John Phenix proposes automating API governance at HSBC to improve the developer experience and ensure consistency. He outlines five tips: 1) Govern only real risks, not preferences; 2) Ensure governance scales with development; 3) Shift governance left to catch issues earlier; 4) Transition from reviewing correctness to reviewing appropriateness; 5) Automate as much as possible while still involving people. Phenix advocates a hybrid centralized-federated model and using tools to automate reviews, integrate with CI/CD, and provide dashboards. Example rules cover security, operations, and style standards.