EY: CEOs Misjudging AI Concerns—Introducing a Nine-Point Framework and a Three-Step Plan to Restore Public Trust in Responsible AI

The study conducted by EY reveals a persistent and widening gap between what senior business leaders believe about public concerns surrounding artificial intelligence and what everyday consumers actually worry about. Executives often misjudge which AI issues matter most, risking misaligned investments and governance that undercut long-term enterprise AI success. EY proposes a robust framework built around nine core responsible-AI principles and a three-step leadership playbook designed to close the gap, strengthen trust, and turn responsible AI into a sustainable competitive advantage. The findings show that consumer anxieties—ranging from misinformation and manipulation to privacy and safety—outpace executive confidence by a wide margin, highlighting a concrete leadership challenge: translate public sentiment into governance, strategy, and accountable action. The report argues that intelligent alignment between executive views and consumer concerns is not merely ethical; it is essential for enduring value as AI technologies become more pervasive, capable, and autonomous. In response, EY lays out a structured pathway that organizations can implement to govern AI more effectively, safeguard stakeholders, and navigate a rapidly evolving landscape where agentic AI could alter decision-making and risk profiles. The stakes are high: misalignment threatens not only trust but also the strategic ROI of AI investments and the resilience of enterprises in a world increasingly shaped by AI-enabled outcomes. This article dissects EY’s findings, the proposed nine-point framework, and the three-pronged leadership approach, while weaving in practical implications for CEOs, boards, and senior leaders across industries.

The Gap Between Executive Perceptions and Public Concerns

EY’s research juxtaposes two distinct voices: the perspectives of senior executives responsible for shaping AI strategy and the voices of more than 15,000 consumers surveyed across 15 countries. The juxtaposition reveals a gap that, according to EY, was larger than anticipated. At the heart of this gap lies a misalignment about the issues that the public considers most consequential when AI is deployed at scale within enterprises. Executives tend to overestimate how much the public prioritizes certain risks while underestimating others that matter to real people in daily life. The data indicate a pattern: when it comes to responsible AI, ordinary people express concerns at roughly double the level of worry observed among CEOs on several critical dimensions. These dimensions include data accuracy, privacy protection, and the overall governance of AI systems.

The disconnect between leadership and public sentiment is not merely theoretical. EY argues that it has practical implications for how AI projects are selected, funded, and regulated within organizations. If boards and executives operate with an inaccurate map of public concerns, they risk prioritizing features, capabilities, or efficiencies that do not align with what customers, patients, or citizens actually fear or distrust. The consequence could be a misallocated capital expenditure, mispriced risk, and a governance posture that fails to earn sustained trust from stakeholders. The research also underscores that this mismatch bears economic consequences. As companies pour resources into AI technologies—particularly large language models and related tools—without anchoring governance in public concerns, they risk public pushback, regulatory scrutiny, or reputational harm that could erode the multi-billion-pound AI investment tide. EY frames this as a systemic issue, one that requires not just technical controls but a robust, values-driven governance framework.

The study also highlights a paradox in how public concern translates into risk perception. While media narratives heavily amplify topics like job displacement, the public’s top worries skew toward issues such as the potential for fake news generated by AI, manipulation, and the risk of exploitation of vulnerable individuals. This pattern suggests that public confidence rests less on macro concerns about employment disruption and more on the downstream consequences of AI-enabled content and influence operations. In light of this, EY’s findings contradict a common assumption that fear of automation is the primary public concern driving demand for tighter AI governance. Instead, the data show that what people care about most relates to trust, accuracy, safety, and the ethical use of AI in everyday interactions.

A striking statistic from EY’s consumer survey shows that even among those who are relatively comfortable with AI adoption, there is a persistent caution about how AI is used, who controls it, and how outputs are validated. The study notes a clear preference for transparent governance mechanisms, verifiable data integrity, and explicit accountability for AI-driven decisions. In short, consumers are not opposed to AI per se; they want responsible systems that operate under clear rules, meaningful human oversight where appropriate, and avenues to challenge or appeal outputs that seem unfair or unreliable. The escalation in concerns around misinformation, manipulation, and exploitation points to a broader demand for responsible AI that respects human rights, data sovereignty, and data protection, while maintaining the benefits of automation and advanced analytics.

EY’s empirical takeaway is that governance cannot be an afterthought or a checkbox exercise. It must be integrated into the core strategy, design, and deployment of AI systems. The three-layer insight becomes clear: executives must first understand public concerns with humility and accuracy, second, embed that understanding into the architecture and operations of AI programs, and third, openly communicate governance choices and safeguards to build trust with customers, employees, and the broader marketplace. These insights frame the subsequent sections, which describe the nine principles and the three-step plan designed to convert understanding into action and, ultimately, into sustainable enterprise AI success.

What executives often miss

• Executives may focus on capabilities and performance metrics rather than public concerns about data privacy, consent, and confidentiality.
• There is a tendency to equate “responsible AI” with compliance alone, rather than a holistic approach that encompasses ethics, fairness, and social impact.
• Leadership may assume consumer sentiment follows predictable patterns, underestimating complexity and regional variation in public priorities.
• There is a risk that confidence in existing governance controls becomes a false sense of security if systems evolve rapidly without ongoing oversight.
• Misalignment can lead to delays, budget overruns, and a lack of trust with customers and regulators, undermining AI-driven value creation.

From Overconfidence to Real-World Delivery

A recurring thread in EY’s findings is the overconfidence seen among mature AI adopters. For years, companies have raced to incorporate large language models and related AI capabilities broadly across functions—from customer service pipelines to financial planning and decision-support systems. Yet EY’s data indicate these efforts often rest on shaky foundations of public trust that have not been adequately earned or maintained. The misalignment becomes more pronounced as organizations scale AI deployments. Why does this happen? Because many enterprises treat AI implementation as a one-off event rather than a continuous journey of governance, risk management, and stakeholder engagement.

One tangible example involves job-loss concerns. Despite extensive media attention on automation and workforce displacement, both executives and consumers tend to rate this issue as relatively lower on their list of worries. In practice, this indicates a dissonance: the public is more preoccupied with how AI might generate misinformation or enable manipulation than with direct labor market impacts. This misalignment has strategic consequences. If senior leaders disproportionately emphasize automation narratives while neglecting the reputational and social risks associated with misinformation, they create a governance blind spot that can undermine trust and long-term acceptance of AI initiatives.

Cathy Cobey, EY’s Global Head of Responsible AI, describes AI implementation as a journey rather than a destination. She emphasizes that governance and controls must evolve in step with investments in AI functionalities. The notion of “one-and-done” deployment simply does not apply to AI, given the speed at which models are updated, data ecosystems expand, and new use cases emerge. This perspective is essential for understanding the path to responsible AI maturity: it requires continuous calibration of governance mechanisms, risk controls, and stakeholder engagement as AI capabilities intensify and proliferate.

EY’s analysis also reveals a persistent misalignment among organizations that consider themselves AI veterans. Among firms that claim to have fully integrated AI across operations, a substantial 71% of executives believe they understand consumer sentiment. In contrast, only 51% of executives at companies still learning to use AI feel they have that understanding. This discrepancy suggests that maturity in AI adoption does not automatically translate into clarity about public concerns. Moreover, the research shows that individuals newer to AI often align more closely with public opinion, signaling that early-phase teams may be more attuned to external expectations. Conversely, established teams show genuine concerns about privacy, security, and reliability—an alignment with consumer anxiety that is often underrepresented in traditional executive risk reporting.

A deeper takeaway is that leaders may assume public sentiment shifts quickly once AI is deployed and initial teething problems subside. EY argues that this is a flawed assumption. Public concerns do not automatically dissipate after the first deployment wave; they can resurface or morph as AI technologies become more capable and widespread. The consumer research confirms that there are substantial gaps between theoretical willingness to use AI and actual behavior, especially in sensitive domains such as banking and healthcare, where trust is inseparable from outcomes, data handling, and the ethics of algorithmic decision-making.

Another revealing datapoint is the prevalence of optimistic self-assessments about AI integration. Roughly one in three executives report that their company has “fully integrated and scaled AI solutions.” EY interprets this as a sign of wishful thinking rather than a literal description of reality. For all the enthusiasm around rapid AI adoption, the actual implementation demands more than technology: it requires overhauling business processes, retraining staff, and building robust data governance systems that ensure accuracy, accountability, and resilience.

The practical implications of overconfidence

• Overconfident leadership can misallocate resources toward shiny capabilities rather than enduring governance practices.
• It can create a false sense of security that current controls will withstand more powerful, autonomous AI systems.
• This misalignment can lead to a “gap in trust” that weakens customer relationships and invites regulatory scrutiny.
• Because responsible AI is not merely a compliance task but a market differentiator, overconfidence can erode competitive advantage over time.

The Reality of True AI Integration

EY emphasizes that real AI integration transcends the addition of new tools; it demands comprehensive organizational transformation. True integration requires rethinking and redesigning core business processes, aligning the workforce through retraining and upskilling, and instituting robust data governance frameworks that ensure data quality, provenance, and ethical use. The idea is not simply to deploy the latest chatbot or a predictive analytics module but to weave AI governance into the fabric of enterprise processes. This approach demands sustained attention to governance, risk, and stakeholder trust across the entire AI lifecycle—from data collection, model development, and testing to deployment, monitoring, updates, and eventual retirement of models or features.

EY points to a striking indicator of misalignment: a significant portion of executives who believe their organizations have fully integrated AI actually operate with governance and control gaps that leave room for risk. The discrepancy also highlights the complexity of measuring “integration” in a dynamic AI environment. It is not enough to declare AI tooling connected in a few business units; real integration means enterprise-wide alignment of data standards, governance protocols, accountability structures, and risk-informed decision-making that scales with AI-enabled capabilities.

The report also highlights a critical insight about consumer trust: even when organizations deploy AI systems, their leadership often assumes that the public’s readiness to accept AI outputs correlates with prior experiences and the initial success of the deployment. However, consumer trust is far more fragile and contingent on transparent governance, consistent performance, and visible safeguards. In sectors with high stakes—banking, healthcare, and public services—the need for rigorous governance is even more pronounced, as outputs can affect financial stability, health outcomes, and individual rights. To address this reality, EY’s framework calls for structural changes in how organizations conceive risk, governance, and accountability in AI programs.

The three-pronged framework that follows offers a concrete path from misalignment to responsible, scalable AI that earns public trust.

What true integration entails

• Reengineering processes to embed AI governance into daily operations rather than treating it as a separate program.
• Comprehensive retraining and ongoing upskilling to align staff competencies with evolving AI capabilities and governance expectations.
• Robust data governance architecture that ensures data quality, lineage, privacy, and consent across the AI lifecycle.
• Continuous monitoring, auditing, and red-teaming of AI systems to detect bias, drift, or unintended consequences.
• Transparent communication with stakeholders about purposes, data usage, safeguards, and decision rationales.
• Clear accountability frameworks that assign responsibility for AI outcomes at senior levels of the organization.

EY’s Nine Principles for Responsible AI Governance

In response to the identified gaps, EY presents a nine-point framework designed to address the fundamental shortcomings in current AI governance. The nine principles provide a structured map for organizations seeking to close the gaps between executive perception and consumer concerns, while establishing a solid foundation for responsible, trustworthy AI deployment. The principles span across accountability, data protection, reliability, security, transparency, explainability, fairness, compliance, and sustainability. Each principle is not a silo but an integrated element of a holistic governance regime that must be embedded across strategy, product development, operations, and governance bodies.

• Accountability: Establishing clear lines of responsibility for AI outcomes at the board and executive levels, ensuring that individuals and teams are answerable for performance, risks, and ethical considerations.
• Data protection: Implementing rigorous protections for personal information, maintaining confidentiality, and adhering to ethical norms in data usage and storage.
• Reliability: Ensuring AI systems perform consistently under diverse conditions and remain robust in face of data variability, adversarial inputs, and evolving use cases.
• Security: Building resilient defense mechanisms to protect AI systems from intrusion, tampering, and exploitation, safeguarding both data and model integrity.
• Transparency: Providing appropriate disclosure about AI system purposes, design, and governance so users can understand and evaluate outputs and decisions.
• Explainability: Making decision criteria and model behavior reasonably understandable and open to human review and challenge.
• Fairness: Assessing and mitigating impacts on all stakeholders to promote inclusive and non-discriminatory outcomes across demographics, geographies, and contexts.
• Compliance: Aligning AI practices with applicable laws, industry norms, and internal policies, while adapting to an evolving regulatory landscape.
• Sustainability: Embedding consideration of physical, social, economic, and planetary impacts throughout the AI lifecycle, guiding decisions toward sustainable outcomes.

The framework is designed to directly address consumer concerns and distill governance into actionable practices. In particular, data protection guarantees confidentiality and upholds ethical norms, while transparency and explainability enable users to understand how AI arrives at outputs and to scrutinize those outputs when necessary. EY also highlights that explainability must be paired with human oversight to ensure that outputs can be reasonably challenged and corrected when needed.

According to EY, most organizations currently exercise strong controls in only a fraction of the nine areas. The gap is especially pronounced in fairness and sustainability, where organizations often lack a holistic assessment of impacts on all stakeholders and the broader lifecycle implications. The analysis conveys that true responsible AI requires a governance ethos that permeates every stage of the AI lifecycle, not merely post-hoc compliance checks. The nine principles serve as a diagnostic and a blueprint for design, development, deployment, and governance, guiding organizations toward more trustworthy AI that aligns with public expectations and societal norms.

How the nine principles translate into practice

• Integrate accountability into governance structures: form a dedicated AI governance council and assign accountability across the C-suite, ensuring that AI risk, ethics, and performance are embedded in strategic decision-making.
• Implement rigorous data protection: classify data by risk, enforce access controls, and deploy privacy-preserving techniques to minimize exposure and ensure compliant usage.
• Guarantee reliability and resilience: adopt robust testing regimes, continuous validation, and red-teaming to mitigate drift and ensure that AI outputs remain stable and trustworthy.
• Fortify security postures: apply defense-in-depth, anomaly detection, and incident response planning to protect AI systems from cyber threats.
• Promote transparency and purpose disclosure: communicate the intended use of AI systems, the data sources they rely on, and the governance mechanisms in place so users understand the decision context.
• Ensure explainability and human oversight: provide human-interpretable explanations of model logic where feasible and enable human review to correct or override AI decisions when necessary.
• Build fairness into design and deployment: assess the effects of AI on diverse groups and implement mitigation strategies to prevent biases and unequal outcomes.
• Maintain regulatory and policy compliance: stay aligned with existing laws and be prepared to adapt to new regulations as the AI governance landscape evolves.
• Foster sustainability across the lifecycle: evaluate environmental, social, and economic impacts of AI initiatives and incorporate sustainability metrics into governance and performance dashboards.

EY notes that the current average level of controls across these nine areas is low, with many organizations needing to bolster governance in multiple domains. The emphasis on fairness and sustainability reflects growing attention to how AI affects people and the planet, not merely organizational efficiency. The nine principles are designed to be practical, with an emphasis on governance integration, measurable outcomes, and continuous improvement.

A closer look at governance gaps

• Many enterprises maintain strong controls in only three of the nine areas on average, underscoring the breadth of work required to mature responsible AI.
• The most acute gaps tend to be in fairness and sustainability, suggesting that organizations struggle to quantify and mitigate broader social and environmental impacts.
• The next wave of AI governance will be challenged by the advent of agentic AI—systems that can autonomously make decisions and take actions—which raises questions about risk management, oversight, and accountability at scales not seen before.
• Half of the executives surveyed say their current risk management frameworks will struggle to cope with more powerful, autonomous AI systems, signaling an urgent need to reimagine governance structures.

In short, the nine principles provide a comprehensive blueprint for closing the gaps between what executives think consumers want and what consumers actually require from responsible AI. The framework is intended to become embedded in strategy, product design, risk management, and board-level oversight, enabling organizations to build trust through transparent governance and demonstrable safeguards.

The Next Wave: Agentic AI and Governance Challenges

EY warns that the coming generation of AI, often described as agentic AI, promises the ability to make decisions and take actions with reduced or even minimal human oversight. This progression creates a new layer of governance complexity, because decision autonomy can amplify risk exposure in unpredictable ways. The report highlights that governance must evolve in tandem with capability, recognizing that more powerful AI will require more sophisticated oversight, not simply more rules or checklists.

When asked to rate their readiness for this next wave, many executives express concern. A significant majority—more than half—acknowledge that their current risk-management approaches are unlikely to keep pace with these more capable systems. In this context, it becomes clear that the status quo will not suffice. Organizations cannot rely solely on traditional controls or on reactive compliance strategies; they must adopt forward-looking governance that anticipates advanced capabilities and ensures accountability even when AI operates with a degree of autonomy.

EY emphasizes that the challenge is not merely technical, but also organizational and cultural. It requires creating governance entities that can function as a continuous feedback loop across business units, data teams, engineering groups, risk and compliance offices, and executive leadership. The aim is to ensure that autonomous AI decisions remain aligned with organizational values, comply with regulatory expectations, and uphold consumer trust. This shift demands new roles, new governance processes, and new performance metrics that reflect the realities of agentic AI.

Implications for risk management and governance

• Organizations must rethink risk registers to include autonomous decision-making risks, including unintended consequences, loss of control, and systemic risks arising from interconnected AI-enabled processes.
• Oversight mechanisms must become more dynamic, capable of continuous monitoring and rapid intervention when AI behavior deviates from expected patterns.
• There is a need for stronger, more transparent governance reporting to boards and to regulators, with clear escalation paths for AI incidents or near-misses.
• Training for leadership and boards should incorporate scenario planning for high-autonomy AI systems, helping executives understand potential failure modes and the triggers for governance intervention.
• Data governance must be tightened to ensure explainable data provenance and to support auditing and accountability, even when AI operates with a degree of autonomy.

CEO Alignment and the Leadership Gap

Among the leadership ranks, EY finds a notable discrepancy: CEOs display better alignment with consumer concerns than many of their board colleagues and other senior executives. This alignment manifests in several ways. CEOs appear to be more in tune with public sentiment regarding responsible AI and are less likely to claim that their organizations have flawless controls. The data suggest that CEOs typically take greater ownership of AI strategy than any other role, with about half of CEOs indicating they bear primary responsibility for AI strategy, more than all roles except the Chief Technology and Information Officer.

This pattern points to a broader communication challenge within organizations. If CEOs understand the public concerns but other executives do not, the problem may lie in inadequate cascading of concerns through the organizational architecture. The agency to translate public sentiment into governance, product design, and risk management often stalls when senior teams fail to translate concerns into concrete, cross-functional actions. A misalignment at mid- and lower-level leadership layers can undermine the CEO’s strategic intent and erode trust among customers and employees who expect consistent messaging and governance practice across the organization.

EY’s findings also highlight that CEOs’ direct engagement with customers is more pronounced than that of many other senior leaders. This exposure provides CEOs with deeper, firsthand insights into consumer attitudes, experiences, and expectations. The practical takeaway is that CEOs, as primary strategy owners, can benefit from channeling their insights into enterprise-wide governance reforms, ensuring that concerns—whether about privacy, safety, or fairness—are explicitly addressed in development roadmaps, risk dashboards, and board-level discussions.

Implications for leadership development and governance

• Elevate cross-functional governance to ensure that insights from customer-facing roles reach the C-suite and board in a timely, actionable manner.
• Strengthen the board’s capacity to oversee AI governance, ensuring that directors understand consumer concerns and can challenge management on alignment and risk.
• Build internal communication structures that cascade the concerns of customers and the public to all levels of the organization, enabling consistent, accountable action.
• Develop leadership development programs that emphasize responsible AI, data ethics, and public-facing governance to align strategic intent with practical governance execution.

EY’s Three-Step Solution: Listen, Act, Communicate

To translate insights into action, EY proposes a three-step approach that extends beyond traditional risk management. The goal is to create a dynamic governance model capable of adapting to increasingly capable AI systems while preserving public trust.

Step 1: Listen — Expose the entire C-suite to customer voices. This involves moving leaders who may not regularly interact with customers—such as CTOs and CIOs—into more customer-facing environments. EY suggests embedding these leaders in customer-focused experiences, including participation in focus groups and direct exposure to customer surveys. In healthcare contexts, EY recommends that senior executives spend time in clinical settings to observe patient interactions and understand how AI touches real human needs. The intent is to generate empathy, deepen understanding of consumer concerns, and keep governance anchored in actual user experiences rather than abstract risk assessments.

Step 2: Act — Integrate responsible AI across development processes. Rather than treating responsible AI as a compliance checkpoint, companies should embed it as a core element of innovation. This means advancing beyond regulatory parity to embrace human-centric, responsible design as a continuous practice. Building on existing practices such as human-centered design and A/B testing, organizations should formalize a “human-centric responsible AI design” discipline that guides how products are ideated, developed, tested, and refined. The emphasis is on anticipating customer concerns and addressing them proactively within the design process, rather than reacting to issues after deployment.

Step 3: Communicate — Treat responsible AI as a differentiator, not a burden. EY argues that transparent, responsible AI practices can become a competitive advantage. Firms that openly share their safeguards, governance processes, and risk management approaches with customers can differentiate themselves from competitors who remain silent about their AI policies. Transparent communication helps build trust, enabling users to understand the safeguards in place and the rationale behind AI-driven decisions. The three-step approach thus weaves listening, action, and communication into a cohesive governance cycle, ensuring that public concerns inform design and that governance choices are visible and explainable to stakeholders.

Practical execution of the three steps

• Create structured programs to gather customer insights at the executive level, ensuring that those insights directly inform AI strategy and risk management plans.
• Integrate human-centric design principles into product development, with explicit milestones for evaluating consumer concerns at each stage of the AI lifecycle.
• Establish clear governance communication plans, including public-facing explanations of AI governance principles, safeguards, and accountability mechanisms, while maintaining compliance with regulatory requirements.

The Competitive Opportunity in Responsible AI

EY’s research reframes responsible AI from a compliance burden to a strategic differentiator with meaningful competitive value. The EY Responsible AI framework has already received recognition within the industry, underscoring the credibility of its approach to governance and transparency. The central idea is that by openly addressing consumer concerns and implementing robust safeguards, organizations can cultivate trust and strengthen brand integrity. In a market where consumers are increasingly aware of AI’s potential risks, being transparent about governance can differentiate a company’s products and services. The study suggests that a proactive stance on responsible AI—anchored in governance, openness, and accountability—can translate into tangible business advantages, including customer loyalty, improved risk posture, and better alignment with regulatory expectations.

Cathy Cobey reiterates a core message: maintaining trust and confidence in AI requires ongoing consumer and leadership education. The board and senior leadership must remain engaged with evolving AI risks and governance responses to preserve public trust. When organizations demonstrate a credible, consistent commitment to responsible AI, they can differentiate themselves in a crowded market, earn a reputation for reliability, and reduce the likelihood of reputational harm that could accompany missteps in AI governance. By leading with transparency and robust safeguards, companies can position themselves as trusted AI partners for customers, shareholders, and regulators alike.

This framing also implies that responsible AI can be a strategic asset. Companies that embody responsible AI principles in branding, product design, and customer experience can shape consumer expectations and influence market norms. In other words, responsible AI becomes part of a company’s value proposition, a pillar of its competitive strategy rather than a compliance cost. The framework’s appeal lies in its practical applicability across industries, aligning governance with business objectives and customer expectations in a way that can be measured, audited, and refined over time.

The mechanics of turning governance into competitive advantage

• Build a credible governance story that can be communicated clearly to customers, investors, and regulators.
• Align product strategy with responsible AI principles to ensure that new features and services meet robust ethical and safety standards.
• Develop metrics and dashboards that demonstrate progress on governance, data protection, fairness, and sustainability.
• Invest in transparency-driven communications that describe safeguards, governance structures, and decision processes in accessible terms.
• Monitor public sentiment and regulatory developments to adapt governance practices proactively rather than reactively.

Implementing the Nine Principles: A Roadmap for Practice

Translating EY’s nine principles into concrete organizational practice requires a deliberate and structured implementation plan. Organizations should treat the nine principles as a comprehensive governance blueprint that informs strategic planning, risk management, product development, and corporate communications. The roadmap should include assignment of responsibilities, development of metrics, governance forums, and ongoing training to embed responsible AI into the company’s culture.

Key implementation elements include:

• Governance integration: Establish a dedicated AI governance function with representation from risk, legal, compliance, technology, product, and operations. This function should report to the board or a senior committee with regular updates on AI risk, performance, and safeguards.
• Data governance enhancements: Implement data-quality controls, data lineage, and privacy safeguards that ensure data used by AI systems is accurate, secure, and ethically sourced. Establish data stewardship roles to maintain accountability for data across the enterprise.
• Fairness and impact assessments: Develop standardized frameworks for evaluating the social and environmental impacts of AI systems, including disparate impact analyses and stakeholder engagement plans.
• Transparency and explainability programs: Create explainability frameworks that provide meaningful, human-readable insights into model decisions, along with channels for user feedback and grievance redress.
• Compliance readiness: Align AI practices with existing laws and emerging regulations, and create a posture for proactive regulatory engagement, including periodic audits and independent reviews.
• Sustainability integration: Integrate lifecycle considerations into governance dashboards, including environmental impact, resource usage, and long-term societal implications.
• Training and culture: Launch ongoing education programs for executives, managers, and staff that cover ethics, governance, risk, and responsible AI practices. Encourage cross-functional collaboration to build widespread understanding and buy-in.
• Measurement and continuous improvement: Define clear KPIs for governance quality, risk reduction, user trust, and outcomes. Use iterative improvement cycles to refine governance practices based on audits, incidents, and stakeholder feedback.

Practical steps for different organizational roles

• Board and senior leadership: Prioritize oversight of AI ethics, risk, and governance; ensure resources and governance structures are aligned with strategy.
• CIO/CTO and Data teams: Build robust data governance, model monitoring, and risk-scoring capabilities; ensure alignment with business goals and customer needs.
• Legal and compliance: Develop playbooks for regulatory changes, privacy protection, and accountability protocols; maintain documentation for audits and reviews.
• Product and customer-facing teams: Integrate responsible AI design into the product lifecycle; incorporate customer feedback into iterative improvements.
• Communications and investor relations: Craft clear narratives around responsible AI practices, governance safeguards, and outcomes to build trust with stakeholders.

The Role of Public Trust as a Strategic Asset

The research underscores an essential truth: responsible AI governance is not merely a risk mitigation activity; it represents a strategic opportunity to differentiate brands, build trust, and create lasting competitive advantage. When organizations are transparent about their safeguards and governance processes, they position themselves as trustworthy partners in a market where AI is increasingly central to product experiences and operational decision-making. The EY framework has been recognized for its impact on AI transparency and responsibility, illustrating that robust governance can translate into meaningful recognition and differentiation within the industry. In practical terms, responsible AI practices can help reduce the risk of reputational damage, regulatory penalties, and outcomes that fail to meet customer expectations.

Trust is not a one-time achievement but a continuous, evolving process. It requires regular education for customers and leadership, clear governance narratives, and ongoing demonstration of responsible behavior. The competitive edge emerges when organizations consistently demonstrate that they will not only innovate with AI but do so in ways that protect users, uphold privacy, ensure fairness, and consider sustainability across the lifecycle. This combination of transparency, accountability, and practical safeguards can help forge durable relationships with customers, employees, and the broader ecosystem of partners and regulators.

The practical upside of trust

• Better customer retention and loyalty due to transparent governance and reliable AI outputs.
• Improved risk posture with dynamic monitoring, rapid incident response, and proactive governance.
• Regulatory readiness and smoother interactions with policymakers, regulators, and standard-setting bodies.
• Stronger employer branding and talent attraction as organizations become known for responsible AI practices.
• A marketplace advantage by differentiating products and services through clear, verifiable governance.

A Practical Roadmap for Businesses: From Vision to Execution

Organizations seeking to embed EY’s nine principles and implement the three-step approach can adopt a practical roadmap that translates vision into operational reality. The roadmap should be grounded in strategic leadership, cross-functional collaboration, and measurable outcomes. It should start with executive alignment around the consumer concerns that matter most, followed by the integration of responsibility into product design, risk management, and governance.

A suggested phased plan includes:

• Phase 1: Diagnostic and alignment

  • Conduct a comprehensive assessment of current AI governance, data practices, and stakeholder perceptions.
  • Map consumer concerns to internal risk controls and governance capabilities.
  • Establish a cross-functional AI governance council with clear accountability structures.

• Phase 2: Design and integration

  • Develop and codify the nine principles into policy, process, and product design standards.
  • Integrate responsible AI design into the product development lifecycle, including ethics reviews, bias testing, and explainability requirements.
  • Strengthen data governance and privacy protections, including data lineage and consent management.

• Phase 3: Deployment and optimization

  • Implement monitoring, auditing, and incident response mechanisms for AI systems.
  • Launch transparent communication programs to explain safeguards and governance practices to customers.
  • Establish ongoing training and leadership development to sustain governance maturity.

• Phase 4: Maturity and scaling

  • Expand governance to new AI capabilities and use cases, including agentic AI, with appropriate risk controls.
  • Regularly review and update the governance framework in response to regulatory changes, market developments, and new consumer insights.
  • Demonstrate measurable outcomes through dashboards, metrics, and external validations where feasible.

• Phase 5: Public trust and differentiation

  • Use governance and transparency as a differentiation in branding and customer experience.
  • Engage with regulators and industry bodies to help shape responsible AI standards and expectations.
  • Build long-term trust with stakeholders by maintaining a visible commitment to responsible AI.

Conclusion

EY’s research makes a compelling case that the current gap between executive understanding and public concern about AI is substantial and consequential. The findings show that ordinary consumers express higher levels of worry about AI-related issues—especially around data integrity, privacy, misinformation, and potential exploitation—than many executives anticipate. This misalignment risks misdirecting AI investments, governance priorities, and strategic decisions, potentially undermining the multi-billion-pound AI momentum that many organizations seek to capitalize on.

To bridge this gap, EY offers a structured, nine-principle framework for responsible AI governance, complemented by a practical three-step leadership approach focused on listening to customers, integrating responsible AI into development, and communicating governance choices clearly. The nine principles—accountability, data protection, reliability, security, transparency, explainability, fairness, compliance, and sustainability—provide a comprehensive blueprint for building trust and ensuring that AI systems serve broader societal interests while delivering business value.

The proposed three-step model—listen, act, and communicate—empowers leaders to translate consumer insights into governance decisions, design choices, and transparent communications. By exposing the C-suite to customer voices, embedding responsible AI into development processes, and openly discussing safeguards and governance, organizations can close the trust gap and transform responsible AI from a compliance burden into a competitive advantage.

The findings also emphasize the need to prepare for a future where AI capabilities become more autonomous and capable. Agentic AI presents a new set of governance challenges that require more sophisticated risk management, governance structures, and leadership attention. CEOs, who appear to be more attuned to public concerns than some peers, can play a pivotal role in driving cross-functional alignment, cascading consumer insights through the organization, and ensuring that governance evolves in step with technology.

Ultimately, the EY framework positions responsible AI as a strategic asset—one that can differentiate brands, earn public trust, and unlock sustainable, long-term value. By embracing the nine principles, implementing the three-step approach, and turning governance into a core business capability, organizations can navigate the complexities of AI with greater confidence and clarity. This path not only mitigates risk but also creates a foundation for responsible innovation that benefits customers, employees, shareholders, and society at large.