UK firms fear AI data non-compliance amid new regulatory risks

More than half of UK companies are unsure whether the data produced by their artificial intelligence tools meets regulatory standards, raising concerns about the risk of significant financial penalties. This uncertainty emerges as organisations accelerate the deployment of AI but struggle to keep pace with attendant compliance and data management demands.

Compliance concerns

According to a new study involving 500 IT decision makers in the UK at firms with more than 250 employees, 51% say they are either 'not very' or only 'somewhat' certain their AI-generated data complies with regulations such as the General Data Protection Regulation. Many respondents report that rapid increases in data volumes stemming from AI adoption are making it harder to manage compliance obligations.

Most organisations polled are actively involved with AI: 88% are either running live projects or have completed some initiatives. Yet 64% of IT leaders worry that compliance will become even more challenging within the next three years as regulatory complexity continues to mount. Separate research by Splunk found that over a third of UK IT, engineering, and cybersecurity professionals have experienced significant negative effects from general compliance failures.

Data growth pressures

The survey highlights a notable data management strain. Over half of the IT leaders (56%) describe AI as driving an 'unmanageable explosion' in data volumes, while 33% believe AI is one of the primary causes of out-of-control data growth in their firms. Additionally, 60% report difficulties in processing and storing the larger datasets created by ongoing AI projects.

General data volumes across the surveyed companies have increased by 50% or more over the previous three years, according to 89% of respondents. However, one in three companies admit they currently lack an effective data management strategy to address this volume.

New regulatory hurdles

As international standards evolve, regulatory burden is already proving a significant operational challenge. Thirty percent of those surveyed identified the EU AI Act as one of the most substantial compliance challenges facing their teams - this despite the incoming regulation not yet being fully implemented. Compliance with EU rules will be critical for UK companies seeking to operate their AI systems in European markets.

Executive perspective

"There's no doubt that AI has huge potential to revolutionise workloads, scale human efforts, and become a core part of every business's future roadmap. But it also brings potential complexity, especially when it comes to ensuring compliance with evolving regulations, and overseeing how data is governed and secured," said Petra Jenner, GM & SVP EMEA, Splunk.

Jenner also noted the strides some businesses have made, with 47% of UK IT decision makers stating they are "very certain" about the data compliance status of their AI-generated information. Yet over half still express doubt, presenting ongoing business risk.

"Effective Data Management is key to building the visibility and control needed to support safe, scalable AI. The real differentiator won't necessarily be how fast companies adopt AI, but how well they embed trust, discipline, and compliance into every layer of their data strategy," said Jenner.