Almost eight in 10 business leaders in the US are unsure whether they could pass an independent AI governance audit if it were imposed within the next 90 days, according to a Grant Thornton report.
The 2026 AI Impact Survey found that 78% of executives lack strong confidence that they could pass such an audit, with as many as 48% of organisations’ boards failing to set any AI governance expectations despite the significant investment going into AI tools (three-quarters of boards have approved major AI investments).
This governance gap is impacting AI adoption, with 46% of respondents citing governance or compliance barriers as the top factor contributing to AI project underperformance or failure, well ahead of the second-biggest factor – insufficient training – on 31%. Only 8% of respondents said their AI projects were not underperforming, suggesting that many organisations are still struggling to unlock the value from their AI investments.
Grant Thornton says the gap between what organisations are deploying and what they can prove works is growing with every AI initiative that they try to scale without a governance structure in place.
“Organisations are moving through discovery and deployment without building the ability to show that AI is working safely, defensibly and at the scale the business requires,” Grant Thornton wrote in the report.
Just over half of respondents (51%) said that strategy is the biggest driver of AI return on investment, but 79% said they do not have a fully developed and implemented AI strategy. Grant Thornton says this is because many organisations are worried about falling behind instead of having a clear view of where AI creates value.
The lack of governance oversight is exposing organisations to potential risk. While almost three-quarters of business leaders are using agentic AI, only one in five organisations have a tested AI incident response playbook if something goes wrong. The rest either have a documented playbook that has not been tested (48%), while 29% are developing a playbook, and 3% have no playbook at all.
Tom Puthiyamadam, managing partner of advisory services at Grant Thornton Advisors, said: “Across the organisations we work with, what we consistently see is that AI deployment has outpaced the infrastructure to defend it. Leaders who have invested in governance aren’t moving slower – they’re moving faster because they have the confidence to scale. The ones who haven’t built it yet are one incident away from a much harder conversation.”
The report was based on a survey of 950 business leaders across multiple industries in the US.
A Gartner report earlier this month called on GCs to consider taking out dedicated AI insurance given that many traditional insurance policies may exclude AI-related failures.
A report in March from cybersecurity audit business Thoropass found that 69% of compliance and IT professionals believe that AI adoption is outpacing their ability to put in place adequate controls and safeguards.
Email your news and story ideas to: [email protected]
