From Shadow AI to Strategic AI Governance

The next AI governance problem is not theoretical – it is already inside the business. Employees are using copilots, SaaS agents and browser-based AI tools to get real work done, often before IT, security or leadership have decided what good use actually looks like. 

But how can organisations support the evolving ways people work whilst maintaining visibility and control across an increasingly decentralized technology landscape?

Menlo Security reported a 68% surge in shadow generative AI usage in 2025, with 68% of employees using free-tier AI tools via personal accounts and 57% of those users inputting sensitive data. Reco’s 2025 State of Shadow AI report found that organisations manage an average of 490 SaaS applications, with only 47% formally authorised, creating a large and largely ungoverned attack surface for AI adoption.

That is why this cannot be treated as a compliance clean-up exercise. The issue is no longer just who is using which tool, but which systems are being touched, which decisions are being shaped, and which workflows are quietly being re-engineered. As AI begins to act rather than simply suggest, the question becomes: where does accountability now sit? In that context, governance has to become an operating discipline—built into the flow of work, not bolted on at the end. 

This is also where the conversation needs to get more action-focused. Too much AI governance content still lives at the level of policy principles, risk lists and abstract frameworks. Those matter, but they do not tell a CIO, CISO or transformation lead what to do on Monday morning when three teams are already using copilots, one function has bought its own agent platform, and nobody can explain, in plain language, what is connected to what. That’s why WSAI brings you C-Suite enterprise leaders who are at the coal-face of these issues, demonstrating what has worked for them in practice, and offering actionable insights for  safe, governed deployment.

Governance in the flow
pitch night to PoC and market expansion

The most useful mental shift is this: AI governance should not be designed as a brake on adoption. It should be designed as the set of controls that makes production-grade adoption possible. That is especially true as businesses move from assistants that draft and summarise toward agents that retrieve data, call tools, route work and trigger actions inside enterprise systems.

Satya Nadella has put the trust question plainly: “If you don’t trust it, you’re not going to use it,” arguing that security, privacy and governance are central to whether AI actually diffuses across the enterprise. Jensen Huang has made the trust problem equally plain: “We have to get to a point where the answer that you get, you largely trust.” That is not just a model-quality challenge. In the enterprise, it is a governance challenge: trust depends on whether identity, data access, oversight and intervention are built into the system before agents are allowed to act. Governance is not what happens after rollout. Governance is what determines whether rollout should happen at all, and under what conditions.

This is where several WSAI 2026 sessions are critical, such as “Orchestrating Agentic AI: Control, scale, and enterprise value,” “Why most AI strategies fail: The human side of scaling AI,” and “Engineering responsible AI systems at scale”. They all point toward the same conclusion: the hard part is not proving AI can work. It is building the controls, trust and operating discipline that let it work safely at scale.

Move one: surface what is already happening

Most organisations do not have an AI strategy problem first. They have a visibility problem. You cannot govern what you cannot see. And right now, a surprising amount of AI usage sits in the browser, in unsanctioned SaaS tools, in personal accounts, or inside isolated team-level deployments.

That is why the first move is not writing another policy. It is building a proper intake and inventory layer for AI use across the business. That means identifying which copilots, SaaS agents, internal bots and model-connected tools are already in use; where they are touching company data; who owns them; what they are connected to; and whether they are only generating content or actually taking action.

The good news is that this is becoming more operationally possible. Several operators, such as Microsoft, now offer solutions where IT teams can curate which agents employees can install, apply granular access controls and track adoption across the organisation. That kind of internal AI catalogue matters because it creates a path out of chaos: not blanket bans, but visible, managed distribution.

A practical test for leaders is simple: can the organisation produce, within 30 days, a clear view of its top AI tools, top AI-enabled workflows, top data exposures and top ungoverned agents? If not, the governance conversation is still too abstract.

Move two: stop governing tools, start governing workflows

Many organisations are still trying to govern AI with approved-tool lists. That is understandable, but it is increasingly the wrong level of control. The real question is not whether ChatGPT, Copilot or another agentic tool is allowed in the abstract. The real question is which workflows can tolerate which kinds of autonomy, with which kinds of data, under which levels of human review.

This is where policy-by-workflow becomes much more useful than policy-by-tool. A low-risk internal drafting workflow is not the same as a customer-facing claims decision. A research assistant with read-only access is not the same as an agent that can trigger payments, update records or change supplier terms. Governance has to reflect those differences in consequence, not just vendor names.

The strongest organisations are beginning to codify this through tiered models. Microsoft’s latest guidance for governing agents highlights zoned governance, mapping agent risk and technical complexity to distinct governance levels with different security, management and reporting controls. In practice, many organisations can simplify this into red, amber and green classes: green for low-risk assistive use cases, amber for bounded workflows with human approval gates, and red for agents touching sensitive data, regulated decisions or consequential actions that require stricter review and oversight.

Governance should be proportionate, practical and rooted in consequences for people, not just systems. If the efficiency trap is about protecting human capability, and the new operating model is about redesigning work around humans and agents, then governance is the mechanism that decides where those boundaries actually sit.

Move three: build control points into the stack

Once AI systems move beyond suggestion and into action, governance has to live in the technical and operating stack itself. That means identity, permissions, logging, evaluation, monitoring and escalation are not side topics for the architecture team. They are the architecture.

At minimum, organisations need to be able to answer six questions for any serious copilot or agent:

If those questions cannot be answered clearly, the system is not governed, however polished the policy document may be.

This is where “governance-in-the-flow” becomes real. The control points should sit where work happens: identity and permissions at access, policy at data retrieval, validation before action, logging through execution, evaluation after outcomes, and escalation when thresholds are breached. In other words, the enterprise needs safety rails around actions, not just guidance around prompts.

What good looks like

What good looks like is not a world with zero experimentation. It is a world where experimentation is visible, risk is graded, and scaling happens through governed pathways rather than side doors. The companies getting ahead are not those with the loosest rules or the loudest AI messaging. They are the ones building managed routes into adoption: Expedia Group with secure environments for internal AI experimentation and measurable workflow impact, H&M Group with responsible AI frameworks and project-level checklists, and EY with an enterprise-scale agentic AI operating system designed around governance, orchestration and trust (all of whom you can see on the WSAI stage and in the InspiredMinds! Community Hub).

That is also what makes this such a practical leadership issue. Deloitte’s enterprise reporting has noted that early blanket restrictions are giving way to more nuanced governance frameworks based on use-case risk, data sensitivity and output consequentiality. The shift is important because it signals a move away from “can we allow AI?” toward a more serious question: “how do we allow the right AI, in the right workflows, with the right controls?”

The next stage of AI maturity will not be won by the organisations that simply roll out more copilots or agents. It will be won by those that make AI legible inside the business: visible enough to manage, governed enough to trust, and embedded enough to create real value without letting risk disappear into the workflow. For leaders trying to move from shadow AI to governed deployment, the WSAI AI Workforce Playbook offers a practical starting point for redesigning workflows, controls and human oversight around real enterprise use cases.

What do you think of this topic?

Leave us your comments below! We read you! 👇

InspiredMinds! Community Hub

Inside the InspiredMinds! Community Hub, you’ll find deeper insights, expert perspectives, and practical discussions from the people building and deploying AI across Europe and beyond.

Join our regular LinkedIn newsletter - Global AI Dispatch!

World Summit AI global Summit series