← Writing

10 June 2026

Why your AI pilot never made it to production

There’s a moment in almost every enterprise AI project that feels like success and is actually the most dangerous point of the whole thing: the demo works.

A small team wires up a model, points it at some clean data, and shows it to leadership. It answers the questions. Everyone nods. The project gets a second phase “in principle.” And then nothing ships — for months — because the gap between a demo and a production system is the part nobody scoped.

Gartner puts it bluntly: at least 30% of enterprise AI projects are abandoned after the proof of concept. Not because the model was bad. Because the hard parts were left for later, and later never came.

The demo runs on a clean spreadsheet. Production faces the real world.

A pilot is a controlled environment. Real deployment isn’t. The moment an AI agent meets real users and real systems, a different set of questions decides whether it lives or dies:

  • Who can it reach? A demo reads one tidy dataset. Production has to touch SharePoint, ServiceNow, Salesforce — safely, with the right permissions, without becoming a data-exfiltration route.
  • Can it be trusted? Before it goes near real people, an agent needs to survive being attacked — prompt injection, data leakage, going off-script. If you can’t answer “what happens when someone tries to break it,” you can’t ship it.
  • Who owns it once it’s live? Pilots fail because accountability is diffuse. Production systems have a named owner, an audit trail, and monitoring that raises the alarm the moment something drifts.

None of that is glamorous. All of it is the actual job.

Governance isn’t the thing that slows AI down. It’s the thing that lets it ship.

The instinct in most organisations — especially regulated ones — is to treat governance as a brake: the compliance step you bolt on at the end, right before everyone loses patience. That’s exactly backwards.

When you build the controls in from day one — security testing, data protection, a clear view of every agent running across your clouds — governance stops being the blocker and becomes the permission. It’s what lets a bank or a university put AI in front of a hundred thousand people and sleep at night.

Safe and trusted first. Used by real people second. In that order, the AI actually makes it into everyday work — and stays there.

The short version

If your pilot succeeded and then stalled, the problem usually isn’t the model and it isn’t the vision. It’s the unglamorous production engineering and governance that nobody put on the plan. That gap is bridgeable — I’ve crossed it again and again — but only if you treat “make it real” as the project, not the afterthought.