signature certificates.
• 66.6% used electronic signatures.
• 51.7% of administrative procedure files were resolved via end-to-end online services, up 12.42% from 2024, the highest level on record.
• 1.2 billion transactions ran through the National Data Integration and Sharing Platform, exceeding the 2025 plan by 30%.
• 100% of administrative procedure systems integrated remote digital signature solutions.

Economy and innovation

• The digital economy reached an estimated 18.72% of GDP in Q1 2025.
• 2,007 science and technology tasks/projects registered (+50% vs. 2024).
• 426 tasks/projects approved (+70%).
• Funding for new tasks hit VND 738 billion (+130%).
• 49.3% of export value came from high-tech goods; six high-tech zones are now established.

What Leaders Should Do Next

• Codify risk acceptance. Replace blanket prohibitions with tiered controls. Use clear thresholds for risk tiers, escalation paths, and pre-approved sandbox conditions.
• Make data the control surface. Build end-to-end data pipelines for priority services (identity, payments, licensing, inspections). Instrument processes to surface leading risk indicators in real time.
• Stand up AI-assisted oversight. Deploy AI for anomaly detection, triage, and supervisory analytics. Keep humans in the loop for high-impact decisions, aligned with frameworks like the NIST AI Risk Management Framework.
• Consolidate trust infrastructure. Drive adoption of eID and digital signatures across all workflows. Set procurement standards for interoperability and cloud-first architectures.
• Open the experimentation lane. Use the new legal space to run policy sandboxes and phased pilots. Tie liability exemptions to transparent reporting and measurable safeguards.
• Publish outcome metrics. Track service completion times, compliance costs, fraud rates, and user satisfaction - not just volume. Make dashboards public where feasible.
• Upskill managers and teams. Equip staff to design data-driven services, write AI-enabled SOPs, and audit models. Explore practical training paths and certifications, e.g., AI automation certification or role-based courses by job.
• Anchor to global practices. Refer to guidance on risk-based regulation and proportionality, such as the OECD's work on risk-based regulation.

The Bottom Line

Risk-based management is a management choice backed by infrastructure, data, and law. With AI and a fully digital operating picture, oversight scales - and accountability becomes measurable.

The window is open. Move your processes, datasets, and controls into the digital environment quickly, or the risks will outrun your capacity to respond.