Executives are spending 37% more time managing AI risk this year — not because AI became more dangerous, but because they’re finally seeing the full scope of the challenge. What’s most exciting is also what keeps us up at night: while AI has advanced at lightning speed, governance systems are still in legacy mode.
The governance gap is real, and widening
In our survey of 1,250 executives across North America and Europe, an overwhelming majority told us the same story: AI is exposing cracks in governance frameworks that were never designed for systems operating at machine speed.
That 37% increase in AI risk management time we mentioned? It’s not happening in a vacuum. Nearly three-quarters of leaders admit AI has revealed critical gaps in visibility, collaboration, and policy enforcement. And for most, legacy governance processes are already straining under the weight of AI’s complexity.
This isn’t an abstract issue. It’s a wake-up call. AI risk is accelerating modernization timelines, and organizations are responding with significant financial commitment. More than half expect their governance budgets to increase by over 20% in the next year. The message is clear: the stakes are too high to ignore.
AI adoption is here, and it’s mature
One of the clearest signals we uncovered is just how deeply AI is embedded in the enterprise today. Sixty percent of organizations report advanced or mature AI usage, spanning everything from fraud detection in financial services to diagnostic imaging in healthcare. And nearly a quarter are already running generative AI in production — transforming what was a novelty just two years ago into critical infrastructure. This widespread adoption aligns with real-world trends we’re seeing across industries.
This maturity brings with it both opportunity and challenge. With AI embedded across operations, governance must scale to match. The organizations still experimenting with AI today will soon face the same oversight hurdles their more advanced peers are already grappling with.
Measuring AI’s value, and governance’s role
AI is no longer treated as an experiment; it’s a business asset with measurable returns. An overwhelming majority — 87% — say they’re mature in measuring AI ROI, which signals a level of sophistication that wasn’t present just a few years ago.
But here’s the catch: nearly 40% admit their measurement is inconsistent. When measurement is inconsistent, governance suffers. After all, you can’t effectively govern what you can’t reliably measure.
This is where governance teams can step out of the compliance shadows and show their true strategic value. By aligning oversight to business-critical AI initiatives, governance isn’t a brake pedal; it becomes a growth accelerator.
The reality check: risks and roadblocks
AI governance is consuming more time and resources because the risks are multiplying. Cybersecurity vulnerabilities, third-party AI use, and what many call “shadow AI” are rising to the top of the list of underestimated threats.
At the same time, governance teams face structural hurdles. Legacy tools aren’t integrated with AI platforms. Reviews often come too late in the development cycle. Many organizations are juggling multiple disconnected systems, creating manual bottlenecks that slow everything down. We’re trying to govern 21st-century technology with 20th-century processes and it isn’t working.
A path forward: AI-ready governance
Despite these challenges, we’re optimistic. And so are the leaders we surveyed. Almost all plan to increase governance investment, with an average budget jump of 24%. This investment reflects a deeper understanding: responsible governance enables sustainable AI innovation.
