Survey warns of ‘blind’ AI deployment, calls for structured regulation

A new survey by consulting firm Alvarez & Marsal reveals a striking security shortfall among Indian businesses using Artificial Intelligence (AI). Across sectors such as banking & financial services (BFSI), technology, healthcare, manufacturing, and retail, roughly 81% of enterprises admitted they do not have effective tracking or monitoring mechanisms for their AI systems. 

Governance gaps, reactive approach

While many firms are experimenting with AI, governance frameworks remain weak; only about 60% have any kind of AI governance policy in place, and only 19% reported having mechanisms to mitigate data poisoning or robust data-integrity safeguards. 

Even in regulated verticals like BFSI, where data security and compliance are critical, governance was often found to be fragmented. A centralised AI oversight body responsible for inventory, approvals, or security monitoring is rare.

Security is often treated as a checkbox done before deployment; only 56% mandate a security review prior to rolling out AI tools. Post-deployment plans for continuous monitoring, risk assessment, or incident response are rare-to-nonexistent.

Why AI security is neglected

This low-risk perception, combined with the absence of regulation, has led to a reactive stance; businesses often wait for incidents to occur rather than proactively build secure, accountable AI systems. 

Call for regulation and structured oversight

The survey points out the importance of clear regulation, standard protocols, and centralised governance around AI use. Without this, many Indian businesses risk exposing themselves, and potentially customers, to data leaks, biased outcomes, or unreliable AI behaviour.

Mandated security controls, comprehensive inventories, and structured approval and monitoring processes could help close this gap, the survey suggested.