What's moving in AI — and what it means for your business.

Australian directors say AI is delivering — but most admit the pace now outruns their organisation's capacity

More than half say the pace of AI change exceeds their organisation's capacity to absorb it · top-named concerns: AI misuse, cyber risk, regulatory burden

What happened: The AICD's Director Sentiment Index for the first half of 2026 found nearly two-thirds of Australian directors report AI has already delivered productivity benefits. At the same time, more than half say the pace of AI change now exceeds their organisation's capacity to absorb it, and they named AI misuse, cyber risk and regulatory burden as their leading concerns.

Why it matters: When directors themselves report a gap between how fast AI is moving and how fast their organisation can govern it, that is a board-readiness problem stated in the board's own words. The productivity benefit is no longer in dispute — the constraint has shifted to capacity and control, which is exactly where the next cycle's risk and value concentrate.

Gartner warns frontier AI labs offer boards weaker contract protections than their old software vendors

What happened: At Gartner's Sydney Data & Analytics Conference, analysts warned that frontier AI labs are offering enterprises weaker protections — on data, liability and uptime — than traditional enterprise software vendors. Gartner also noted that only 17% of companies have reached high AI maturity. The presentation framed the contract, not the model, as where AI risk is actually controlled.

Why it matters: AI is being bought at speed, often without the legal rigour applied to any other enterprise software purchase. When the vendor's standard terms offer thinner cover on data, liability and uptime — and the model itself can be changed or withdrawn — the contract becomes the board's primary control surface, not a formality to clear after the pilot.

McKinsey finds governance maturity — not tooling — is now the gate on agentic AI returns

~65% cite security and risk as the top barrier to scaling agentic AI · firms investing US$25M+ in responsible AI far likelier to report 5%+ EBIT impact

What happened: McKinsey's State of AI Trust 2026 reports average responsible-AI maturity rising to 2.3 from 2.0, but only about 30% of firms reaching level 3 or above. Around 65% name security and risk as the single biggest barrier to scaling agentic AI, and firms investing US$25M or more in responsible AI are markedly more likely to report EBIT impact above 5%.

Why it matters: The finding reframes governance from a compliance cost into the thing that determines whether agentic AI pays. The firms pulling ahead are not the ones with the best models — they are the ones that treat responsible-AI maturity as operating infrastructure, which is what lets them put agents into production at all. For boards, the implication is direct: the security-and-risk objection that stalls most agent programs is solved by investment in governance maturity, and that investment now correlates with EBIT, not just with audit comfort.

The US suspended foreign-national access to two frontier AI models on national-security grounds — model supply is now a sovereign-risk variable

What happened: The US government issued a directive suspending foreign-national access to Anthropic's newest frontier models, Fable 5 and Mythos 5, citing national-security grounds. It is the first time access to a leading commercial model has been restricted by export-control-style policy rather than commercial terms, and it lands in the same fortnight as a US executive order asking frontier developers to share models with government up to 30 days before public release.

Why it matters: For any organisation that has standardised on a single frontier model, this turns an abstract concentration risk into a concrete one: the availability of the model you build on can now move with geopolitics, not just with the vendor's commercial decisions. Continuity of model supply belongs on the enterprise risk register alongside the other single-supplier exposures boards already track — with a tested answer to what happens to critical workflows if access is interrupted.

KPMG shipped an AI report with 40 fabricated citations — and admitted no human verified them before publication

What happened: An agentic-AI report published by KPMG was found to contain only 5 correctly matched citations out of 45 — the rest pointed to sources that did not support the claim, or did not exist. KPMG confirmed no human had verified the references before publication; the citations had been generated by AI and shipped unchecked. The errors were surfaced by The Register and the detection firm GPTZero, which sells AI-detection tools — an interest worth noting when reading the finding.

Why it matters: AI-generated output now reads as authoritative whether or not it is correct, and a firm as established as KPMG put its name to fabricated references. For boards, this reframes AI assurance from a nicety to a control: any AI-assisted deliverable — internal, or from an external adviser — warrants the same verification discipline applied to a financial statement. The reputational cost lands on the firm that publishes, not the model that drafted.

An ASX-listed company signed a six-year deal for up to 40,000 NVIDIA GPUs on Australian soil — sovereign compute is being built, not just debated

72MW of new capacity added — 102MW of a 132MW pipeline now contracted · Sharon AI (ASX:SHAZ) shares rose roughly 25% on the announcement

What happened: Sharon AI (ASX:SHAZ) signed a six-year strategic compute collaboration with NVIDIA for up to 40,000 GB300 GPUs hosted in Australia, under a master services agreement valued at up to A$4.88B. The deal adds 72MW of new capacity, taking contracted capacity to 102MW of a 132MW pipeline. The company's shares rose about 25% on the announcement.

Why it matters: Frontier-model access became a sovereign-supply question this month when a foreign government switched off two leading models for non-US users overnight. Onshore compute is the supply-side answer: capacity that sits under Australian jurisdiction and contract. A deal of this scale, by a listed Australian company, signals that sovereign AI infrastructure is moving from policy aspiration to contracted reality — and gives boards a concrete reference point when they ask where their mission-critical AI dependencies physically sit.

Ventia is deploying ChatGPT Enterprise across safety, asset management and field operations — AI adoption reaches AU heavy industry

What happened: Ventia, an ASX-listed essential-services operator, has partnered with OpenAI to deploy ChatGPT Enterprise across its operations — spanning safety, asset management and field-operations workflows. Unlike the white-collar rollouts that have dominated Australian AI adoption so far, the deployment targets frontline and operational functions inside a heavy-industry services business. No contract value or productivity targets were disclosed.

Why it matters: Most enterprise AI adoption to date has concentrated in finance, professional services and the corporate office. A large operator extending it into safety-critical and field functions signals the technology is being trusted closer to physical operations — where the assurance, governance and accountability questions are sharper. For boards in asset-heavy or essential-services sectors, the question is no longer whether AI belongs in operations, but what controls sit around it when it does.

Superloop's AI agents resolved about 330,000 customer cases with no human — Australian agentic service has a hard number now

500,000+ interactions handled · about two-thirds fully self-resolved

What happened: ASX-listed telco Superloop reported that two AI service agents have handled more than 500,000 customer interactions, with roughly two-thirds — about 330,000 cases — fully resolved without a human. The disclosure landed the same week CBA chief executive Matt Comyn, speaking at an AFR event, flagged that companies will start scrutinising AI costs far more closely. No per-case cost or margin figure was published.

Why it matters: Australian agentic customer service has moved from pilot anecdote to a number a board can put in a paper. A self-resolution rate around two-thirds at half-a-million-interaction scale is a concrete benchmark for any service-heavy business weighing the same move. But the Comyn note is the other half of the signal: as deployments scale, the ROI question sharpens from 'does it work' to 'what does it cost per outcome, and where does the saving actually land'.

The ACTU and Microsoft signed Australia's first formal AI workers'-rights agreement — workplace AI is now an industrial-relations question

What happened: The Australian Council of Trade Unions and Microsoft signed what is described as Australia's first formal memorandum of understanding on AI and workers' rights, setting shared principles for how AI is introduced into workplaces. It lands alongside a wave of large Australian employers — among them AustralianSuper and Lendi — formalising senior AI accountability and building AI use into how staff are managed and reviewed.

Why it matters: AI deployment has just moved into the industrial-relations arena. For any large employer, how AI is introduced is no longer purely an efficiency decision — it carries enterprise-bargaining, consultation and reputational weight that boards are expected to oversee. The organisations setting the terms of workforce AI now are the ones least likely to be negotiating them under pressure later.

Meta accused Australia of breaching a free-trade deal over its AI rules — vendor dependency is now a trade-politics question

What happened: Meta invoked US trade-action language against Australia's AI-copyright and news-bargaining policy settings, accusing the country of breaching free-trade obligations. The move escalates a domestic regulatory dispute into trade-relations terrain between the two governments.

Why it matters: For boards whose operations depend materially on US-headquartered AI and platform providers, this adds a dimension to vendor risk that was not there twelve months ago: platform terms, access and pricing can move as a function of bilateral trade politics, not just commercial decisions. Concentrated exposure to an offshore platform is no longer only a continuity question — it is a sovereign-risk one, and it belongs in the enterprise risk register alongside the other concentration risks boards already track.

OpenAI shipped a 'Lockdown Mode' that blocks data exfiltration — the vendor is now acknowledging prompt injection as a real enterprise threat

What happened: OpenAI introduced a Lockdown Mode for ChatGPT that blocks outbound requests in order to stop data being exfiltrated through prompt-injection attacks. Independent security analysts noted that the feature's very existence implies the default configuration does not robustly protect against this class of attack — where malicious instructions hidden in content an AI tool reads cause it to leak data or take unintended actions.

Why it matters: AI assistants are increasingly wired into corporate email, documents and internal systems — which is exactly what makes prompt injection a board-level security concern, not a niche technical one. A vendor shipping an opt-in protection is an admission that the standard setting carries risk. The practical governance question is whether the organisation knows which of its AI tools can read untrusted content and act on it, and whether the safer configuration is actually switched on.

OpenAI and NextDC unveiled a ~$7bn Australian data-centre plan paired with a 1.2-million-worker training program

1.2 million-worker training program · Coles, Wesfarmers and CBA named founding partners

What happened: OpenAI and NextDC announced a roughly $7bn sovereign data-centre investment under a 'For Australia' initiative, paired with a national upskilling program targeting 1.2 million workers and naming Coles, Wesfarmers and CBA as founding partners. It sits alongside the existing Firmus/CDC/Nvidia sovereign-compute plans, adding both onshore capacity and a large-scale workforce-capability commitment from a frontier lab.

Why it matters: This pairs two things boards usually treat separately — where AI compute physically sits, and whether the workforce can use it. A frontier lab investing in onshore capacity and mass training at the same time resets the capability baseline every Australian enterprise is measured against. The gap between organisations that engage with this kind of infrastructure-plus-skills shift now and those that wait is the gap that compounds.

Researchers built a self-replicating AI worm that runs its own local model — bypassing every vendor safety control

Carries an open-weight model and runs it locally — so commercial AI safety guardrails never apply · Measured across 15 seven-day runs (arXiv 2606.03811)

What happened: University of Toronto researchers demonstrated a self-replicating AI worm that carries its own open-weight language model and runs it locally, spreading to an average of 20.4 of 33 test hosts per run while reading public vulnerability advisories at runtime to choose its targets. Because the model runs on the attacker's own machine, the safety controls frontier vendors build into their hosted models never come into play.

Why it matters: Most enterprise AI risk registers still lean on the assumption that vendor-side guardrails contain misuse. This is a working counter-example: the adversary's model is unaligned, local, and outside any vendor's reach. The board question shifts from 'is our AI vendor safe?' to 'does our threat model assume the attacker is using AI we cannot see or constrain?' — and for most organisations today, it does not.

Uber capped its AI-tool spending to control costs — 'tokenomics' and AI sticker shock are now a board-level discipline

What happened: Uber moved to cap employee usage of AI coding tools such as Claude Code in order to manage costs, according to Bloomberg — a sign that even sophisticated buyers under-estimated how AI spend would scale. The move lands as Australian enterprises have begun publicly flagging the same pressure, describing AI 'sticker shock' and the non-linear way token costs rise with task complexity.

Why it matters: The story of the last two years was whether AI works; the story now is what it costs to run at scale. Token spend does not behave like a fixed software licence — it scales with usage and with how hard each task is, which makes it easy to over-run a budget without a usage ceiling or cost governance in place. Boards that approved AI on a capability case now need a cost case: who owns the spend, what the unit economics are, and where the guardrails sit.

Telstra put its company-wide AI strategy under the General Counsel — not the technology team

What happened: Telstra elevated Dayle Stevens into an enterprise-wide AI strategy role covering its long-term AI agenda, regulation and governance — reporting to Group General Counsel Lyndall Stoyles. A second executive, Joanna Knox, took an expanded Data & AI remit spanning the company's Quantium and Accenture AI joint ventures under a single leader for the first time.

Why it matters: Where AI accountability sits on the org chart is becoming a visible board decision, and an ASX major has just placed it under Legal and governance rather than under technology. That structure says the binding constraint on AI is no longer capability — it is governance, regulation and risk ownership. Boards still treating AI as a CIO or CTO sub-topic should expect to be asked who owns AI outcomes at the executive table, and why that seat sits where it does.

Anthropic has filed to go public at a reported US$47B revenue run rate — the model layer is consolidating around a few capital-rich players

~US$965B reported post-money valuation · follows a US$65B Series H

What happened: Anthropic has confidentially filed a Form S-1 with the SEC, the first formal step toward a public listing, reporting a US$47B annualised revenue run rate and a reported post-money valuation near US$965B following its US$65B Series H. A private lab marking a secondary valuation is one thing; a company filing to go public, on a disclosed revenue run rate at that scale, is another — it puts a hard number on demand for frontier models and signals the model layer is concentrating around a handful of well-capitalised players.

Why it matters: For boards standardising on a model provider, this resets the question from 'will this vendor survive?' to 'this vendor is now durable infrastructure — what does that change?' Frontier capability is consolidating around firms with the balance sheets to keep funding it, which makes vendor durability less of a risk and capability concentration more of one. For mid-market organisations the practical lesson is the inverse of the headline: you do not win by out-spending the labs — you win by out-deploying, buying capability rather than building it.

Bain finds only 4% of large companies have captured real AI cost savings — the value gap is an execution problem, not a technology one

40% reported cost savings of 10% or less · Global AI spend forecast to reach US$2.59T in 2026, +47% YoY (Gartner)

What happened: Bain & Co. surveyed 951 companies with more than US$100M in revenue and found only 4% had achieved AI-driven cost savings above 30%, while 40% reported savings of 10% or less. Bain's own framing was blunt: the technology worked, but the value did not arrive. The finding lands as Gartner forecasts global AI spending will reach US$2.59T in 2026, up 47% year-on-year — meaning the gap is widening between what is being spent and what is being captured.

Why it matters: This is the sharpest evidence yet that the constraint on AI returns is execution, not capability. Models that work in a pilot do not translate to enterprise-level savings without disciplined implementation, accountable ownership and a value-capture plan. For boards, the question to put to management is no longer whether AI works — it is why the spend is not yet showing up in the numbers, and what concrete operating change closes that gap.

CBA is shipping its own AI agent to defend retail banking from OpenAI and Perplexity — the incumbent-defence playbook is now visible

What happened: Commonwealth Bank is rolling out a customer-facing AI agent, 'Companion', to its retail and small-business customers — explicitly framed as a defence against OpenAI and Perplexity moving into personal finance. The agent has already been tested by around 2,000 staff and 10,000 SMB customers, with full retail rollout flagged by the end of June. The largest Australian bank is treating a general-purpose AI assistant as a direct competitive threat to the customer relationship, not a back-office efficiency play.

Why it matters: This is the incumbent-defence pattern made concrete: a market leader building its own agent to keep a general-purpose AI from getting between it and its customers. Boards in adjacent sectors — insurance, superannuation, telcos, utilities — should expect to face the same question, because the threat is the same. The point of contact with the customer is now contestable by anyone with a capable assistant, and the defensive move is no longer optional once a peer has made it.

A reported US$45B compute deal between two AI rivals signals compute is now an asset class in its own right — separate from who owns the model

Runs to May 2029 · Two frontier-model competitors transacting on raw compute rather than models

What happened: SpaceX IPO filings surfaced a multi-year AI compute agreement between xAI and Anthropic, reported at roughly US$1.25 billion a month through May 2029 — about US$45 billion in total. Two companies that compete head-on at the model layer are nonetheless transacting at scale on the underlying compute, which is being committed in multi-year, multi-billion-dollar blocks like any other infrastructure asset.

Why it matters: Compute is detaching from model ownership and starting to behave like a tradeable infrastructure asset class — bought, sold and contracted independently of the AI products built on top of it. For any board or investment committee weighing AI exposure, that means the economics of compute supply, pricing and multi-year commitments now warrant their own line of inquiry, not just a view on which model to use. The scarce, capital-intensive layer is the one being locked up first.

A major Australian bank's own transaction data shows paid AI subscriptions up 145% in a year — most of it bought by staff, not boards

What happened: Westpac transaction data shows paid AI subscriptions among its customers grew 145% over twelve months. The number reflects what people are actually paying for — individual and team subscriptions to AI tools — rather than survey-reported intent. It is one of the first hard Australian demand signals drawn from real spending rather than vendor or analyst estimates.

Why it matters: Adoption inside most organisations is running ahead of the board's line of sight. When paid AI tools are being expensed across the business at this rate, the spend — and the data flowing through those tools — is already on the books, sanctioned or not. The board question is no longer whether to start using AI, but whether anyone can account for the AI already in use.

Salesforce's AI agents just crossed US$1.2B in recurring revenue — the 'agents aren't real revenue' debate is over

3.8B 'Agentic Work Units' delivered to date, +111% quarter-on-quarter · Over 50% of bookings came from existing customers · Slack's MCP integration passed 1M monthly active users within six weeks of launch

What happened: Salesforce reported Agentforce annual recurring revenue of US$1.2B, up 205% year-on-year, in its Q1 FY27 results. The company said it has delivered 3.8 billion 'Agentic Work Units' to date — up 111% quarter-on-quarter — with more than half of bookings coming from existing customers, and noted that Slack's MCP integration passed a million monthly active users within six weeks of launch.

Why it matters: This is the cleanest disclosure to date that agentic AI is generating real, recurring revenue at scale — and the cross-sell pattern (over half of bookings from existing customers) is the playbook every enterprise software board will now study. For boards still treating agents as an experiment to monitor, the framing has shifted: the question is no longer whether agentic AI produces returns, but whether yours does — and a 'wait and see' posture is now a decision with a measurable cost.

NVIDIA says the agentic AI inflection point has arrived — and US$725B of capex is being spent as if that's true

2026 hyperscaler capex tracking ~US$725B, +77% YoY across Microsoft, Alphabet, Amazon and Meta · Microsoft's AI business at a US$37B annualised run rate, +123% YoY · Grace Blackwell cited as order-of-magnitude lower cost-per-token

What happened: NVIDIA posted Q1 FY27 revenue of US$81.6B, up 85% year-on-year, with data-centre revenue up 92%; CEO Jensen Huang framed the result around a single claim — 'the agentic AI inflection point has arrived.' The result sits on top of confirmed 2026 hyperscaler capital expenditure of roughly US$725B, up 77% year-on-year across Microsoft, Alphabet, Amazon and Meta, and order-of-magnitude falls in cost-per-token from the latest hardware.

Why it matters: The infrastructure for an agentic future is being built at a scale and pace that is now locked in, not speculative. Agent capability is set to keep getting cheaper and more available, which means the competitive question shifts from 'can we afford this?' to 'is our operating model ready to use it?' Boards that cannot articulate an agent strategy as the cost of agent capability collapses are not being prudent — they are accumulating exposure to competitors who can.

Agentic AI just landed in a 300-seat Australian business — it's no longer an enterprise-only story

ISO/IEC 42001 positioned as the governance layer · The licence framed as the path from Copilot to full AI agents · IDC sizes the agentic AI market at US$7.6B (2025) growing to US$10.8B (2026)

What happened: Australian MSP blueAPACHE secured one of the first Microsoft E7 deployments outside large enterprise — a 300-seat mid-market customer — positioning the licence as the path from Copilot to full AI agents, with ISO/IEC 42001 as the governance layer. The deployment lands as IDC sizes the agentic AI market at roughly US$7.6B in 2025, growing to US$10.8B in 2026.

Why it matters: Agentic AI has been framed as a problem for organisations with enterprise budgets and dedicated AI teams. This deployment shows it arriving in mid-market businesses through the channel most of them already buy from — with a governance standard attached from day one. For mid-market boards, the 'we're too small for this' position is closing. The more useful question is whether you adopt agentic AI with the governance built in, or bolt it on after something goes wrong.

'Show me our shadow-AI register' is now a question your board can ask — and expect a real answer

Microsoft took Agent 365 to general availability with capabilities to discover and manage unsanctioned 'shadow AI' agents, including local ones · A Microsoft Purview connector now audits Claude Enterprise and Platform activity

What happened: The tooling to govern enterprise AI moved from roadmap to reality. Microsoft took Agent 365 to general availability and previewed capabilities to discover and manage 'shadow AI' agents — including locally run ones — and shipped a Purview connector that audits Claude Enterprise and Platform activity. Anthropic launched a Compliance API giving security teams programmatic access to conversation content and activity logs, with integrations across 28 platforms spanning DLP, SASE, SIEM, identity and AI observability — CrowdStrike, Palo Alto Networks, Okta, Wiz, Cloudflare and Zscaler among them.

Why it matters: Until now, 'how much unsanctioned AI is running inside our business?' was a question without a credible answer. That has changed. A board can now ask for a shadow-AI inventory and expect IT and risk to produce one, and enterprise AI can be pulled into the same control plane CIOs already operate. The barrier risk committees have cited is gone — which removes the excuse for not knowing, and makes 'we didn't have visibility' an increasingly hard position to defend.

WiseTech shows the real cost of handling AI workforce change badly — and it's commercial, not just reputational

590+ Australian technical staff signed a redundancy petition · DSV — a contract estimated at ~US$150M/year — abandoned the CargoWise platform · References to AI were reportedly removed from communications to China-based staff

What happened: WiseTech's AI-linked restructure — roughly 2,000 roles, about 29% of its workforce — turned into a public governance problem. More than 590 Australian technical staff signed a redundancy petition, staff publicly contested leadership over internal messaging about AI, and references to AI were reportedly stripped from communications sent to China-based staff. DSV, a customer on a contract estimated at around US$150M a year, abandoned the CargoWise platform during the period.

Why it matters: The cost of getting AI-linked workforce change wrong is not confined to industrial relations or media coverage — it shows up as customer attrition and lost revenue. For boards, this reframes AI adoption as a change-management and governance question before it is a technology one. How leadership talks about AI and people is now itself a material risk: the narrative, the sequencing and the transparency are governance decisions a board can be held to, not communications details to be delegated.

Qantas, CBA and Telstra are now publishing hard AI numbers — the Australian ROI evidence has arrived

Qantas: A$30M saved and an 86% domestic on-time rate from AI pattern-recognition tools (AFR) · Telstra: ~1M help-desk call-equivalents eliminated by an AI modem-restart system (AFR) · IAG: 92 production GenAI use cases, 2,000+ staff using AI daily

What happened: Australian enterprises stopped talking about AI potential and started publishing AI outcomes. CBA reported analysing roughly 100,000 free-text staff survey comments with AI, saving about 3,000 hours per survey cycle while keeping humans on the decisions. Qantas attributed an 86% domestic on-time rate and A$30M in savings to AI pattern-recognition tools. Telstra's AI modem-restart system eliminated roughly a million help-desk call equivalents. IAG reported 92 production generative-AI use cases built over two years, with more than 2,000 staff using AI daily in claims, fraud and service.

Why it matters: These are the local numbers to put in front of a sceptical board — concrete, attributable, and from organisations your directors recognise. They also reveal the pattern that makes them work: each is a bounded, well-governed use case with human judgment retained on the decision, not a wholesale handover. The companies posting these results did not pick a better model than everyone else. They solved the organisational and process design around it — which is the part that does not come in the box.

Google cut its top AI plan by ~20% at I/O — the 'wait for it to get cheaper' argument just expired

Gemini app past 900M monthly active users · Google now processing 3.2 quadrillion tokens/month, ~7x year-on-year · A new US$100/month tier added below Ultra

What happened: At Google I/O 2026, the headline was not a model — it was a price. Google cut its top AI subscription roughly 20% (AI Ultra to US$200/month), added a new US$100/month tier, and launched Gemini 3.5 Flash, which it positions as flagship-class quality at Flash-tier speed and cost. Google disclosed it now processes 3.2 quadrillion tokens a month — about seven times a year ago — and that the Gemini app has passed 900 million monthly active users.

Why it matters: The board signal is the price cut, not the model. Frontier-grade capability is commoditising on cost faster than most adoption roadmaps assume, which means the common boardroom hedge — 'let's wait for it to get cheaper and more capable' — is now an argument for acting, not delaying. The cost of capability is falling on a predictable curve; the cost of organisational readiness is not. The gap between the two is where the next 12 months of competitive separation will happen.

KPMG is putting Claude in front of 276,000 staff — the advisers your board relies on have already chosen their AI stack

Initial focus on tax clients and private equity · KPMG frames the rollout as proof of its ISO/IEC 42001-aligned governance · OpenAI's Codex moving into on-premises enterprise environments with Dell (4M weekly active developers)

What happened: KPMG signed a global alliance with Anthropic to roll Claude out across its entire 276,000-person workforce via the KPMG Digital Gateway, with an initial focus on tax clients and private-equity firms. KPMG positioned the move as evidence of its 10-pillar, ISO/IEC 42001-aligned governance framework operating in production. In the same week, OpenAI and Dell agreed to make the Codex coding agent deployable inside Dell AI Factory environments so enterprises can run it against governed on-premises data.

Why it matters: When a Big Four firm standardises a single frontier model across every employee, the advisory layer your board already pays for becomes AI-mediated by default — and you inherit that choice without having made it. The board question is no longer whether to adopt AI, but whether you know what your auditors and advisers are running, what happens to your data inside their tools, and whether your own AI posture is deliberate or simply absorbed from your suppliers.

Groq commits $459M to a Sydney AI inference cluster — Australian onshore frontier compute is now commercially real

Sharon AI + Cisco + NVIDIA 'AI Factory' at NextDC · 1,024 NVIDIA Blackwell Ultra GPUs onshore · Xero revenue +31% to NZ$2.8B · Salesforce Agentforce ARR +169% YoY to $800M

What happened: Groq committed $459M to an AI inference cluster at Equinix's Sydney data centre, positioning it as an APAC inference hub for low-latency frontier model serving. In the same reporting window, Sharon AI, Cisco, and NVIDIA jointly launched Australia's first 'Cisco Secure AI Factory,' housing 1,024 NVIDIA Blackwell Ultra GPUs at a NextDC facility under the National AI Plan's sovereign infrastructure push. The deployments follow CDC passing 1GW of contracted capacity and Amazon's Australian data centre arm posting $12B in revenue — a 50% year-on-year increase. The cumulative signal is that Australian onshore compute is no longer a planning assumption; it is operational infrastructure.

Why it matters: The data-sovereignty objection to AI deployment — 'we cannot use frontier AI because our data must leave Australian jurisdiction' — has lost its factual basis. Onshore inference at frontier-model performance is now commercially available in Sydney. For boards of regulated businesses in financial services, healthcare, and government-adjacent sectors, the sovereign-compute question can be settled in procurement rather than policy. The more important board question is whether the organisation's AI contracting, data governance, and vendor-selection frameworks are ready to evaluate and use this infrastructure before the procurement window narrows.

$376B of vertical SaaS put on notice as Claude ships three vertical launches in 100 days — legal, design, and SMB productivity markets repriced

Figma -7% on Claude Design · Thomson Reuters -18% on Claude legal · Intuit worst S&P 500 stock in early 2026 on Claude for Small Business · Anthropic revenue $9B → $30B run-rate in four months

What happened: In 100 days, Anthropic released three vertical product launches that re-rated incumbent SaaS stocks in real time. Claude Design (17 April) dropped Figma 7% and Adobe 2% in a single afternoon. Claude for Legal (12 May) with 20+ legal MCP connectors hit Thomson Reuters down 18% and RELX down 14%. Claude for Small Business (13 May) — wired into QuickBooks, PayPal, HubSpot, Canva, DocuSign, Google Workspace and Microsoft 365 — coincided with Intuit being one of the worst performing S&P 500 stocks in early 2026. Anthropic's revenue run rate moved from $9B at end-2025 to $30B by April 2026 — a trajectory driven primarily by enterprise and vertical deployment, not consumer subscriptions.

Why it matters: The unhobbling pattern is now systematic and accelerating — Anthropic is naming verticals, shipping packaged connectors, and the market is re-rating the incumbents within hours. Peter Diamandis's framework identifies six defensible moats against this displacement: customer relationships, proprietary data flywheels, trusted brand, physical-world integration, regulatory compliance, and network effects. The diagnostic question for any board reviewing its software portfolio is: can this vendor's entire value proposition be described in a prompt? If yes, the timeline for displacement is 12 months, not 5 years. Healthcare, real estate, and construction are identified as the next verticals in Anthropic's pattern.

ASIC orders every licensee to table its cyber-AI uplift letter at the risk committee — the same week APRA named AI vendor risk as the widest governance gap

ASIC letter to all AFSL/AFSR licensees · APRA — four AI governance failures named · AI accelerates threat speed, scale, sophistication · Board tabling required

What happened: On 8 May 2026, ASIC Commissioner Simone Constant issued an open letter to all Australian Financial Services Licence and Australian Financial Services Representative holders, requiring them to table the letter at their next risk governance committee meeting. The letter states that AI materially accelerates cyber threat speed, scale, and sophistication, and that boards must treat AI-driven cyber risk as a current, not future, governance obligation. Combined with APRA's 30 April letter to regulated banks, insurers, and super funds — which named AI vendor opacity in supply chains as the widest governance gap and linked it to the 1 July 2026 CPS 230 deadline — the two regulator interventions represent the most concentrated Australian board AI accountability push to date.

Why it matters: Two Australian financial regulators issued AI-specific board-level interventions within nine days of each other. APRA named four failure areas — cyber and information security, AI-specific governance frameworks, supplier risk, and change-management controls — and linked the last of these to a hard 1 July deadline under CPS 230. ASIC made the tabling obligation explicit rather than implicit. For regulated entities, both letters are now agenda items with delivery obligations attached, not reading material. For unregulated entities, the practical question is how long before their regulated customers and counterparties ask the same questions of them.

95% of Australian organisations deploy AI agents for sensitive tasks — only 52% govern their agent identities, the lowest rate of any country surveyed

95% deploying agents for sensitive security tasks · 50%+ of AU directors say AI pace exceeds organisational capacity (AICD) · Gartner: 33% of enterprise software will include agentic AI by 2028

What happened: A Semperis study published in May 2026 surveyed organisations across multiple countries on agentic AI governance. In Australia, 95% of organisations reported using or planning to use AI agents for sensitive security tasks — among the highest deployment rates globally. However, only 52% had AI agent identities fully registered in their identity governance systems, the lowest rate of any country in the survey. The finding aligns with independent data from the AICD's 1H 2026 Director Sentiment Index, in which more than 50% of Australian directors said the pace of AI change exceeds their organisation's capacity to manage it.

Why it matters: The governance gap is now measurable and the measurement is public. Deploying AI agents for sensitive tasks without registering their identities is the agentic equivalent of issuing admin access without an audit trail — and Australian organisations are doing it at the highest rate of any country studied. The ASD and APRA joint guidance issued on 6 May explicitly named agent-identity governance as a prerequisite for defensible deployment. Boards that have approved agentic AI programmes should ask, specifically, whether every agent identity is registered, whether access is governed by a least-privilege model, and whether there is a documented incident-notification process for agent actions.

Australian federal budget commits $70M to an AI Accelerator and establishes an AI Safety Institute — with voluntary standards replacing the proposed mandatory guardrails

AI Safety Institute established · Trials at ATO, National Library, NEPA, Veterans' Affairs · AI.gov.au SME guidance hub live · Mandatory high-risk guardrails dropped

What happened: The Australian federal budget handed down on 12 May included a $70M AI Accelerator via the Cooperative Research Centre programme, $105.9M for an AI environmental-assessment tool, and voluntary AI trials across several agencies. The government simultaneously established an AI Safety Institute. In the same policy cycle, the federal government confirmed it was abandoning the proposed mandatory AI guardrails for high-risk systems that had been flagged in the 2024 National AI Plan — reverting to a voluntary standards model and existing-regulator enforcement via the Privacy Act, Corporations Act, and APRA prudential standards.

Why it matters: The fiscal commitment signals government conviction but the number is modest relative to the rhetoric — $70M in a year when hyperscalers are committing hundreds of billions globally. More consequential for boards is what was dropped: Australia will not have sector-specific mandatory AI guardrails in the near term. That transfers the design problem from regulators to boards. The obligations that remain — under the Privacy Act ADM transparency framework, APRA's prudential expectations, and ASIC's governance requirements — have not softened. Boards that interpreted the voluntary pivot as a reason to defer governance work have misread the signal.

CDC passes 1GW contracted capacity after Australia's largest-ever data centre deal — the sovereign AI buildout is real

CDC total contracted capacity now >1GW · Infratil shares +20% to record $15.20 · Amazon AU data centre revenue ~$12B (+50% YoY)

What happened: CDC Data Centres, 50% owned by Infratil, signed a 555MW, 30-year contract with an undisclosed US investment-grade counterparty — the largest data centre commitment in Australian history — pushing CDC's total contracted capacity above 1GW for the first time. Infratil shares rose approximately 20% to a record $15.20 on the announcement. In the same reporting window, Amazon's Australian data centre arm disclosed revenue of approximately $12B, up 50% year-on-year, eclipsing growth in its e-commerce and standard cloud divisions. CDC and other operators have announced tens of billions of dollars in new commitment capacity over multi-decade horizons.

Why it matters: Australian AI infrastructure is being committed at a pace most boards are not tracking. The CDC deal signals that global hyperscalers view Australia as a long-term compute hub, not a satellite market — and a 30-year, 555MW contract is not a hedging position. For boards of regulated businesses asking whether Australian-onshore AI processing is operationally viable, the answer is now unambiguous. The data sovereignty objection to AI adoption — 'we can't use cloud AI because our data must stay onshore' — is no longer credible as a blanket position. The infrastructure is being built.

Every Australian government agency must appoint a Chief AI Officer by 30 June 2026 — the private sector question is next

Every federal agency · 500+ APS entities in scope · GovAI Chat rolling out mid-2026 · $225.2M GovAI programme

What happened: Under the Australian Government's National AI Plan, every APS agency must appoint a senior executive as Chief AI Officer by 30 June 2026. The role is to be filled from existing senior leadership rather than new hires. A GovAI AIDE coordination function will support cross-agency consistency, and a beta GovAI Chat platform — a secure, government-specific generative AI assistant — is rolling out from mid-2026. The $225.2M GovAI programme that funds this initiative includes $166.4M for platform expansion and agency AI capability. Microsoft has been publicly endorsed as a key delivery partner.

Why it matters: When the federal government mandates a new executive accountability role across more than 500 agencies in six weeks, private sector boards face a reflex question: if government considers AI governance serious enough to require a named, accountable executive, what does that say about our own accountability architecture? Most agencies will appoint the role without a clear mandate — creating immediate demand for the operating model design, the first-90-days plan, and the governance framework around it. Private boards should expect the same question from their investors, regulators, and major government customers within 12 to 18 months.

74% of AI economic value captured by 20% of organisations — and the frontier labs just moved into the deployment lane

AI leaders generate 7.2× more revenue/efficiency gains · +4pp profit margin advantage · OpenAI Deployment Company $10B at 17.5% guaranteed return · Anthropic enterprise JV $1.5B

What happened: PwC's 2026 AI Performance Study, drawn from 1,217 senior executives across 25 sectors, found 74% of AI economic value is captured by the top 20% of companies. That 20% uses AI for revenue growth and business reinvention, not just productivity — and generates 7.2 times more revenue and efficiency gains than peers, with profit margins four percentage points higher. In the same week, OpenAI finalised a $10B 'Deployment Company' joint venture with 19 private equity backers including TPG, Brookfield, Bain and Advent, guaranteeing investors a 17.5% annual return over five years — modelled on Palantir's forward-deployed engineer pattern. Anthropic simultaneously announced a $1.5B enterprise joint venture with Blackstone, Hellman & Friedman, and Goldman Sachs targeting mid-size companies.

Why it matters: The PwC figure gives every board a single, citable number for what the AI value-capture problem actually looks like: most organisations are funding the gains of the top quintile without sharing in them. The deployment-company announcements are the structural explanation for why — the frontier labs have now formally entered the implementation market with PE balance sheets behind them. An independent advisory position that is not compensated by any lab has become more valuable, not less, as buyers need someone whose incentives are not tied to the deployment of a specific model.

Three Australian operators report concrete AI dividends in one week — Qantas, Freehills, Deloitte

Freehills contract delivery 28 → 6 days · Deloitte AI to automate 30% of consulting tasks · $1B managed-services bet

What happened: Three Australian operators disclosed concrete AI economics in the AFR's 'AI Dividend' series in one week. Qantas reported $30M in annual savings and an 86% on-time rate — the best domestic result in nearly a decade — from real-time AI pattern detection. Herbert Smith Freehills cut contract delivery from 28 days to 6 days using Legora AI: 200,000 documents culled to 18,500 with an 80% time saving over manual review. And Deloitte committed $1B to its managed-services arm with the explicit forecast that AI will automate 30% of consulting tasks within three years.

Why it matters: The 'is AI hype' boardroom objection now has three Australian counter-examples — operations, professional services, and consulting — in a single week. Each reports a measurable result against a specific process, not a survey statistic. Deloitte's signal is the sharpest: when the firm whose business model is most exposed to AI commits $1B to restructure ahead of it, the question for the board is not whether AI changes their cost base, but whether their cost base will adapt fast enough.

EU AI Act high-risk obligations deferred 16 months to December 2027 — but GPAI enforcement still lands in August

GPAI Chapter V enforcement on track for 2 August 2026 · SME exemptions extended · watermarking grace period cut from 6 to 3 months

What happened: On 7 May the European Council and Parliament reached political agreement on the Digital Omnibus on AI. Annex III high-risk system obligations are deferred from 2 August 2026 to 2 December 2027 — a 16-month delay on the most contentious compliance lift. Annex I regulated-product obligations slip from 2 August 2027 to 2 August 2028. SME exemptions are extended to small mid-cap enterprises and a new Article 5 prohibition is added on AI-generated non-consensual intimate imagery. Critically, the Commission's supervision and enforcement powers over general-purpose AI providers under Chapter V are not deferred — they remain on track for 2 August 2026. Formal adoption by Parliament and Council is still required, intended before 2 August 2026.

Why it matters: The headline reads 'reprieve' but the structure has changed, not the destination. EU governance is splitting into two tiers: a tighter on-schedule regime for foundation-model providers from August, and a slower deadline for downstream high-risk users. For Australian boards selling into European customer pipelines, the procurement question is which counterparty side they sit on — and whether their AI risk frameworks will pass a 2026 GPAI counterparty review even before any local Australian rule applies.

An Australian court has put directors' AI use on the duty-of-care record — the model can assist, but it cannot displace judgement

What happened: In the Star Entertainment judgment (ASIC v Bekier), Justice Michael Lee observed that many directors are already using AI informally to prepare for board meetings, and pointed to the AICD's own resource on AI use by directors and boards. He held that AI may help directors cope with board-pack overload, but cannot displace the individual diligence and independent judgement the law requires — the duty of care is unchanged by the tool. It is the first time Australian case law has formally addressed directors' use of AI.

Why it matters: Directors now have to assume their AI use sits within the duty-of-care frame, not outside it. The governance question is no longer whether directors may use AI to prepare, but whether they can show that judgement remained their own — and whether the board can evidence how AI was used and where the human decision was made. Expect derivative actions to test this within the next 12 to 18 months.

Anthropic ships Managed Agents with overnight self-improvement — and confirms 17× YoY API growth

Managed Agents launched · 'Dreaming' overnight self-improvement · SpaceX Colossus capacity deal

What happened: On 6 May Anthropic's Code w/ Claude event launched Managed Agents — multi-agent orchestration with an 'Outcomes' delivery layer — alongside a new 'Dreaming' feature where production agents review prior sessions and self-tune overnight, and a deal to use SpaceX's Colossus data-centre capacity. API volume was reported at 17× year-on-year. Operator capture of the announcements via Simon Willison's live blog was the cleanest near-real-time source.

Why it matters: Self-tuning production agents change the SLA model for AI deployments. Versioned-release contract language does not contemplate models that improve themselves overnight against your data. The next AI services contract your board signs needs agent-class clauses — performance drift, change-control, evaluation cadence — not the model-class clauses written in 2024 and 2025.

ASD and APRA issue first joint Australian guidance on agentic AI — assurance practices flagged as not keeping pace

First joint ASD + APRA agent guidance · 88% of AU organisations expect agents to outpace safeguards (Rubrik) · supplier contracts lack audit rights and incident notification

What happened: On 6 May the Australian Signals Directorate and APRA jointly issued security guidance for agentic AI systems — the first co-authored Australian regulator intervention on AI agents. APRA flagged that assurance practices are not keeping pace with adoption speed, and that supplier contracts for AI services lack provisions for audit rights and incident notification. The guidance cites Gartner's forecast that 33% of enterprise software will include agentic AI by 2028, and Rubrik Zero Labs research that 88% of Australian organisations expect AI agents to outpace their existing security safeguards.

Why it matters: Australian boards now have an explicit prudential expectation to point to when prioritising agent-class controls — not just model-class controls. The contractual gap is the immediate exposure: most AI vendor agreements signed in the past 18 months do not contemplate agent autonomy, audit rights, or incident-notification triggers. That gap is now visible to APRA.

APRA warns Australian banks, super funds, and insurers their AI governance is failing — enforcement to follow

Banks · super funds · insurers · 'fragmented frameworks' · boards 'lack technical literacy to challenge management'

What happened: APRA issued its most pointed AI intervention to date. The prudential regulator finds governance, risk management, and operational resilience practices are failing to keep pace with AI adoption speed. Boards show 'strong enthusiasm' but lack the technical literacy to effectively challenge management on AI risks. Frameworks across operational resilience, cyber, privacy, and procurement are described as fragmented. APRA will take enforcement action where entities fail to manage AI risks proportionate to their scale.

Why it matters: This is the first time an Australian prudential regulator has used explicit enforcement language on AI governance. For boards of APRA-regulated entities, the AI governance question has moved from 'should we have a policy' to 'the regulator is watching and will act.'

Pentagon signs AI deals with seven Big Tech companies, freezes out Anthropic

OpenAI · Google · Nvidia · Microsoft · AWS · SpaceX · Oracle

What happened: The US Department of Defense signed AI integration agreements with seven Big Tech companies for classified military networks under a 'lawful use' framework. Anthropic was excluded after refusing to grant unrestricted Claude access for autonomous weapons and mass surveillance, and was formally designated a 'supply-chain risk.' Defense Secretary Pete Hegseth called Anthropic CEO Dario Amodei an 'ideological lunatic' before the Senate Armed Services Committee.

Why it matters: Until the exclusion, Anthropic was the only AI company approved for classified Pentagon work. Vendor safety stance has moved from a procurement footnote to a gating variable on government contracts. The same week the Pentagon said no, Anthropic overtook OpenAI in commercial revenue and surged to #1 on the US App Store on consumer backlash.

Alphabet Q1 — Google Cloud crosses $20B (+63%); capex raised to $180–190B

+63% YoY · Backlog $460B · Enterprise AI now primary growth driver

What happened: Alphabet revenue $109.9B (+22%). Net income $62.6B (+81%). Gemini Enterprise paid MAUs up 40% QoQ. First-party models processing 16B+ tokens/minute (+60%).

Why it matters: Cloud backlog nearly doubling QoQ means enterprise AI demand is accelerating, not plateauing. Capex raised to $180–190B signals confidence in sustained demand.

Anthropic overtakes OpenAI in LLM revenue and hits $1 trillion secondary valuation

31.4% LLM revenue share vs OpenAI 29% · $1T secondary valuation vs OpenAI $880B · Revenue per MAU $16.20 vs $2.20

What happened: Counterpoint Research Q1 2026 data confirms Anthropic now leads global LLM revenue at 31.4%, ahead of OpenAI at 29%. Anthropic hit $30B annualised revenue on 7 April 2026 (up from $9B at end-2025 — 233% quarterly growth), surpassing OpenAI's $25B. Over 1,000 enterprise customers spending $1M+ annualised, doubled in two months. Secondary market valuation touched $1T — a 163% premium over its February primary round.

Why it matters: The B2B/API-first model just passed the consumer-first model on revenue. Anthropic has 134M MAUs versus OpenAI's 900M — yet generates an order of magnitude more revenue per user. The default-vendor assumption for enterprise AI procurement is now empirically stale.

AWS Q1 — $37.6B (+28%), Bedrock tokens exceed all prior years combined

Bedrock tokens in Q1 > all prior years combined · Customer spend +170% QoQ · Trailing FCF collapsed 95% YoY to $1.2B

What happened: AWS grew 28% to $37.6B in Q1, fastest growth in 15 quarters. Bedrock tokens processed in Q1 exceeded all prior years combined. Customer spend on Bedrock grew 170% quarter-over-quarter. Capex hit $44.2B for the quarter. Trailing twelve-month free cash flow collapsed 95% YoY to $1.2B — driven entirely by AI capex.

Why it matters: This is the cleanest single-source proof that enterprise AI demand is accelerating, not plateauing. Bedrock's token volume reset is the strongest in-quarter signal that enterprise AI workloads are scaling. The free-cash-flow collapse confirms AWS is funding AI growth at the expense of near-term cash — a multi-year bet, not a quarter-to-quarter play.

Microsoft Q2 FY2026 — Azure +39%, Copilot reaches 15M paid seats

Azure +39% YoY · GitHub Copilot 4.7M subscribers (+75% YoY) · Capex $37.5B (~⅔ on GPUs and CPUs)

What happened: Microsoft Q2 FY2026 revenue $81.3B (+17%). Azure grew 39%. Copilot reached 15 million paid seats; GitHub Copilot has 4.7 million subscribers (+75% YoY). Capital expenditure $37.5B for the quarter, roughly two-thirds on GPUs and CPUs.

Why it matters: Copilot at 15M paid seats is the largest enterprise AI adoption surface to date. Microsoft's bet is that the workflow layer — Copilot in Office, Agent 365, governance — becomes the moat now that the model layer is multi-vendor.

Meta raises 2026 AI capex to $125–145B and announces 8,000 layoffs

8,000 jobs cut, 6,000 open roles cancelled · Q1 revenue $56.3B (+33%)

What happened: Meta beat on revenue but raised AI capex guidance and announced 8,000 layoffs alongside cancelling 6,000 open roles. Combined hyperscaler 2026 AI capex now sits near $650–725B across the four reporting companies.

Why it matters: AI investment is directly cannibalising headcount at the vendor level. Atlassian, Accenture, and other tech-forward companies are restructuring around the same dynamic. The workforce-redesign question has moved from hypothetical to operational.

OpenAI ends Microsoft cloud exclusivity; $100B AWS deal lands on Bedrock

Separate from existing $38B AWS-OpenAI agreement and Amazon's $50B equity stake · Bedrock Managed Agents shipped exclusive to AWS

What happened: Microsoft and OpenAI rewrote their seven-year partnership, capping revenue share and lifting cloud exclusivity. Within 24 hours, OpenAI's models landed on Amazon Bedrock, and a jointly-built Bedrock Managed Agents runtime shipped exclusive to AWS. The existing $38B AWS-OpenAI cloud agreement was extended by $100B over eight years (separate from Amazon's $50B equity stake from February 2026).

Why it matters: The 'OpenAI is a Microsoft business' frame is over. Boards that anchored their AI strategy to a single-vendor or single-cloud assumption now hold a stale plan. Procurement, security, and integration architecture decisions made in 2024 around OpenAI exclusivity need re-litigating.

Stanford AI Index 2026 — 89% of enterprise AI agents never reach production

$150K–$800K wasted per failed implementation · OSWorld benchmark up to 66% (from 12% in 2025)

What happened: Stanford's 2026 AI Index reports a stark gap between AI capability and enterprise deployment. Agents now perform at 66% on the OSWorld benchmark — within six points of human — yet 89% never reach production.

Why it matters: The failure mode is operational and economic, not technical. Data infrastructure, integration, governance, observability, and exception handling are where most enterprise agent projects break.

Microsoft commits A$25B to Australian AI infrastructure over five years

AU GPU/cloud capacity to expand 140% by end-2029 · Cyber + skills funding bundled · Anthropic Sydney office concurrent

What happened: Microsoft CEO Satya Nadella, in Sydney, committed A$25B over five years to Australian AI infrastructure, cybersecurity, and skills. Australian GPU and cloud capacity to expand 140% by end-2029. The announcement coincides with Anthropic opening a Sydney office and broader hyperscaler positioning in the AU market.

Why it matters: This is the largest hyperscaler commitment to Australia in any single investment cycle. For Australian boards, it changes the platform-routing calculation — Australian AI workloads can now be hosted in-country at scale, removing one of the largest barriers to local AI deployment.

Australia — ADM transparency obligations live 10 December 2026

Privacy and Other Legislation Amendment Act 2024 (Cth) · OAIC compliance sweep already underway

What happened: Privacy policies must disclose the types of personal information used in automated decisions, the kinds of decisions made, and the actions taken. Penalties up to A$66,000 per breach for non-compliant policies. The OAIC ran its first compliance sweep in January across six high-risk sectors.

Why it matters: This is the first material AI governance deadline most Australian boards will face. The window between now and 10 December is seven months — short for any business that hasn't yet inventoried its automated decisions.

Writer survey — 75% of executives admit their AI strategy is 'more for show' than guidance

79% face AI adoption challenges (up double-digit YoY) · 54% say AI is 'tearing their company apart' · Only 29% see significant ROI

What happened: Writer's 2026 AI Adoption Survey of 2,400 global leaders finds 79% report AI adoption challenges (up double-digit from 2025). 75% of executives admit their AI strategy is 'more for show' than guidance. Only 29% see significant ROI despite 97% claiming personal benefit. 60% of companies plan layoffs for employees who won't adopt AI.

Why it matters: The 'for show' admission is unusual — leaders rarely volunteer that their strategy is performative. Paired with Stanford's 89% production-failure rate and McKinsey's EBIT gap (only 39% see measurable impact), the diagnosis-first thesis now has three independent surveys reaching the same conclusion: most AI strategies are not actually strategies.

McKinsey — 88% of organisations have adopted AI; only 39% report EBIT impact

McKinsey State of AI 2025 · Four-firm consensus on the value-capture gap (McKinsey, BCG, PwC, Stanford)

What happened: McKinsey's State of AI 2025 reports 88% of organisations have adopted AI in at least one function, but only 39% report any measurable EBIT impact — and most of those report less than 5%. The gap between adoption and commercial impact is now a four-source consensus across McKinsey, BCG, PwC, and Stanford.

Why it matters: The headline gap is no longer adoption — it's translation. Tools are everywhere; commercial impact is concentrated in a small minority. For boards, the diagnostic question is which side of the EBIT gap their business sits on.