For a long time, “data governance” was the meeting nobody senior attended. It lived somewhere between compliance and IT infrastructure — important in theory, deprioritised in practice, and reliably absent from any conversation about innovation or growth. The people who cared about it were right. They were also, for years, largely ignored.
Then AI arrived at the enterprise doorstep, and suddenly everyone needed clean, trustworthy, well-documented data. The governance conversation, it turned out, had been the prerequisite all along.
Three Forces That Arrived at the Same Time
The shift in attitude toward data governance didn’t happen because executives had a philosophical awakening. It happened because three distinct pressures converged — and ignoring all three simultaneously stopped being an option.
The first was regulatory. Governments across the EU, the US, India, and beyond have progressively strengthened their expectations around data protection, privacy, and accountability. GDPR set the initial tone. What followed was a cascade — CCPA in California, India’s Digital Personal Data Protection Act, and the advancing EU AI Act — each adding obligations that sit, ultimately, on top of the data an organisation holds and how it is managed. Compliance without governance is an expensive fiction.
The second pressure came from inside the building. As enterprises began exploring AI seriously — not the pilot-project, proof-of-concept kind, but the “we need this to actually do something at scale” kind — they ran into the same wall, repeatedly. The models were fine. The data was not. Inconsistent formats, missing fields, undocumented lineage, conflicting definitions of the same metric across business units: these are not AI problems. They are data governance problems that AI simply made impossible to defer any longer. Bad inputs produce bad outputs. At the speed and scale AI operates, bad outputs become bad decisions, fast.
The third was reputational consequence. High-profile data breaches in recent years — across sectors from financial services to social media to telecoms — demonstrated with uncomfortable clarity that poor data governance is not an internal risk. It is a public one. The fines, the headlines, and the customer trust erosion that follow a significant breach have a way of focusing executive attention in ways that years of IT advocacy could not.
What “Taking It Seriously” Actually Looks Like
There is something quietly amusing about watching organisations discover data governance with the energy of someone who has just found a missing sock — slightly sheepish, extremely belated, and newly committed to not losing socks again.
The visible signals of this shift are real, though. Chief Data Officers are being appointed. Data governance councils — cross-functional bodies that link IT, legal, compliance, and business units — are being stood up. Policies around data access, data quality standards, and data lineage are being written and, more importantly, enforced. Budgets are being allocated with a seriousness that would have been unimaginable in earlier conversations about “data hygiene.”
The organisations doing this well are not treating it as a one-time compliance exercise. They are building governance as ongoing operational infrastructure — the kind of institutional capability that compounds in value the longer it is maintained.
Why This Is Foundational, Not Adjacent
The framing worth pausing on is this: data governance is not adjacent to analytics and AI capability — it is foundational to it. An organisation with strong AI tooling but weak data governance is a bit like a high-performance engine in a car with a broken fuel system. The potential is visible. The output is not.
The multiplicative effect runs in both directions. Poor governance constrains every analysis built on top of unreliable data, every model trained on inconsistently labeled inputs, every decision made from dashboards that different teams interpret differently because the underlying definitions were never agreed. Strong governance, by contrast, makes data a strategic asset — something the organisation can actually build on with confidence rather than use with caveats.
This also changes the economics of AI deployment. Organisations that invest in governance upfront reduce the rework, debugging, and model retraining that poor data quality generates downstream. The governance investment has a return. It is just a return that takes longer to see than a product launch, which is part of why it was deprioritised for so long.
The Lens Worth Applying
The pattern worth noting is in how the effective organisations are framing this internally. The ones making real progress have stopped presenting data governance as a compliance project with a finish line. They are presenting it as a business value enabler — demonstrating the link between better data governance and better decision quality, between higher data trust and more confident AI deployment, between governance investment and measurable business outcomes.
That reframing — from cost centre to capability — is what gets the conversation out of the IT backwater and onto the agenda where it now clearly belongs.
This thread connects directly to the broader question running through this series: AI readiness is not primarily a model selection question. It is a data foundation question. The organisations that will deploy AI confidently over the next several years are the ones building that foundation now, in the background, without fanfare — because governance rarely generates fanfare until its absence creates a crisis.
Has your organisation experienced the shift from governance-as-compliance to governance-as-capability — and if so, what actually moved the needle internally? The conversation between the IT case and the business case for this is one I suspect many teams are still navigating.
Let’s keep learning — together.
harish.balasubramanian 
Share your thoughts