AI Regulation: More an Adoption Accelerator Than a Brake

The emergence and growing adoption of generative AI and the agreement to and implementation of the EU AI Act uncannily coincided. These two factors have catalyzed an AI renaissance within many enterprises. Yes, companies were already applying AI here and there across their organizations — but responding to the impact of these two exogenous forces required a whole new way of thinking and doing. 

All of a sudden, all eyes were on AI. A groundswell of demand for new AI tools came from every part of an organization: Developers used co-pilots to build and annotate code. Sales teams used AI to draft customer outreach emails. Marketing teams crafted localized campaigns and translated messaging using new generative AI tools. 

At the same time, executives and boards of directors wanted to “do something” to capture the potential competitive advantages. According to a recent study by NTT, 89% of global CEOs consider AI technology central to maintaining profitability; 77% plan to increase AI budgets in 2025. On the other hand, 87% identify an urgent need for AI governance frameworks, with concerns about data privacy and cybersecurity. And, of course, many worried about the risks to both revenue and reputation. Moreover, never out of the picture, concerns about how much AI was going to cost plagued many CFOs. In a recent study of CFOs, 33% were concerned about a lack of capital to invest. And about half of those polled said that if an AI investment doesn’t deliver measurable ROI within a year, it would be difficult to justify further investment.

Within enterprises, these forces—interest and adoption, competitive pressures, and cost concerns—created the perfect storm. For many, the storm culminated in a new AI strategy and set off an organizational and cultural wave of change. Implementing AI at scale required greater efficiency and coordination, but change is hard. 

The real catalyst of this change was the EU AI Act, which entered into force in August 2024, with requirements being applied over time. In a recent discussion, the chief data officer of a global pharmaceutical company described the dynamic. As a traditionally distributed organization, each business unit drove its own data and AI initiatives. They knew their businesses best, devising initiatives that addressed their challenges and managing their own data and AI projects. Historically, efforts to centralize data and AI initiatives had met with resistance. But then came the EU AI Act with requirements for transparency in the use of AI and accountability for the outcomes delivered. Suddenly the times are changing. For this CDO, “the EU AI Act will be the driver of a complete view of AI across the enterprise.” All AI models being put into production for decision-making would now be cataloged at the enterprise level, driving more visibility across the organization. Like it or not, that was the law. 

Regulation has become an effective tool for data and IT teams to federate distributed data activities. At the pharma company, the central data team was able to impose AI governance requirements to mitigate the risk of noncompliance but also offer an “insurance policy” to keep business units out of trouble. Moreover, with the need to catalog and assess AI risk came a visibility that is now driving more collaboration, leading to thinking such as "Hey, they've got a cool tool. What if I applied it to my data?" or "What if we pooled our data to improve the accuracy?" In manufacturing, for example, a defect-prediction model might benefit from data from different product teams. The data team can help make such connections across an organization to accelerate projects and find synergies and efficiencies. From what we can see, far from stifling AI, regulation will be a catalyst for collaboration and a forcing factor to reducing inefficiencies. Yes, there is a compliance requirement which adds additional steps but the collateral benefit of collaboration helps business teams move faster — and with less risk. Ironically, AI regulation is an AI accelerator more than it is a brake on adoption.

Others also share that sentiment. According to another data leader at a large European medical equipment manufacturer, “The EU AI [Act] has been the best ally for data teams. Without it we'd have more difficulties getting topics on the table.” Take data and AI literacy, for example. The EU AI Act says that everyone in an organization needs training. Although many data leaders have felt like Sisyphus when it came to implementing data literacy programs, now — as of February 2, 2025, when the AI literacy requirement came into effect — the EU AI Act requires it: 

Providers and deployers of AI systems shall take measures to ensure, to their best extent, a sufficient level of AI literacy of their staff and other persons dealing with the operation and use of AI systems on their behalf, taking into account their technical knowledge, experience, education and training and the context the AI systems are to be used in, and considering the persons or groups of persons on whom the AI systems are to be used.

The bottom line is that “the EU AI Act will make us all reflect more about how we use the new tools.” Reflection is a good thing.