Audit-grade governance for AI agents. Book a demo
Avanor
All articles
AI governanceagentic AIcomplianceaudit

The Production Gap Isn't a Model Problem

Logan Bell
Logan Bell, Founder & CEO
Avanor blog cover: a translucent glass triquetra on a black background, with the title "The Production Gap Isn't a Model Problem."

Avanor blog cover: a translucent glass triquetra on a black background, with the title "The Production Gap Isn't a Model Problem."

Yesterday we shared a number that stops most AI conversations cold: 59% of enterprise AI initiatives never reach production (Gartner, 2026). The reflex is to blame the technology. The reflex is wrong.

The model is rarely the thing standing in the way. What stops AI at the threshold of production is a set of questions the technology cannot answer on its own. Who can halt this agent mid-action? What did it actually do? Can we prove it to an auditor, a regulator, or an insurer? When the answer is "we are not sure," the project stalls in pilot, or it ships and quietly erodes trust until someone pulls the plug.

This post is about why that gap exists, why it is widening as agents move from suggesting to acting, and what actually closes it.

Start with the honest number

The "59%" is real, but it is one reading among several, and the spread matters. Different studies measure different things:

  • Gartner: 59% of AI initiatives fail to reach production (1H26 CIO Report).
  • S&P Global Market Intelligence: 42% of companies abandoned most AI initiatives in 2025, up from 17% in 2024, and the average organization scrapped 46% of proofs-of-concept before production (Voice of the Enterprise, n=1,006).
  • McKinsey: 88% of organizations use AI in at least one function, but only about 39% report any enterprise-level EBIT impact (The State of AI, November 2025, n=1,993).
  • MIT (Project NANDA): roughly 95% of generative-AI pilots show no measurable P&L impact (The GenAI Divide, 2025).

These do not contradict each other. They define "failure," "production," "pilot," and "ROI" differently. But they all point the same direction: most enterprise AI does not convert into durable, trusted operation. One honest caveat worth stating plainly, because a serious reader will ask: Gartner does not publish the sample or method behind its 59%. We cite it as a directional anchor, not gospel.

The blocker is governance, not the model

Look at what teams themselves say is in the way, and the picture sharpens.

Deloitte found that "regulation and risk" became the single top barrier to generative-AI development, rising ten points over a single year (State of Generative AI in the Enterprise, Q4, January 2025). In its 2026 survey of more than 3,200 leaders, Deloitte found that only about one in five organizations has a mature model for governing autonomous agents. McKinsey reports that 51% of organizations using AI have already seen at least one negative consequence, most commonly from inaccuracy.

Gartner's forward look is sharper still. Forecast: Gartner predicts that over 40% of agentic-AI projects will be canceled by the end of 2027, citing escalating costs, unclear business value, and "inadequate risk controls" (June 2025). That is a projection, not a measured outcome, and we flag it as one. But the named cause is telling. The thing teams cannot get past is not capability. It is control.

"Suggest" was forgiving. "Act" is not.

A model that drafts an email and waits for a human is low-stakes. The human is the control. The moment an agent can send the email, move the money, approve the claim, or change the record, the human is no longer in the loop by default, and the old controls do not fit.

In December 2025, OWASP released its Top 10 for Agentic Applications, the first peer-reviewed security framework aimed specifically at autonomous AI. Three of its top four risks are about identity and privilege: agents now operate with delegated authority and their own credentials, and traditional identity tooling was never designed for non-human entities that plan, decide, and act. Microsoft's security team put the failure mode well: an agent "can be 'working as designed' while still taking steps that a human would be unlikely to approve, because the boundaries were unclear, permissions were too broad, or tool use was not tightly governed."

That is the production problem in one sentence. Correct-by-design is not the same as governed-in-operation.

What "ungoverned action" actually costs

This is not theoretical. The clearest warnings come from automated decisions that ran without enforceable policy or a defensible record. These are allegations in active litigation, disputed by the defendants, and unproven. We cite them for what they illustrate, not as findings of fact.

  • Cigna (Kisting-Leung v. Cigna): following a 2023 ProPublica investigation, plaintiffs allege Cigna used an automated system to deny more than 300,000 claims over two months, averaging about 1.2 seconds per review. Cigna disputes the characterization.
  • UnitedHealth (Estate of Lokken v. UnitedHealth Group): plaintiffs allege an algorithm was used to deny post-acute care, citing a roughly 90% reversal rate on appealed denials. UnitedHealth says the tool does not make coverage determinations.

And where enforcement has actually landed, the charge is instructive. In March 2024 the SEC settled its first "AI-washing" cases against two investment advisers, for $400,000 combined. One of the counts was a Compliance Rule charge: failure to implement written policies and procedures. The lesson regulated industries already know is now arriving for AI. You have to say what you do, and you have to be able to evidence what you did.

Regulators are converging on one requirement

Across very different regimes, the authorities are asking for the same thing: automatic, audit-grade records of what an automated system did and why.

"Trustworthy AI depends upon accountability. Accountability presupposes transparency." NIST AI Risk Management Framework 1.0

"High-risk AI systems shall technically allow for the automatic recording of events (logs) over the lifetime of the system." EU AI Act, Article 12

Read those two together and the word that matters is automatic. Manual documentation, assembled after the fact, does not satisfy the requirement. The same expectation shows up domestically and sector by sector:

  • NAIC Model Bulletin on insurer use of AI: now adopted by roughly 23 to 24 states plus the District of Columbia, requiring a documented AI program that is producible to regulators during market-conduct exams.
  • ONC HTI-1 rule for certified health IT: requires exposing the "source attributes" of predictive clinical algorithms, with transparency duties effective at the end of 2024.
  • ISO/IEC 42001
    ,     the first certifiable AI management-system standard, which is built on documented governance, risk assessment, and audit evidence.
  • Texas TRAIGA (HB 149), the third comprehensive US state AI law, effective January 1, 2026.

Independent authorities, different sectors, same conclusion: you need a tamper-evident, automatically generated record of automated decisions. That is precisely the gap the cases above exploited.

Insurance is starting to price this in

This part is early, and we will not overstate it. But the signal is real. AI-related securities class actions have become the largest category of event-driven filings, with filings more than doubling in 2024 over 2023. D&O underwriters are beginning to ask governance-based questions: does the board have AI oversight, are there internal AI policies, is third-party AI use monitored. The trajectory looks a lot like the early years of cyber insurance, where strong, demonstrable controls moved from "nice to have" to "the thing that determines whether you are covered, and at what price." Demonstrable is the operative word. An insurer cannot underwrite a control it cannot see.

What closes the gap: a control plane

Every thread above ends in the same place. The blocker is not the model. It is the absence of enforceable policy on what the agent does, and a defensible record of what it did. That is exactly what Avanor is built to be.

Avanor is the control plane for AI agents. We wrap our customers' software, take in the events their agents generate, and score that activity against compliance frameworks and state regulations. We surface where an agent is in violation, we let teams enforce custom policies on every action, and we produce the proof: a tamper-evident, hash-chained record you can hand to an auditor or an insurer.

The point is not to slow AI down. It is the opposite. When every action is governed and every decision is provable, the conversation changes from "should we let this agent run" to "how fast do we want it to go." Governance stops being the brake. It becomes the thing that lets you take your foot off it.

59% never reach production because they cannot answer the production questions. We built the answer.

Deploy AI. Stay audit-ready.

See it on your own agents. Avanor wraps your software, scores agent activity against the frameworks you answer to, surfaces violations in real time, and produces a record an auditor or insurer will accept.

Book a demo and we will walk your stack with you.

Sources

  1. Gartner, "1H26 The CIO Report," 2026 (the 59% figure; methodology not publicly disclosed).
  2. Gartner, "Gartner Predicts Over 40% of Agentic AI Projects Will Be Canceled by End of 2027," June 25, 2025.
  3. S&P Global Market Intelligence, "Voice of the Enterprise: AI & Machine Learning, Use Cases 2025," March 2025.
  4. McKinsey & Company, "The State of AI in 2025: Agents, Innovation, and Transformation," November 2025.
  5. MIT Project NANDA, "The GenAI Divide: State of AI in Business 2025," 2025 (preliminary, non-peer-reviewed).
  6. Deloitte, "State of Generative AI in the Enterprise," Q4, January 2025; and "State of AI in the Enterprise" (7th edition), 2026.
  7. OWASP GenAI Security Project, "Top 10 for Agentic Applications (2026)," December 2025.
  8. Microsoft Security Blog, "Addressing the OWASP Top 10 Risks in Agentic AI with Microsoft Copilot Studio," 2026.
  9. ProPublica, "How Cigna Saves Millions by Having Its Doctors Reject Claims Without Reading Them," March 2023; Kisting-Leung v. Cigna (E.D. Cal.). Allegations disputed.
  10. Estate of Lokken v. UnitedHealth Group (D. Minn.), filed November 2023. Allegations disputed.
  11. U.S. Securities and Exchange Commission, "SEC Charges Two Investment Advisers with Making False and Misleading Statements About Their Use of Artificial Intelligence," Press Release 2024-36, March 18, 2024.
  12. NIST, "Artificial Intelligence Risk Management Framework (AI RMF 1.0)," NIST AI 100-1, January 2023.
  13. EU AI Act, Regulation (EU) 2024/1689, "Article 12, Record-keeping."
  14. NAIC, "Model Bulletin: Use of Artificial Intelligence Systems by Insurers," adopted December 2023, plus the NAIC implementation tracker.
  15. ONC/HHS, "Health Data, Technology, and Interoperability (HTI-1) Final Rule," 89 FR 1192, January 2024.
  16. "ISO/IEC 42001
    , AI management systems    ," 2023.
  17. Texas HB 149 (Responsible Artificial Intelligence Governance Act), effective January 1, 2026.
  18. Risk & Insurance, "AI Litigation and Its Impact on D&O Insurance," October 2025.
Back to all articles