AI Governance in Practice: Who Owns the Guardrails?
Governance fails when it's a document instead of an operating model. The real decisions: where governance sits, what gets a human gate, why data governance is the foundation, and how to move from principles to enforcement without grinding delivery to a halt.
I’ve sat on enough governance panels now to spot the moment it goes wrong. Someone holds up a glossy set of AI principles — fairness, transparency, accountability, the usual — and asks the room whether they agree. Of course everyone agrees. Nobody’s against fairness. Then I ask a different question: when an engineer ships a model on Friday afternoon, what in your organisation actually stops them if it shouldn’t go out? Usually the answer is a long silence.
That silence is the whole problem. Most AI governance is a document. The principles are fine. They’re just not connected to anything. Governance only means something when it’s an operating model — when it changes what people can and can’t do, and who has to say yes before something ships.
A document is not a control
The PDF on the intranet describes intentions. A control changes outcomes. Those are not the same thing, and conflating them is how organisations end up “governed” right up until the moment something blows up.
A real control is enforced by a system or a person with the authority to say no, it triggers automatically at the right point in the workflow, and it leaves a trace. “We value transparency” is an intention. “No model reaches production without a documented evaluation and a named owner” is a control. The first one feels good in a board deck. The second one is the thing that’s actually true at 4pm on a Friday.
The test I apply to any governance claim is simple: show me where it bites. If a principle can’t point to a moment where it stops, gates, or shapes a real decision, it isn’t governance. It’s a press release.
Where does governance sit?
This is the structural decision everyone gets stuck on, and there’s no universally right answer — but there are recognisable failure modes for each option.
A separate governance function gives you independence and a clear owner. It also tends to become a bottleneck the business learns to route around. If governance is a gate that adds three weeks and a committee, teams will find the path that avoids it, and you’ll have shadow AI instead of governed AI.
Embedded in the delivery teams gives you speed and context — the people who understand the system make the calls. But “everyone owns it” drifts very easily into “nobody owns it”, and standards fragment team by team until you can’t say what “responsible” even means across the organisation.
Fully distributed, with governance baked into shared tools and platforms, is where mature organisations tend to land, but you only earn it once the standards are clear enough to encode.
In practice the thing that works is a hub-and-spoke shape. A small central function owns the standards, the hard escalations, and the question of what “good” means. Delivery teams own the day-to-day application of those standards in their own context. The centre sets the rails; the teams run on them. What you’re trying to avoid is the two extremes — a remote committee that says no to everything, or a free-for-all where every team invents its own ethics.
Data governance is the floor, not a sibling
Here’s the part that gets skipped because it’s unglamorous: you cannot govern AI on top of data you don’t understand. Every hard AI question — is this fair, is this private, can we explain this, are we allowed to use this — resolves down to a data question. What is this model trained on. Where did that data come from. Who consented to what. What’s sensitive, what’s regulated, what should never have been in the training set in the first place.
Organisations that treat data governance as a separate, lower-priority track end up trying to bolt fairness and privacy onto a foundation they can’t see into. It doesn’t hold. If you don’t know your data’s lineage, consent basis, and sensitivity, your AI governance is built on sand and the first serious incident will find the cracks. Get the data layer right and a surprising amount of AI governance becomes enforceable almost for free, because you finally know what you’re working with.
Put humans where the decisions are irreversible
Not every AI decision needs a human in the loop. Insisting on one for everything is how you make governance synonymous with “slow”, which guarantees people will work around it. The skill is putting the human gates exactly where they earn their cost.
Sort decisions by stakes and reversibility, the same way you’d sort actions for an autonomous system. A recommendation that’s easy to ignore or undo can run automatically. A decision that materially affects someone’s life — credit, employment, healthcare, anything legally consequential, anything you can’t take back — gets a human who is genuinely able to understand the recommendation and overrule it. Not a rubber stamp. Someone with the context and the authority to say no, with that override logged and reviewed.
The failure mode here is the human who clicks approve on everything because they don’t understand the model and won’t be thanked for slowing things down. A gate that always says yes is theatre. If you’re going to put a person in the loop, give them the information and the standing to actually be in it.
From principles to enforcement, without stopping delivery
The reason governance gets a bad name is that the naive version is a tax on everything. Every project waits for the committee; the committee becomes the bottleneck; the business routes around it. You end up with the worst of both worlds — slow and ungoverned.
The way out is to make the governed path the easy path. Bake the controls into the tools teams already use. Evaluation harnesses in the deployment pipeline so checks run automatically, not as a manual gate. Approved patterns and pre-vetted components so the compliant choice is also the fastest one. Templates that carry the requirements with them. When the safe option is the path of least resistance, people take it without being policed into it.
And govern proportionately. A model that drafts internal meeting summaries does not need the scrutiny of one that decides who gets a loan. Tiering by risk is what keeps governance from becoming the thing everyone resents. Spend your scrutiny budget where the blast radius is real, and let the low-stakes work move fast.
The question that actually matters
If you take one thing from the governance conversations I keep having, make it this. Stop asking “do we have AI principles?” Almost everyone does, and they’re almost all interchangeable. Ask instead: when something goes wrong, who is accountable, what stops it from happening, and can you prove what the system did?
If you can answer those three — clear ownership, enforced controls, an audit trail you’d stake your reputation on — you have governance. If you can only point at a document, you have an aspiration with good production values. The work is closing that gap, and it’s done in the operating model, not the PDF.