Skip to main content
All articles
By Bill Sourour

Your AI Policy Should Be Code

ai-governanceenterprise-aiai-production
Your AI Policy Should Be Code

An auditor sits down with a model that has been scoring loan applications for eight months. The question is plain: show me the last time this was evaluated, who signed off on the version running today, and what happens when its outputs drift. The company has an AI governance policy. It runs forty pages, the board approved it last spring, and it says the right things about fairness, accountability, and human oversight. It does not answer the question. The answer lives in an evaluation log, a named owner, and a release gate that stops a bad version from reaching production, and the company built none of them.

Grant Thornton's 2026 AI Impact Survey put a number on how common that scene is. Across 950 senior leaders surveyed in early 2026, 78% said they lack strong confidence they could pass an independent AI governance audit within 90 days. The firm named it the AI proof gap: organizations scaling AI they cannot explain, measure, or defend. Nearly half, 46%, pointed to governance and compliance failures as a leading reason their AI underperforms.

The policy is not the problem. The problem is that a policy is the only thing most companies built.

The document was written for the wrong reader

Most AI governance gets written for a regulator, a board, or a customer's security questionnaire. It describes what the company intends: the principles it holds, the committee that reviews high-risk uses, the values that guide deployment. As a statement of intent, it does its job.

Then a model goes into production and intent stops being the thing that decides anything. What decides is whether the deploy pipeline blocked the version that failed its evaluation. Whether the log captured which model made the call. Whether a human actually opened the case the system flagged for review, or clicked past it. A document cannot do those things. It can only assert that they should happen, to a reader who will never be in the room when they do.

The gap shows up at the top. Three in four boards have approved major AI investments. Barely half set any governance expectations alongside the money, and fewer than half made AI risk a standing part of their oversight, according to the same survey. The investment gets approved. The machinery to watch what the investment builds does not.

Why the document keeps winning

The document wins because it is cheap and it closes tickets. A policy can be drafted in a few weeks by legal and compliance, satisfies the security questionnaire holding up a deal, and lets the board mark AI risk as handled. It produces an artifact everyone can see and forward.

The operating system produces nothing that fits in a slide. It is release gates sitting in a deploy pipeline, retention rules on a log store, an override queue somebody has to staff at 8am, an inventory that goes stale the week nobody updates it. That work has to be scoped, owned, and paid for by engineering, and it competes with the feature roadmap every sprint. The policy gets written because writing it is someone's job. The system does not get built because building it is nobody's.

What an operating system actually does

An operating system schedules work, enforces permissions, records what happened, and halts a process that misbehaves. Governance wired into the software development lifecycle does the same four jobs for AI. Each one is a mechanism, and each one replaces a sentence in the PDF that nobody can currently prove.

A release gate. Evaluation runs before a model ships, and a version that fails its evaluation does not reach production. This is the oldest idea in regulated modeling: SR 11-7, the Federal Reserve and OCC guidance on model risk management, has required independent validation before a model influences a decision since 2011. A gate turns "we validate our models" from a claim into a step the pipeline enforces whether or not anyone remembers to.

A log that outlives the decision. Every inference records which model version ran, what it saw, what it returned, and who was accountable. The EU AI Act's Article 12 makes this a legal requirement for high-risk systems: automatic event logging across the system's lifetime, so a decision can be traced back when a regulator or a customer asks. Teams that log for debugging capture the wrong things and purge them on a 30-day retention window. An audit trail is logging built for a reader who shows up a year late.

Human oversight that can change the outcome. The EU AI Act's Article 14 requires high-risk systems to be designed so a person can monitor, interpret, and override them while they run. Most "human in the loop" is a person who receives a notification and has no practical way to stop the system before it acts. A human who cannot halt the decision is not oversight. They are a witness.

An owner who still exists in six months. Every model in production has a name attached to it and an entry in an inventory, assigned before the model touches anything real. When the model drifts, someone is accountable for noticing. "The model decided" is not a sentence that survives an audit, and it is not a sentence a system with a named owner ever has to say.

A monitor that runs continuously. The survey's own recommendation is to move governance "from static policy to continuous oversight: monitoring agent behavior, detecting deviations and adjusting controls as systems evolve." Overrides, latency, and error rates get tracked in real time, not reconstructed at the next quarterly review. A fraud model that starts rejecting legitimate customers shows up as a spike in overrides the day it begins, visible to whoever is watching the dashboard. The same drift reaches a quarterly review committee as a complaint, three months and several thousand rejected customers later. If you learn a model drifted from a slide in a deck, the model has been wrong for a quarter.

Banking already runs this

None of this is new. It is new to AI.

SR 11-7 has required named ownership, independent validation, ongoing monitoring, and a documented model inventory for well over a decade. That is an operating system for model governance, built and battle-tested before anyone deployed a language model into production. A bank that runs a credit model already knows how to answer the auditor's question, because the answer is a set of running controls it was required to build, not a document it was required to write.

The principles transfer directly to AI. The tooling is what lags. A generative summarizer and a loan-scoring model sit on the same continuum: both turn inputs into outputs that shape a decision someone can be asked to defend. The discipline that governs one is the discipline the other has been missing, and the companies that already live under it have a head start they rarely recognize as one.

The system is also the advantage

Governance built this way reads like pure cost until you look at who is getting value. In the same survey, organizations with fully integrated AI were nearly four times more likely to report AI-driven revenue growth than the ones still piloting, 58% against 15%. Confidence in passing that 90-day audit tracked the same line: 7% among companies still piloting, 74% among the ones fully integrated, a tenfold gap sitting right beside the revenue one.

The two are not separate findings. The companies that built the running controls are the same companies that trusted their own AI enough to put it everywhere. The gate, the log, and the owner are what let them scale without flinching every time a model touched something that mattered. Governance stopped being the thing slowing them down and became the reason they could move.

The window is closing on paper

Nearly three in four organizations are giving agentic AI access to their data and processes. One in five has a tested plan for what happens when an agent fails. As agents move from suggesting to acting, the distance between a policy and a running control becomes the distance between an incident you can explain and one you cannot. A previous article in this series covered the identity half of that problem: agents authenticating with credentials nobody owns. The governance half is the same shape. The controls exist on paper and nowhere else.

The work is converting each line of the policy into a mechanism that runs. The principle "we keep a human in the loop" becomes a review step the workflow cannot skip. "We monitor for drift" becomes an alert wired to a metric with a threshold. "We maintain accountability" becomes a name attached to an inventory entry, checked before deploy. A policy you can read is worth less than a gate that stops a bad deploy at 2am without asking anyone. The companies closing the proof gap are not writing better documents. They are building the system the document describes.


A policy tells a regulator what you meant to do. An operating system shows them what actually happened. When the auditor sits down, only one of them is still talking.


Bill Sourour is the founder of Arcnovus, a technology advisory firm that helps engineering leaders in regulated industries turn AI governance from a document into a system that runs. If your policy would go quiet the moment an auditor asked it a question, let's talk.

Bill Sourour

Bill Sourour

Founder, Arcnovus

25 years in enterprise technology. Writes about AI strategy for CTOs.

Featured inFortuneWIREDCBC
Learn more
Subscribe to Bill on AISubscribe