In a nutshell: Companies lose control over AI deployments not due to technology, but because their governance processes move slower than the speed at which employees productively use generative AI.
Employees adopt unauthorized AI tools far faster than companies can approve them. A Freshworks study reveals the paradox: 92 percent of IT leaders claim to know about all AI deployments, while 71 percent report unauthorized applications.
Shadow AI does not emerge primarily from deliberate rule circumvention, but from pragmatic reasons. Generative AI tools are available free of charge within minutes and immediately demonstrate productivity gains – summarizing information, content creation, automating routine tasks, and accelerating communication processes. Employees therefore no longer wait for official approvals. 79 percent of surveyed IT leaders confirm that unapproved tools have positive effects on productivity.
This fundamentally distinguishes Shadow AI from classic shadow IT. The immediate benefit is visible; when official systems are perceived as slower, more complicated, or less flexible, parallel structures emerge almost automatically. The EU AI Act intensifies the situation: companies are expected to deploy AI faster while simultaneously meeting increasingly stringent regulatory requirements. However, classical governance models were designed for significantly slower technology cycles.
At the same time, 86 percent of surveyed companies report negative incidents – erroneous results, insecure handling of sensitive data, compliance and data protection violations. Many respond with stricter policies and additional approval processes, but often reinforce the very problem. 72 percent indicate that existing governance platforms are too complex. Particularly large, grown enterprise systems like Salesforce require AI governance across numerous tools, approval processes, and integrations.
Purely restrictive governance no longer works. Instead, companies need clear, understandable rules, fast decision-making processes, and transparency about actually used tools. Equally important are secure and easy-to-use authorized alternatives that employees do not perceive as an additional burden. Loss of control is less a technological issue than an organizational one – governance requirements must be meaningfully integrated into existing workflows, not against them.
Source: www.it-daily.net · Published 25 June 2026
Lumi AI News — AI-assisted curation per Art. 50 EU AI Act. Paraphrase and classification via Lumi News Pipeline v1.7.1.