I spent an evening this week in a room full of finance leaders, and we were, of course, talking about AI and how fast everything is changing. One idea kept coming up. "We don't know how to get our arms around AI on the governance and control side, so we're waiting for things to settle down." I understand the instinct. I also think it is the most expensive idea in finance right now.
Here is what that wait-and-see approach misses. Your best people are not waiting. They are already using AI you never signed off on, this week, on accounts you can't see. Verizon’s latest breach research found that among employees using AI on their work devices, most sign in with personal accounts, and only about 1 in 10 use a company login that anyone can monitor. Gartner found that roughly seven in ten organizations suspect or have already caught staff using tools they had explicitly tried to block. This is not a rollout waiting for your approval. It is how the work already gets done.
I want to say this clearly before anything else: that is mostly good news. The people moving fastest on AI tend to be your best people, the ones who adapt without being asked, and you want more of that, not less. So this isn't a warning about reckless employees or a case for slamming the brakes.
The mistake is waiting to put any structure around it until you feel like you have AI figured out. That instinct is reasonable, but it is risky.
Here is what can happen while you wait to see how the market settles.
Spend you can't see. A CFO at the event told me his monthly AI bill had jumped to a number that caught him off guard, and when I asked his run rate, he didn't have one. Nobody does yet. Pricing is still settling, and the spend is scattered across personal accounts and individual seats, so the meter runs in a dozen places you are not watching. In the moment, it's okay, we should be investing, and we should expect spending to increase, but at what point do we lose leverage internally and with vendors ot set boundaries?
People you can't move. The tools that let someone solve a real problem in an afternoon also build a solution only they understand and can access. The building itself is good and worth protecting. The analyst who builds her own data cleanup workflow is doing exactly what you want. The trouble starts when it stays private. One of the CFOs described a manager who had quietly become the single person able to run a system she had built herself. She had done nothing wrong, but the experimentation he wanted had turned into a dependency he didn't want because no one ever asked her to make something the team could run.
Numbers you can't trust. AI makes it cheap to paper over a bad number rather than fix why it is wrong. When a tool catches revenue booked twice, or a vendor still being paid on a dead contract, you can fix the source, or you can let the tool quietly clean it on the way out every month. The second costs almost nothing today, so most teams choose it. For as long as I have been in finance, the thing that forced us to fix a broken foundation was that the mess was visible and embarrassing. AI hides the mess.
Not to mention the security risk. When the only way your people can use AI is on their own, they WILL use it that way. Cisco found that nearly half of employees admit to feeding personal or non-public company data into public AI tools. And a prompt gives away more than a file does. “Review this contract and flag the terms that are bad for us,” doesn't just hand the contract over. It hands over your negotiating position. IBM’s latest breach study found that incidents involving unsanctioned AI ran around $670,000 higher than the rest. None of that is an argument against AI. It is the argument for giving people a sanctioned, supported way to use it, because the alternative to a safe tool isn't no tool. It is the same tool, with layered permissions, governance, and visibility into usage.
So you would think, especially at larger organizations, someone owns all of this. But it's not necessarily the case yet. IBM found that 63% of the breached organizations it studied had no AI governance policy at all, and where one exists, it is usually a committee, which is its own kind of no one. IT owns the tools, legal owns the contracts, and security owns the risk. But responsibility spread across five functions is not the same as having one person accountable, and the distance between the two is where all of this collects.
I would argue it belongs to finance more than anyone, because the bill arrives in our inboxes. The spend, the dependency on people who built meaningful "Ai moats" for themselves, the slow loss of numbers you can trace: none of it is really an IT problem. It lands on whoever signs the financials. The job is to ensure AI transformation adds up to something the company owns, rather than a fragile pile of things individuals built.
It doesn't take much. It takes a few decisions you can make now, while the structure is still soft enough to shape. Give people a sanctioned, supported way to use AI, so the good ones don't go around you. Make sharing the rule, so anything useful becomes the team's, not just one person's. Get a real number on what you are spending. And put one name, not a committee, against who owns how this goes.
So here is the question I would leave you with, the same one I put to that room. If someone asked who owns AI at your company, could you give them a name? Not a committee. Not “a few of us are looking into it.” One name. If you can't, that is the thing to fix this quarter, and you are the person to fix it. Decide who owns it before the business risk gets too great.







