The AI leaders in a 2,567-person survey named their biggest governance concern. Sovereignty came first.

NTT DATA's 2026 report sorts AI “leaders” from everyone else and reports what the leaders prioritize. Two of those priorities point straight at controls that are easy to write into a policy and hard to actually produce: sovereignty you can verify, and a record that proves safe use.

2,567

senior decision-makers surveyed across 15 industries

35

countries across five regions represented

9

shared characteristics the report attributes to AI leaders

NTT DATA · 2026 GLOBAL AI REPORT · A PLAYBOOK FOR AI LEADERS
The NTT DATA 2026 Global AI Report at a glance: 2,567 senior decision-makers surveyed across 15 industries; 35 countries across five regions represented; 9 shared characteristics the report attributes to AI leaders.

In December 2025, NTT DATA published a survey of 2,567 senior decision-makers across 15 industries and 35 countries. It sorts the sample into “AI leaders” and everyone else, using self-reported strategy, maturity, and profit, then reports what the leaders do differently. It is industry research from a large consulting firm, not a peer-reviewed study, so the useful reading is narrow: this is what senior buyers say they prioritize, and not proof that any one approach works.

The finding that stood out sits in the governance section. Cross-geography data privacy and sovereignty was the single biggest governance concern among AI leaders, flagged by 59.4% of them, ahead of model accuracy and cost. The report frames this in terms of where infrastructure is located. We would put it more precisely: where the data sits matters less than which legal regime can compel access to it, which is the point the Schrems II note works through.

The second finding is about proof. As organizations move from pilots to production AI and agents, the report says the question shifts from “Can we do this?” to “Can we prove we did it safely, fairly and profitably every time?” The leaders answer it structurally. 55.9% run a centralized governance model, against 33.3% of the laggards, and they run a platform where the organization defines what to permit or forbid once, then enforces it as policy across data access, prompt safety, logging and retention.

The buyer side is concentrated: 77.8% of leaders have a dedicated Chief AI Officer, and 56.2% run an AI steering committee with legal and security at the table. And the report is clear that the surface is about to widen. It calls agentic AI “the defining leap of the moment” and says leaders will have to govern not only people but the agents acting on their behalf.

Where a control plane sits in this picture

Mandate does not set AI strategy, redesign workflows, rebuild applications, reskill staff, or run the change program, and it does not make an organization an “AI leader.” NTT DATA sells the broad transformation and the partner program around it. Mandate is a control layer such a program would deploy, not a competitor to it.

What Mandate does cover is the part those two findings point at. The sovereignty concern becomes a property your counsel can verify, because the platform is Canadian-owned under a jurisdiction you can name. The proof the leaders are asking for is the audit record Mandate produces: hash-chained, signed, and checkable by your own team. And the policy they define once is the policy Mandate enforces in flight, as allow, warn, redact, block, or escalate. If you want the boundary in full, the FAQ lays out what we cover and what we leave to the rest of your program.

If AI governance is on your desk, the people who read this report are the people you answer to: a Chief AI Officer, an audit committee, a board that wants to know the program is real. The report gives them the shape of the gap. What you can put in place now is the control and the record: policy enforced at the point of use, written to an audit trail that proves what happened.

Can you prove safe use,
every time?

That question is the report’s bar, and the record is how you clear it. Ask for the figures, and a straight list of what Mandate covers and what it leaves to the rest of your AI program.

contact@mandateco.ca  ·  1-905-630-1908