How to Get an Appropriate Return on AI

Appropriate return on AI – Artificial intelligence has completed the familiar journey of every major technology wave: from obscure academic concept, to vendor-driven hype, to inevitable boardroom agenda item. What makes AI fundamentally different, however, is not its technical sophistication but its governance challenge. AI does not fail because algorithms are weak; it fails because organisations struggle to embed AI into decision-making, accountability, risk management, and value creation.

Boards across Europe and beyond are asking the same deceptively simple question: how do we get a proper return on AI? Not in the abstract sense of innovation theatre, pilot projects, or impressive demos—but in the hard currency of operational resilience, financial performance, risk reduction, compliance, and strategic advantage.

This article reframes that question from a corporate governance perspective. It argues that AI return on investment (ROI) is not primarily a technology issue, but a governance design problem. Organisations that treat AI as a tool will underperform those that treat AI as an organisational capability governed end-to-end.

Why AI ROI So Often Disappoints

The empirical pattern is now unmistakable. Many organisations have invested heavily in AI initiatives—assistants, copilots, agents, predictive models—yet struggle to demonstrate sustained, scalable value. AI pilots succeed locally but fail to industrialise. Costs rise faster than benefits. Risks accumulate quietly.

The root cause is structural. AI initiatives are frequently launched in silos, outside core governance frameworks. They lack clear ownership, decision rights, escalation paths, and performance metrics. AI becomes an overlay on existing processes rather than an integrated part of how the organisation works.

From a governance standpoint, this mirrors earlier failures in ERP implementations, risk management frameworks, and ESG reporting. Technology is introduced without rethinking roles, controls, incentives, and accountability. The result is complexity without coherence.

The Governance Lens: AI as a Decision Infrastructure

To understand AI ROI properly, boards must shift perspective. AI should be viewed as part of the organisation’s decision infrastructure—the nervous system through which information is sensed, interpreted, and acted upon.

In traditional governance models, decisions are distributed across three layers:

Strategic decisions (board and executive level)
Tactical decisions (management and control functions)
Operational decisions (day-to-day execution)

AI touches all three layers simultaneously. This is precisely why governance becomes critical. Without clear orchestration, AI amplifies noise rather than insight.

A mature AI governance model therefore answers four fundamental questions:

Who decides what, and with which AI support?
Which AI systems may act autonomously, and under what constraints?
How are outcomes monitored, explained, and corrected?
How does AI integrate with existing internal control and risk frameworks (COSO, ISO, ERM)?

Only when these questions are addressed can ROI be meaningfully assessed.

Assistants, Copilots, Agents: Governance-Relevant Distinctions

One of the most common sources of confusion in AI programmes is conceptual ambiguity. Terms such as assistant, copilot, and agent are used interchangeably, while they represent fundamentally different governance profiles.

Assistants: Insight Without Action

AI assistants analyse data and provide recommendations. They do not act autonomously. From a governance perspective, assistants resemble advanced analytics embedded into decision preparation.

Their risk profile is relatively low, but their value is often underestimated. Assistants excel at identifying bottlenecks, anomalies, and optimisation opportunities across complex data landscapes. In many organisations, this alone already generates measurable ROI—provided recommendations are actually acted upon.

The governance challenge lies in adoption, not control. Boards should ask: are recommendations systematically reviewed, documented, and translated into decisions?

Copilots: Action With Human Oversight

Copilots go a step further. They retrieve information, reason within defined boundaries, and execute simple actions. This introduces operational leverage—and operational risk.

From a governance standpoint, copilots require clear rules of engagement: what may be automated, what requires approval, and how errors are detected. Copilots sit squarely within internal control frameworks. Their outputs must be auditable, explainable, and reversible.

Agents: Autonomous Outcome Delivery

Agents represent the most profound governance shift. They are designed to achieve outcomes autonomously, sequencing decisions and actions over time. This is where AI ROI can scale dramatically—and where governance failures can become systemic.

Agents demand explicit mandates, constraints, and monitoring. Without orchestration, agents may optimise locally while undermining global objectives. Governance here is not optional; it is foundational.

Orchestration: The Missing Governance Layer

The decisive factor separating AI experiments from AI value creation is orchestration. Orchestration technology does not replace assistants, copilots, or agents—it governs how they work together, across processes, systems, and people.

In governance terms, orchestration functions as a control layer:

It enforces decision logic and sequencing
It ensures alignment with policies and risk appetite
It creates traceability across AI-driven actions
It integrates AI into end-to-end business processes

Without orchestration, AI remains fragmented. With orchestration, AI becomes an organisational capability.

A Practical Case: AI in Operational Governance

Consider a service organisation facing declining customer satisfaction and rising costs. Data is abundant but fragmented across ERP, CRM, workforce, and supply chain systems.

An assistant identifies two primary drivers of dissatisfaction. A copilot resolves information bottlenecks at the customer interface. An agent restructures supplier scheduling autonomously. Orchestration ensures these interventions reinforce rather than contradict each other.

The ROI emerges not from any single AI component, but from governed interaction. Waiting times fall, costs stabilise, and management regains control.

This pattern is replicable across industries—from retail and healthcare to manufacturing and financial services.

Measuring AI ROI: Beyond Cost Savings

Boards often demand traditional ROI metrics: cost reduction, headcount efficiency, revenue uplift. These are necessary but insufficient.

A governance-informed AI ROI framework includes:

Decision quality improvement (speed, consistency, explainability)
Risk reduction (operational, compliance, reputational)
Control effectiveness (fewer manual overrides, better audit trails)
Scalability (replication across units and geographies)
Organisational resilience (ability to absorb shocks)

These dimensions align AI performance with board-level responsibilities.

Also read our blog on the Future of Finance: Identity, Instant, Intelligence.

The Board’s Role: From Approval to Stewardship

Boards should not approve AI investments as isolated technology projects. Their role is stewardship: ensuring AI strengthens, rather than undermines, governance.

Key board-level questions include:

How does AI integrate with our existing governance model?
Where does accountability sit when AI acts autonomously?
How do we ensure explainability for regulators and stakeholders?
How do we prevent AI-driven decision drift?

These are governance questions, not IT questions.

Conclusion: Appropriate Return Requires Appropriate Governance

The question is not whether AI delivers value. The question is whether organisations are governed to receive it.

An appropriate return on AI emerges when technology, processes, and governance mature together. Assistants, copilots, agents, and orchestration are not merely technical choices—they are governance design decisions.

Boards that recognise this will move beyond AI hype toward durable, defensible value creation. Those that do not will continue to invest—and wonder why the returns never quite materialise.

AI does not replace governance. It exposes it.

Read our overview blog on AI Governance Operating Models: Introduction – Bones Without Flesh Are Just Dust.

Boardroom Governance: Oversight, Accountability and Fiduciary Duty

Once AI systems begin to influence or execute decisions, they enter the domain of fiduciary responsibility. Boards can no longer treat AI as a delegated technical matter. Under corporate law, supervisory expectations, and emerging regulation, AI-enabled decisions remain human decisions—with humans accountable.

From a governance perspective, this has three immediate consequences.

First, decision ownership must be explicit. If an AI agent reschedules suppliers, reallocates inventory, or prioritises customers, the board must be able to answer a simple question from regulators or auditors: who is accountable for this decision logic? Accountability cannot sit with “the model” or “the vendor”. It must be assigned to an executive role, typically within operations, finance, or risk.

Second, oversight mechanisms must evolve. Traditional reporting cycles are too slow for AI-driven operations. Boards and audit committees need periodic insight into AI behaviour: exceptions, overrides, drift, and incidents. This does not require technical dashboards, but governance reporting that translates AI activity into business and risk language.

Third, fiduciary duty extends to restraint. Just because AI can automate does not mean it should. Boards must explicitly decide where autonomy is acceptable and where human judgment remains mandatory. This mirrors earlier governance debates around algorithmic trading, credit scoring, and automated compliance monitoring.

Read more in a nice OECD AI Principles overview on oecd.ai.

Regulatory Context: AI Governance Under the EU AI Act

The EU AI Act reinforces what governance professionals already know: AI risk is contextual. Systems used for operational optimisation carry different obligations than those affecting employment, creditworthiness, or safety.

For boards, the AI Act introduces three governance imperatives:

Classification discipline: organisations must know which AI systems fall into high-risk categories and why.
Control documentation: training data, decision logic, and monitoring procedures must be documented and defensible.
Human-in-the-loop clarity: the Act does not prohibit automation, but it requires meaningful human oversight.

Importantly, compliance alone does not create ROI. But weak governance guarantees value destruction through regulatory exposure, reputational damage, and forced remediation.

Read more in the official text of the EU Artificial Intelligence Act or the high-level summary of the AI Act.

Industry Deep Dive I: Manufacturing and ERP-Driven AI

In manufacturing environments, AI is increasingly layered on top of ERP systems to optimise planning, procurement, maintenance, and logistics.

Assistants identify inefficiencies in production schedules. Copilots adjust parameters within defined tolerances. Agents autonomously reschedule maintenance or supplier deliveries based on real-time signals.

The governance risk emerges when these layers are not aligned. A production agent optimising throughput may increase working capital or breach supplier contracts. Without orchestration, local optimisation undermines enterprise objectives.

Best practice organisations therefore embed AI into existing planning and control cycles, ensuring that financial, operational, and risk perspectives remain synchronised. ROI materialises not as spectacular breakthroughs, but as sustained margin improvement and reduced volatility.

Industry Deep Dive II: Financial Services and Decision Accountability

In financial services, AI already operates close to the core of fiduciary responsibility: credit decisions, fraud detection, pricing, and compliance monitoring.

Here, the governance lesson is stark. Institutions that treated AI as a black box faced supervisory pushback. Those that embedded explainability, escalation paths, and override controls gained regulatory trust.

ROI in this sector is inseparable from regulatory confidence. Faster decisions mean little if models must be withdrawn after supervisory review. Governance maturity becomes a competitive advantage.

AI ROI Maturity Model: From Experimentation to Institutional Capability

Organisations typically progress through four stages:

Experimentation – isolated pilots, unclear ownership, anecdotal benefits.
Adoption – functional deployment, limited controls, mixed results.
Integration – alignment with processes, emerging governance, measurable ROI.
Institutionalisation – AI embedded into governance, controls, and strategy.

Most organisations stall between stages two and three. The barrier is not technology, but governance redesign.

FAQ’s AI value creation governance

Appropriate return on AI Appropriate return on AI Appropriate return on AI Appropriate return on AI Appropriate return on AI Appropriate return on AI Appropriate return on AI Appropriate return on AI Appropriate return on AI Appropriate return on AI Appropriate return on AI Appropriate return on AI Appropriate return on AI Appropriate return on AI Appropriate return on AI Appropriate return on AI

FAQ 1 — Is AI ROI primarily a technology or a governance issue?

AI ROI is fundamentally a governance issue, not a technology issue. Technology determines what AI can do; governance determines whether those capabilities translate into durable value. Many organisations deploy technically sophisticated AI solutions that fail to deliver returns because decision rights, accountability, and escalation paths are unclear. AI generates insights or actions, but no one is explicitly responsible for outcomes when things go right—or wrong.

From a governance perspective, ROI emerges only when AI is embedded into existing structures for strategy execution, risk management, internal control, and performance monitoring. Without this embedding, AI remains an advisory overlay. It produces outputs, but those outputs do not systematically influence behaviour or decisions.

Boards often ask whether models are accurate enough, scalable enough, or advanced enough. The better question is whether the organisation is governed well enough to absorb AI-driven decisions. This mirrors earlier lessons from ERP implementations and enterprise risk management: returns follow disciplined governance, not technical sophistication.

Organisations that treat AI as governance infrastructure—rather than as software—see higher adoption, clearer accountability, and more predictable value creation. In that sense, AI ROI is less about innovation and more about institutional maturity.

FAQ 2 — How can boards oversee AI effectively without becoming technical?

Boards do not need to understand algorithms, model architectures, or prompt engineering to oversee AI effectively. Their responsibility is to govern decisions, risks, and outcomes—not code. Effective AI oversight translates technical activity into questions that fit naturally within existing board responsibilities.

The right oversight questions are therefore managerial and fiduciary: Which decisions are influenced or executed by AI? What happens if those decisions are wrong, biased, or inconsistent? How are exceptions detected and escalated? Who has authority to override AI-driven outcomes, and how often does that happen?

Boards should require periodic AI governance reporting, comparable to risk or internal control reporting. Such reporting should focus on incidents, overrides, model drift, regulatory exposure, and alignment with risk appetite. When AI oversight becomes part of regular governance rhythms—rather than a standalone innovation update—boards maintain control without micromanagement.

Crucially, boards should resist the temptation to delegate AI oversight entirely to IT or data teams. AI changes how decisions are made. That places it squarely within the board’s governance remit, regardless of technical complexity.

FAQ 3 — Can AI-driven decisions be audited in practice?

AI-driven decisions can be audited, but only if auditability is designed into the governance model from the outset. Many organisations attempt to retrofit audit trails after deployment and discover that key elements—decision logic, data lineage, or model changes—were never properly documented.

Effective auditability requires three conditions. First, traceability: AI-driven decisions must be logged, including inputs, outputs, constraints, and timing. Second, explainability: it must be possible to explain why a decision was taken in business terms, even if the underlying model is complex. Third, accountability: a named role must own the decision logic and its maintenance.

From an internal audit perspective, AI becomes part of the control environment. Auditors will assess whether controls around AI are well designed, consistently applied, and properly monitored. If AI sits outside the audit scope, organisations risk supervisory findings, remediation costs, and reputational damage.

Well-governed organisations treat AI like any other material decision system: auditable by design, not by exception.

FAQ 4 — Does automation increase or reduce organisational risk?

Automation both reduces and introduces risk. It reduces execution risk by increasing consistency, speed, and scalability. At the same time, it introduces new risks related to data quality, model error, bias, and loss of situational awareness.

Whether automation ultimately increases or reduces organisational risk depends on governance maturity. Strong governance ensures that automated decisions operate within defined boundaries, aligned with risk appetite and policy. Weak governance allows automation to amplify small errors into systemic failures.

Boards should therefore reject simplistic narratives that automation is either inherently dangerous or inherently safe. The relevant question is whether automation is governed. Are decision thresholds clear? Are exceptions visible? Is there a meaningful human-in-the-loop where judgment is required?

When automation is properly governed, risk-adjusted performance improves. When it is not, automation accelerates failure. In that sense, automation is a risk multiplier—positive or negative depending on governance quality.

FAQ 5 — How does AI interact with internal control frameworks such as COSO?

AI does not replace internal control frameworks; it operates within them. Under the COSO framework, AI affects all five components of internal control: the control environment, risk assessment, control activities, information and communication, and monitoring.

AI reshapes the control environment by changing roles and responsibilities. It introduces new risks—model risk, data risk, and dependency risk—that must be assessed explicitly. AI becomes part of control activities when decisions or actions are automated. It accelerates information flows, enabling faster reporting and alerts. Finally, it requires enhanced monitoring to detect drift, bias, or unintended behaviour.

Organisations that explicitly map AI systems to COSO components gain clarity and control. Those that treat AI as an external add-on weaken their control framework and create blind spots.

For governance professionals, AI should not be treated as a technological novelty, but as a new class of control mechanism—one that demands the same discipline as any other core system.

FAQ 6 — What is the single biggest governance mistake organisations make with AI?

The most common and consequential mistake is treating AI as a tool rather than as part of the governance system. When AI is framed as software, it is delegated to IT, innovation teams, or vendors. When it is framed as governance infrastructure, it becomes a board-level concern.

This mistake leads to unclear accountability, fragmented ownership, and insufficient oversight. AI systems then optimise locally, conflict with broader organisational objectives, or create unmanaged risk. ROI disappoints not because AI failed, but because governance did.

Organisations that correct this mistake early—by assigning ownership, embedding AI into decision frameworks, and aligning AI behaviour with risk appetite—unlock durable value. In AI, as in governance more broadly, structure precedes performance.

From AI Hype to Boardroom Value Creation