Solving AI Governance Challenges

LLMs and AI have gone from being a topic of discussion to becoming deeply integrated into every product. Privacy leaders must act quickly to develop and implement governance frameworks that help them deal with the complex privacy, security, and ethical considerations of this new reality.

At Bridge Privacy Summit 2025, Nishant Bhajaria moderated a discussion with AI governance leaders on how they solved AI governance challenges in their organizations and what best practices they learned in the process. Panelists included:

• Barbara Sondag - Senior Associate General Counsel, Intuit
• Shoshana Rosenberg - Chief Privacy Officer, WSP USA
• Jon Adams - Senior Director, Legal, LinkedIn
• Henri Kujala - Head of Privacy by Design & Responsible AI, Vodafone

What Does AI Governance Actually Mean?

AI governance is a set of policies and practices that guide the development and use to ensure AI is used responsibly and ethically. AI governance is more than a best practice or a compliance requirement; it’s a cross-functional effort that impacts data security, risk, product development, and corporate strategy. The panelists emphasized that AI governance needs to be treated as a broader organizational program rather than an isolated legal or compliance function.

AI Governance Impacts Every Business Function

Shoshana Rosenberg highlighted how AI governance affects data security, employee upskilling, client trust, and competitive positioning:

“The impact of AI on an organization requires monitoring and governance that far exceed the bar for legal compliance.”

“It has an impact on where your data is going... on where your employees are going... whether or not you're keeping up and giving them not just minimum literacy, but AI also offers the opportunity to upskill.”

AI Governance Must Have a Leadership-Driven Framework

Barbara Sondag emphasized the need for a structured governance framework with clear ownership:

“AI governance isn’t a standalone function, and it’s not just about risk mitigation. It’s an end-to-end process. From the data that goes into models to how outputs are used and who is responsible when things go wrong.”

“There’s got to be a framework and a governing body whether it’s a committee, an internal task force, or something else to ensure consistent decision-making across the company.”

AI Governance Must Be Embedded into Company Culture

Henri Kujala described AI governance as a cultural shift that needs to be ingrained into everyday workflows rather than treated as an afterthought:

“AI governance is a transformational program. It’s not a one-time fix. It has to be embedded into company culture.”

“We have to make responsible AI something that teams own themselves, rather than something imposed from the outside.”

Clear Ownership Prevents Fragmentation

Jon Adams warned that without strong leadership, different teams may interpret AI governance differently, creating inconsistency and confusion:

“If there’s no clear owner, you end up with different teams interpreting AI governance in different ways.”

“That leads to inconsistent policies, missed risks, and internal confusion. So whatever model you use, make sure there’s a leadership structure that keeps everyone aligned.”

How Can Businesses Govern AI in Constantly Innovating Environments?

With AI evolving faster than regulations, companies must balance governance with the need to remain competitive. The panel discussed the challenge of starting AI governance from scratch versus adapting it within an existing organization.

Building AI Governance While the Plane Is Already Flying

Jon Adams compared AI governance to building a plane mid-flight:

“We are building the plane while we’re flying it. The AI landscape is constantly evolving, and companies must adapt in real-time.”

“What worked six months ago is already outdated.”

AI Governance Must Be Integrated at the Product Level

Shoshana Rosenberg stressed the importance of embedding AI governance into every stage of product development:

“Governance should not be a layer you add later; it needs to be part of the product development lifecycle.”

Governance Must Be Flexible and Adaptive

Barbara Sondag explained why rigid frameworks fail:

“If your AI governance policies are static, you’ll be rebuilding them every time a new regulation comes out.”

“The best governance models are adaptable by design.”

How Can AI Itself Solve AI Governance Challenges?

With AI embedded in every business function, manual audits and risk assessments are no longer scalable. The panelists highlighted how AI tools can automate governance.

AI Can Monitor AI Systems in Real Time

Henri Kujala pointed out that AI can help govern AI:

“There are so many AI innovations out there that can also lend their hand into AI governance context as well.”

AI-Powered Documentation and Compliance

Jon Adams, emphasized AI’s role in automating governance:

“A lot of AI governance is about documentation, about process. AI can automate those efforts to track data usage and ensure compliance without slowing teams down.”

How Do Companies Scale AI Governance to Keep Up with Regulations?

With AI regulations constantly shifting, businesses must design governance frameworks that evolve alongside legal changes.

AI Governance Must Be Continuously Updated

Shoshana Rosenberg explained why AI governance is not a one-time implementation:

“Your KPIs for an AI governance program should be such that if it was not adapted over the course of a year, you did something wrong.”

Leadership Buy-In Is Essential for Scaling AI Governance

Barbara Sondag shared how her company, despite being over 40 years old, successfully integrated AI governance:

“For a company that’s 40+ years old, integrating AI governance wasn’t easy. But by making it a top priority at the leadership level, we ensured compliance keeps up without slowing the business down.”

How Can Teams Build a Culture of AI Governance?

The panel concluded that AI governance should not be a one-off compliance task but a continuous practice embedded into daily operations.

Make AI Governance Part of Engineering and Product Workflows

• Governance shouldn’t slow innovation; it should be built into the development process.
• Leverage existing workflows instead of creating standalone governance programs.
• Cross-functional collaboration between legal, product, engineering, and compliance is key.

AI Governance Should Be a Business Priority

The panelists agreed that the most successful companies treat AI governance as a core business function rather than a regulatory obligation.

Our major takeaway for you? 

AI governance is an ongoing process that leaders must prioritize, automate, and integrate across teams for efficient growth and innovation.

See the Full Discussion

Watch on YouTube or listen to it on The Privacy Corner podcast.