George Kanellopoulos

AI Governance Requires Architecture, Not Better Tools

AI governance tools are one of the fastest growing segments in enterprise software. Every major vendor, and a growing number of startups, promise visibility into AI deployments, automated compliance checks, bias detection, model registries and risk scoring dashboards. Organizations are buying at an accelerating rate, and the reasonable expectation would be that the governance gap is closing. It is not. According to McKinsey’s latest State of AI survey, 88% of organizations now use AI in at least one business function [1], yet only 1% of leaders describe their organizations as mature in their AI deployment [2]. The tools are being purchased. The governance is not following. Those two facts, taken together, suggest that the problem might not be the quality of the tools but the nature of what we are asking them to solve.

The Purchasing Reflex

There is a pattern that repeats itself across organizations of all sizes and industries. It begins with the acknowledgment that governance is important, usually triggered by a regulatory development, a publicized incident at another company or a board-level inquiry. What follows is procurement. A governance platform is purchased and deployed, the reports are generated and the organization declares governance to be in place.

What the platform sits on top of, however, is a different matter entirely. In most cases data ownership is fragmented across teams with no clear authority over which system is the source of truth. Accountability structures are absent or ambiguous, which means that when an AI-generated output causes a problem there is no predefined chain of responsibility leading to a person who can answer for it. The operating model that would connect data authority, decision rights and accountability into a functioning system does not exist. In that environment the platform does exactly what it promises. It monitors, it flags and it reports. But monitoring a problem is not the same as solving it, and flagging a violation is not the same as preventing one.

It is important to note that this is not a failure of the tooling itself. Most governance platforms are competent products built by serious teams. The failure is in what they are being asked to do. A governance tool can show which models are deployed and where. It cannot tell you who is accountable when one of those models produces an output that creates regulatory exposure. It can flag that a policy was violated. It cannot redesign the information architecture that allowed the violation to occur. It can generate a compliance report for an auditor. It cannot establish the organizational structures that make compliance a lived reality and not a documented aspiration.

Ajith Prabhakar has described this disconnect as the “architecture gap”: the distance between an organization’s ability to articulate AI governance principles and its capacity to enforce them at runtime [3]. Policies are static, human-readable documents that describe intent. Enforcement requires dynamic, machine-enforced controls that constrain runtime behavior. Put simply, the gap between the two is not closed by purchasing a platform. It is closed by designing an architecture.

The Enterprise Has Been Here Before

What makes the situation particularly frustrating is that the enterprise has been through this exact cycle before, with cloud computing. When multi-cloud environments became unmanageable and the sprawl of services, accounts and configurations started creating security and cost exposure, organizations responded the same way they are responding to AI governance now. They purchased more tools. Another observability platform. Another policy engine. Another cost management dashboard. A recent analysis in CIO describes the result as a “complexity tax” [4]: the proliferation of disconnected tools created fragmented ownership across teams and gaps at the seams between departments that the tools themselves could not see. The sprawl did not shrink. It grew another layer, this time a layer of governance tools monitoring the original sprawl.

Cloud governance matured only when organizations moved beyond the purchasing reflex and started building operating models instead. They defined which teams owned which workloads and which budgets. They established data sovereignty boundaries based on regulatory jurisdiction. They designed cost accountability structures that were architectural in nature, embedded in how the organization operated, and not procedural checklists people were expected to follow. At that point the dashboards and monitoring tools became useful, but only because the architecture underneath gave them something coherent to monitor. Without the architecture, the dashboards had been showing the equivalent of a weather report for a city that had not yet been built.

AI governance is the same lesson, presented to the enterprise for a second time. A governance dashboard sitting on top of fragmented data ownership, unclear decision rights and no operating model is not governance. It is a visualization of how ungoverned you are. Paying for a better visualization does not make the underlying problem smaller.

The Questions That Tools Cannot Answer

In the previous sections we established that governance is not a tooling problem. The natural question that follows is what kind of problem it actually is. The answer, I would argue, is that it is an architecture problem, and the distinction matters because architecture demands answers to questions that no platform, regardless of its sophistication, can answer on behalf of the organization. There are four of them.

Data authority. When an AI model retrieves context from multiple systems in order to generate an output, which of those systems is authoritative? If the information in one system contradicts the information in another, which one takes precedence and who makes that determination? These are questions of data architecture that must be answered at the organizational level. They cannot be configured in a governance platform because the platform does not know, and cannot know, the business context that determines which source is more trustworthy for a given purpose.

Decision rights. Who has the authority to approve the deployment of an AI model into a production workflow? Who defines the acceptable risk threshold for a given use case? Who reviews the output when the stakes are high enough to warrant human oversight? These are organizational design decisions that must exist before any tool is purchased. The tool’s role is to enforce decisions that have already been made, not to make them.

Accountability. When an AI-generated output reaches the wrong audience and causes harm, whether that harm is regulatory, financial or reputational, who answers for it? In most organizations today the answer is unclear, and that ambiguity is itself the governance failure. A governance platform can log the incident and generate a report. It cannot create the accountability structure that should have existed before the incident occurred.

The operating model. The most difficult question of the four: how do data authority, decision rights and accountability function together across the enterprise at scale? Not for one AI use case but for dozens of them, each with different risk profiles, different data sources and different stakeholders. This is the question that separates architectural governance from governance theater, and it is the one most organizations have not yet seriously attempted to answer.

It is worth mentioning that Enterprise Architecture as a discipline already possesses the conceptual tools for all four. Capability models, system-of-record designation, decision frameworks and governance structures have been part of the EA toolkit for decades. AI governance is not a new discipline requiring the invention of new methodologies and the purchase of new platforms. It is an extension of existing architectural practice into a domain that happens to be non-deterministic. The tools already exist. What is frequently missing is the organizational willingness to use them.

The Shadow on the Wall

Shadow AI, the use of AI tools that have not been approved or governed by the organization, is most commonly discussed as a compliance problem. Employees are breaking rules, the reasoning goes, and the solution is enforcement: stricter policies, blocked applications, mandatory training. The evidence, however, suggests that this framing misses the actual cause of the problem.

Looking at the data, the picture becomes clearer. According to a 2026 analysis by MarkTechPost, between 40 and 65 percent of enterprise workers use AI tools that are not approved by their organization [5], and nearly half of them access those tools through personal accounts, bypassing enterprise data controls entirely. What is particularly telling is that fewer than 20% believe they are violating policy. Meanwhile, according to Netskope’s Cloud and Threat Report 2026, incidents of users sending sensitive data to generative AI apps more than doubled year-over-year, averaging 223 per month per organization [6]. IBM’s 2025 Cost of a Data Breach Report puts a price tag on the exposure: one in five organizations studied experienced a breach linked to shadow AI, adding an average of 670,000 dollars to breach costs, and 97% of the organizations that suffered AI-related breaches lacked proper AI access controls [7].

The numbers are concerning on their own, but one additional finding puts the entire problem into a different perspective. According to research compiled by Vectra AI, when organizations provide employees with approved AI tools that have proper governance built into them, unauthorized use of shadow AI tools drops by 89% [8]. That figure traces back to a single healthcare system intervention and reaches us via a security vendor, so it deserves double caution. But the direction it points in is independently corroborated. Microsoft and LinkedIn’s 2024 Work Trend Index found that 78% of AI users were bringing their own AI tools to work, across every generation of employee, while 60% of the leaders surveyed worried that their own organization’s leadership lacked a plan and vision to implement AI [9]. If those findings hold, the diagnosis changes entirely. If shadow AI recedes when governed alternatives are provided, then the problem was never that employees wanted to break rules. The problem was that the organization had no governed alternative to offer them. The architecture was missing and the shadow tools filled the vacuum.

The Samsung incident of 2023 illustrates the dynamic well. Within 20 days of lifting its internal ban on ChatGPT, Samsung engineers leaked proprietary semiconductor data on three separate occasions, through independent but identical incidents [5]. The company’s governance at the time was a memo-based policy with no technical enforcement behind it. There was no architectural boundary between the tool and the proprietary data it should never have touched. The engineers were not acting with malicious intent. They were using a productive tool in the absence of any structural mechanism that would have prevented the sensitive data from reaching it. The failure was not in the behavior of the employees. It was in the absence of architecture.

The Clock is Running

So far we have discussed the problem in organizational terms. In this section we turn to the dimension that makes it urgent. The European Union’s AI Act originally scheduled its binding obligations for high-risk AI systems to take effect on August 2, 2026. In June 2026 the EU adopted the Digital Omnibus package, which pushes that deadline to December 2, 2027 for stand-alone high-risk systems and to August 2028 for high-risk AI embedded in products [10]. It is important to read the delay correctly. It was granted because the implementation infrastructure was not ready. Harmonized standards and national supervisory authorities are still being put in place, and not because the obligations were softened. The transparency obligations of Article 50 still apply from August 2, 2026. Prohibited practices have been enforceable since February 2025, with penalties reaching 35 million euros or 7% of global annual turnover. And when high-risk enforcement begins, violations of those obligations will carry fines of up to 15 million euros or 3% of global turnover [10].

The extension changes the date. It does not change the nature of what is being demanded. The regulation does not ask for policy documents or governance intentions. It demands technical documentation that demonstrates traced controls from design through deployment and into ongoing monitoring. The EU AI Act effectively codifies into law what architects have argued for years: governance is a structural property of how a system is built and operated, not a document that describes how it should have been built. Traceability, data governance and decision accountability are architectural properties. They must be designed into the system from the beginning. They cannot be generated after the fact by a platform, regardless of how sophisticated that platform is. An organization that treats the postponement as a reprieve is repeating the purchasing reflex in calendar form. Deferring the architecture because the audit moved.

Adding urgency to the situation, the nature of AI itself is changing in ways that make architectural governance even more critical. Agentic AI systems, capable of planning, reasoning and taking autonomous actions with limited human oversight, are moving rapidly from experimental prototypes to production deployments. According to Gartner, 40% of enterprise applications will feature task-specific AI agents by the end of 2026, up from less than 5% in 2025 [11]. At the same time, Gartner predicts that over 40% of agentic AI projects will be canceled by the end of 2027, citing escalating costs, unclear business value and inadequate risk controls [12], while research published in the California Management Review points at the same culprit. Failures in agentic systems arise from governance misalignment rather than from deficiencies in model performance [13].

The implications are significant. A traditional AI model that produces a biased or inaccurate output causes harm gradually, over weeks and months, as the problematic outputs accumulate and compound. A poorly governed agentic system can cause harm in minutes, because it has the autonomy to take actions that traditional models do not. A compromised or misconfigured agent can access data it should not have, trigger processes no human authorized and create liabilities that did not exist five minutes earlier. An airline’s chatbot that cited an outdated bereavement policy, because no mechanism ensured it referenced only current documents, left the company bearing the legal liability. That is one documented case among many [3]. These are not theoretical risks. They are the documented consequences of architectural absence in production environments.

Architecture First, Tools After

The governance tool market will continue to grow, and some of those tools are genuinely useful products that address real operational needs. That is not in question. What is in question is the sequence. A monitoring dashboard that operates on top of a well-designed governance architecture is a valuable asset that helps the organization maintain and improve the standards it has established. The same dashboard operating on top of organizational chaos, where no one has defined who owns the data, who approves the decisions or who answers when something goes wrong, produces noise, not governance.

The enterprise learned this lesson with cloud computing. It spent years and considerable budgets purchasing tools to manage a problem that was architectural in nature, and the problem did not begin to improve until organizations stopped buying and started designing. AI governance is the same lesson presented a second time, and the cost of ignoring it is higher this time because the regulatory stakes are greater, the technology is less predictable and the speed at which things can go wrong has increased by orders of magnitude.

The bottom line: you cannot buy your way to governance. You have to build it.

References

[1] McKinsey & Company, “The State of AI in 2025: Agents, innovation, and transformation,” November 2025. https://www.mckinsey.com/capabilities/quantumblack/our-insights/the-state-of-ai

[2] McKinsey & Company, “Superagency in the workplace: Empowering people to unlock AI’s full potential at work,” January 2025. https://www.mckinsey.com/capabilities/mckinsey-digital/our-insights/superagency-in-the-workplace-empowering-people-to-unlock-ais-full-potential-at-work

[3] A. V. Prabhakar, “The Architecture Gap: Why Enterprise AI Governance Fails,” December 2025. https://ajithp.com/2025/12/14/enterprise-ai-governance-framework/

[4] “Multi-cloud doesn’t need another tool,” CIO.com, June 2026. https://www.cio.com/article/4181763/multi-cloud-doesnt-need-another-tool.html

[5] M. Sutter, “Enterprise AI Governance in 2026: Why the Tools Employees Use Are Ahead of the Policies That Cover Them,” MarkTechPost, May 2026. https://www.marktechpost.com/2026/05/13/enterprise-ai-governance-in-2026-why-the-tools-employees-use-are-ahead-of-the-policies-that-cover-them/

[6] Netskope, “Cloud and Threat Report 2026,” January 2026. https://www.netskope.com/resources/cloud-and-threat-reports/cloud-and-threat-report-2026

[7] IBM, “Cost of a Data Breach Report 2025,” July 2025. https://www.ibm.com/reports/data-breach

[8] Vectra AI, “Shadow AI explained: risks, costs, and enterprise governance,” 2026. https://www.vectra.ai/topics/shadow-ai (89% figure originally reported by Healthcare Brew, 2026, from a single healthcare system intervention)

[9] Microsoft and LinkedIn, “AI at Work Is Here. Now Comes the Hard Part,” 2024 Work Trend Index Annual Report, May 2024. https://www.microsoft.com/en-us/worklab/work-trend-index/ai-at-work-is-here-now-comes-the-hard-part

[10] European Union, Regulation (EU) 2024/1689 (EU AI Act), entered into force August 1, 2024, as amended by the Digital Omnibus package (Parliament endorsement June 16, 2026; Council final approval June 29, 2026), deferring Annex III high-risk obligations to December 2, 2027. https://www.consilium.europa.eu/en/press/press-releases/2026/05/07/artificial-intelligence-council-and-parliament-agree-to-simplify-and-streamline-rules/

[11] Gartner, “Gartner Predicts 40% of Enterprise Apps Will Feature Task-Specific AI Agents by 2026, Up from Less Than 5% in 2025,” Gartner Newsroom, August 2025. https://www.gartner.com/en/newsroom/press-releases/2025-08-26-gartner-predicts-40-percent-of-enterprise-apps-will-feature-task-specific-ai-agents-by-2026-up-from-less-than-5-percent-in-2025

[12] Gartner, “Gartner Predicts Over 40% of Agentic AI Projects Will Be Canceled by End of 2027,” Gartner Newsroom, June 2025. https://www.gartner.com/en/newsroom/press-releases/2025-06-25-gartner-predicts-over-40-percent-of-agentic-ai-projects-will-be-canceled-by-end-of-2027

[13] “Governing the Agentic Enterprise: A New Operating Model for Autonomous AI at Scale,” California Management Review, March 2026. https://cmr.berkeley.edu/2026/03/governing-the-agentic-enterprise-a-new-operating-model-for-autonomous-ai-at-scale/

#Ai-Governance #Enterprise-Architecture #Ai #Technology-Strategy