SAS has announced AI Navigator, a platform to help firms compile comprehensive AI inventories and align use cases with regulations ahead of August 2026 EU AI Act enforcement. Gartner warns that 40% of enterprises will experience incidents linked to shadow AI by 2030.
AI Governance  Cross-sector

A persistent governance problem has emerged across UK enterprise and financial services sectors: organisations cannot account for all the generative AI systems, large language models (LLMs) and open-source AI components deployed across their business. Gartner's recent analysis warns that by 2030, over 40% of enterprises will experience security or compliance incidents directly linked to unauthorised shadow AI—systems deployed without governance oversight, often by business units unaware of regulatory constraints. SAS's new AI Navigator platform is designed to solve this problem by providing a comprehensive inventory and lifecycle management capability for all AI assets.

The timing is critical. The EU AI Act, which regulates high-risk AI systems and mandates transparency around AI-generated content, enters enforcement phase in August 2026—just four months away. UK firms with EU operations or cross-border data flows face immediate obligation to map their AI systems against the Act's risk taxonomy. But the inventory challenge extends beyond European compliance. The FCA's principles-based approach to AI supervision requires that firms maintain clear visibility over AI use cases, understand the models' performance characteristics, and demonstrate human accountability for material decisions. Similarly, the ICO's AI and data protection guidance expects organisations to document data lineage through LLMs and identify privacy risks arising from model training on sensitive datasets.

AI Navigator's capability to track both proprietary models and open-source components addresses a blind spot in many organisations. Many firms deploy open-source models (such as Llama, Mistral or Falcon) in production environments without formal governance, sometimes unaware that these systems may have been trained on copyrighted data or contain embedded biases. The FCA's recent feedback from AI thematic reviews has flagged this as a material compliance risk. Coupled with tools such as Trovix Audit, which documents AI decision pathways and governance controls, Navigator enables firms to move from reactive breach-remediation mode to proactive compliance architecture.

The broader implication is that AI governance is becoming a foundational control, not a discretionary add-on. Firms that have not yet compiled comprehensive AI inventories—a survey earlier this year suggested this applies to over 30% of FTSE 100 firms—face accelerating pressure to do so. The cost of non-compliance is rising: the FCA has signalled willingness to take supervisory action against firms deploying AI without adequate governance, and the anticipated final AI rules for insurance and lending will codify these expectations into formal regulatory requirements.

Source: PR Newswire / SAS

Related Trovix product:

Book a demo →