The corporate conversation around artificial intelligence is changing. In 2024, many companies were still testing tools, launching proofs of concept, and debating where generative artificial intelligence (Generative AI) might fit. By 2025 and into 2026, the tone has hardened. Senior leadership teams are now asking for evidence that AI can improve a defined process, support a measurable operating metric, and withstand scrutiny from governance, cybersecurity, and compliance. That shift is visible across multiple industry studies: adoption is still growing, but the pressure to prove value has clearly overtaken the excitement of experimentation.
McKinsey reported in March 2025 that more than three-quarters of surveyed organizations were already using AI in at least one business function. But the more important finding was not simple adoption. The report found that organizations beginning to generate bottom-line impact were redesigning workflows, assigning senior leaders to oversee governance, and tracking clear key performance indicators tied to return on investment. McKinsey also noted that chief executive officer (CEO) oversight of AI governance was among the factors most strongly correlated with higher self-reported impact on earnings before interest and taxes (EBIT) from generative AI use.
That is consistent with what other surveys are now showing. IBM said in May 2025 that only 25 percent of AI initiatives had delivered expected return on investment over the previous several years, while only 16 percent had scaled enterprise-wide. At the same time, 65 percent of surveyed CEOs said they were leaning into use cases based on return on investment, and 68 percent said their organizations had clear metrics to measure the return on investment of innovation. Those findings suggest a market moving from broad experimentation to selective deployment: fewer vanity projects, more scrutiny, and more pressure to connect AI spending to operating or financial outcomes.
Boston Consulting Group (BCG) described the same turn in more strategic language. The January 2025 AI Radar report said leading companies were allocating more than 80 percent of AI investment to reshaping key functions and inventing new offerings, rather than limiting spending to smaller productivity plays. BCG also said three-quarters of executives named AI a top-three strategic priority for 2025. That matters because it signals a change in sponsorship. AI is no longer being framed as a side experiment owned only by innovation teams. It is increasingly being treated as a board-level business program tied to revenue growth, cost discipline, and competitive positioning.
Deloitte’s enterprise research adds an important caution. Its year-end Generative AI series concluded that “organisational change only happens so fast,” even when technology moves quickly. Deloitte found that regulation and risk became the top barrier to development and deployment, rising 10 percentage points from the first quarter to the fourth quarter of 2024. The same research said organizations were focusing their deepest deployments on the functions most critical to industry success, and advised firms exploring agentic AI to begin with low-risk workflows, noncritical data, and human oversight. This is the practical middle ground now emerging in the market: leadership wants acceleration, but under controlled conditions.
The governance side of the story is no longer theoretical. NIST’s Artificial Intelligence Risk Management Framework (AI Risk Management Framework) and its July 2024 Generative AI Profile provide organizations with a recognized framework for managing trustworthiness, risk, and deployment controls. NIST’s guidance does not promise value on its own, but it does provide the discipline that many boards now expect: identifying risks early, mapping responsibilities, and aligning deployment choices with organizational priorities. In practice, that means AI programs are being judged not only by output quality, but also by traceability, data handling, model oversight, and the ability to explain decisions to auditors, regulators, customers, and internal stakeholders.
Recent KPMG findings show how tightly value creation is now linked to controls. Its Q4 2025 AI Pulse research found that 59 percent of enterprises expected measurable return on investment within 12 months, but it also reported that cyber, privacy, and data quality risks were intensifying as organizations scaled. In the accompanying 2026 PDF, KPMG said risk considerations, particularly data privacy and cybersecurity, were cited by 74 percent of respondents as the biggest challenge to demonstrating AI return on investment. The same report said half of the leaders planned to spend between $10 million and $50 million in the coming year to secure agentic architectures, improve data lineage, and harden model governance. In other words, responsible deployment is no longer a brake on the value of AI. It is becoming a precondition for it.
Boards are responding accordingly. KPMG’s Q4 2025 report said corporate boards were covering regulatory uncertainty, risk management processes, governance, trust in the accuracy and fairness of output, and workforce impact on a quarterly basis. NACD separately reported in July 2025 that more than 62 percent of directors now set aside agenda time for full-board AI discussions. Even allowing for differences in survey design, the direction is unmistakable: AI has moved from an information technology (IT) issue to a governance issue. The practical implication is that future funding will likely favor programs with named executive ownership, control frameworks, security review, clear workflow targets, and credible measures of payback.
For operators in telecom, utilities, customer care, field service, and other critical infrastructure environments, this shift has particular significance. These sectors operate under regulated processes, service-level commitments, and safety or compliance obligations, making undisciplined automation especially risky. That is why the strongest AI programs are increasingly centered on a few high-impact processes: service assurance, workforce coordination, customer operations, network planning, fraud detection, compliance monitoring, and similar areas where latency, cost, and decision quality can be measured. The emerging model is not “deploy AI everywhere.” It is “deploy AI where process redesign, governance, and measurable outcomes can reinforce one another.” That view is consistent with McKinsey’s emphasis on workflow redesign, Deloitte’s call for low-risk entry points with human oversight, and KPMG’s finding that trust-first architecture is essential to scale.
IBM captured the tension well in one of the clearest executive comments from this cycle: “CEOs are balancing the pressures of short-term ROI and investing in long-term innovation when it comes to adopting AI.” That balance is now at the center of enterprise decision-making. The companies most likely to win from AI may not be those that moved first, but those that learned to integrate executive sponsorship, process redesign, governance, and operating metrics into a single disciplined program.
The age of AI theater is ending. Boards and executive teams are not abandoning AI, but they are demanding that it behave more like any other serious business investment. That means tighter use-case selection, stronger governance, better security, clearer alignment with compliance, and hard evidence that AI is improving a material process. The pattern across current research is consistent: broad experimentation creates awareness, but disciplined execution creates value. Enterprises that treat AI as a governed operating model, rather than a loose collection of pilots, are better positioned to turn adoption into a durable return on investment.
