Excerpt from IT Brief Article, Published on November 13, 2025
Firms across the UK are becoming increasingly concerned about whether the data generated by their artificial intelligence initiatives meets evolving regulatory standards. According to a new survey of 500 IT decision – makers from organizations with more than 250 employees, over half of respondents said they are either “not very” or only “somewhat” confident that their AI – driven data aligns with requirements under the General Data Protection Regulation (GDPR) and upcoming AI – specific legislation. This insight reflects a growing sense of risk as firms expand their reliance on AI technologies.
The findings reveal that while 88% of surveyed organizations already have live AI projects or have completed them, 64% of IT leaders expect compliance challenges to intensify over the next three years. A major contributor to this concern is the sheer volume of data generated through AI. More than half of the firms surveyed view their data growth as “unmanageable,” while 33% say AI is directly responsible for accelerating this rapid expansion. As a result, many firms are struggling to scale their governance and oversight systems to keep pace.
The challenge extends beyond volume. Sixty percent of respondents report difficulties processing and storing increasingly large datasets, and nearly 90% say their data volumes have risen by at least 50% in just three years. This combination of fast AI adoption, uncontrolled data growth, and regulatory uncertainty is placing firms under pressure to strengthen their operational resilience.
Compounding the challenge is the forthcoming EU Artificial Intelligence Act, which 30% of respondents cited as a major compliance hurdle even before full implementation. The Act signals a shift in how regulators expect organizations to manage AI – related risks. As one executive noted, effective data management is essential to ensuring safe and scalable AI strategies.
For firms accelerating their use of AI, the pathway forward is clear: prioritize trust, governance, and compliance from the ground up. Waiting for regulatory enforcement may lead to costly future corrections.
To delve deeper into this topic, visit IT Brief.
