This is the first edition of an annual report I’ll publish each Q1–Q2 on what’s actually shipping inside the regulated enterprises I work with and across. Practitioner observation anchored in cited public data; not vendor research, not analyst syntheses, not anonymous “our research shows” claims.
Each finding has three parts: the observation, the evidence (cited sources you can verify), and so what (the move a practitioner makes this quarter as a result).
Where I cite public benchmarks, I’ve used the most-recent published version (DORA Accelerate 2024, FinOps State of FinOps 2024, Menlo Ventures State of GenAI 2024, Verizon DBIR 2024, BSIMM, Stanford HELM). Where I cite regulation, I’ve linked the primary source. Where I cite practice from my own engagements, I’ve said so — you can take it as practitioner observation rather than aggregate data.
GenAI moved from pilot to platform — for the 12% that built the substrate.
Menlo Ventures’ State of GenAI 2024 found ~60% of enterprises were still in pilot through 2024. The 12% that crossed into “Operating” or above all share a pattern: they invested in the substrate — gateway, prompt registry, eval-gated deploy, observability, audit pipeline — before scaling use-cases. The other 88% built use-cases first and are now retrofitting controls under EU AI Act pressure.
From engagement observation: the difference between a 6-week ship and a 6-month ship for the second GenAI feature is whether the first one built reusable platform primitives. Every org I’ve seen ship five features fast had built the platform first.
Build the gateway + evals + audit substrate as a 90-day investment — then onboard use-cases. The platform-first sequence ships in 6 weeks per subsequent feature. Use-case-first sequence ships the first one in 6 months and stalls. See the Regulated GenAI Platform reference architecture.
The EU AI Act is the new compliance gravity well.
High-risk AI-system obligations are enforceable from 2 August 2026. General-purpose AI obligations have been in effect since August 2025. The Act imposes obligations across the supply chain (provider, deployer, importer, distributor) — not just on the model maker. Non-EU vendors selling AI into the EU are in scope.
The compliance work isn’t the model card or the conformity assessment. It’s the data governance (Art.10), risk management (Art.9), human oversight (Art.14), accuracy / robustness (Art.15), and logging (Art.12) obligations that require substrate investment in evals, audit evidence, and continuous monitoring.
Inventory your AI systems against EU AI Act risk categories now. Pre-build the audit views a regulator would ask for. ISO/IEC 42001 readiness is the cheapest available proxy for AI Act conformity. Run the diagnostic with sector set to FSI / Government / Healthcare for sector-specific lens.
Supply-chain security is the highest-leverage 2026 security work.
2024 incidents that defined the year — XZ Utils, Snowflake, Polyfill, CrowdStrike — were all supply-chain incidents. None were findings on a SAST report. The vendor market is largely still selling 2018’s problem (AppSec consolidation) while regulators (EO 14028, EU CRA, EU DORA, APRA CPS 230) now expect supply-chain controls.
The four moves that compound: workload identity (eliminating static credentials), signed provenance (SLSA L3+), SBOM with owner-alert path (CycloneDX/SPDX → Dependency-Track → CISA KEV feed), policy-as-code at deploy. None of these are AppSec line items; all of them are platform-engineering capabilities.
Migrate one critical pipeline to workload identity (OIDC). Emit SBOMs per artefact. Wire CISA KEV alerts to service owners. DevSecOps SLSA L3+ paved path reference architecture.
Platform engineering became the AI delivery moat.
The orgs shipping safe GenAI in 2026 are the ones whose platform already encoded workload identity, observability defaults, policy-as-code and audit-evidence primitives. The orgs whose AI Centre of Excellence is parallel to (not built on) platform engineering are spending 3–6× longer per feature, with no reuse.
The shift is structural: AI is not a workload, it’s a property of the platform. The Centre of Excellence model survived where AI was a separate side-project; it fails when AI is embedded across all customer-facing features. Most enterprises are in the second phase now.
Fund platform-engineering investment as “substrate for AI + operational risk + ISO 42001 readiness” — three concurrent strategic outcomes for the same capability investment. The board buys that pitch fastest. See the Platform Engineering IDP reference architecture.
DORA elite-performer practices spread — but not evenly.
DORA 2024 shows the Elite cluster still at ~4% of organisations, but the Medium-to-High transition broadened: more organisations crossed from monthly to weekly deploys than in any prior year. The bottleneck moved from CI/CD tooling to organisational readiness — change-fail rate, MTTR and toil are the constraints, not deploy frequency.
From engagement observation: the Australian Tier-1 bank delivery cohort splits roughly half-and-half between teams now operating at DORA “High” and teams still at “Medium”. Federal departments lag a tier. Critical-infrastructure operators lag two tiers, with safety-driven justification.
Stop optimising deploy frequency once weekly is reliable. Move to change-fail rate, MTTR and toil reduction as the next levers. SRE Programme diagnostic surfaces these dimensions.
FinOps for AI is the discipline nobody’s funded yet.
GenAI inference cost grew 5–10× in many enterprises through 2024–25. The traditional FinOps function is staffed for cloud compute, storage and networking — not for cost-per-token, cost-per-resolved-task, model routing, or cached-input optimisation. The FinOps Foundation AI Working Group is standardising the discipline, but adoption is years behind the spend.
The under-funded specifics: per-call cost attribution, sandbox-vs-prod isolation, model routing (cheaper model where quality matches), prompt caching, GPU utilisation for self-hosted, and provisioned-throughput-vs-on-demand decisions. Most CFOs don’t yet have these on their dashboard.
Add AI-cost attribution to your existing FinOps function before AI spend hits 5% of total cloud. Cache-hit rate and model routing are the two highest-leverage free levers.
Enterprise architecture is being absorbed by platform engineering.
What EA functions used to claim ownership of — paved paths, principles encoded as templates, observability defaults, IAM patterns — have migrated into platform engineering teams over the last 36 months. The EA functions that thrived shrank, federated, and re-focused on capability modelling, ADRs, target-state and substrate principles. The functions that didn’t are increasingly hollowed-out review boards.
Most TOGAF artefacts produced in 2026 are not the work product they should be — they should be encoded policy, paved-path templates, and federated decisions. Where TOGAF is still treated as the work product, EA is functionally retired.
Encode the top 3 architecture principles as policy-as-code. Subtract the rest. Federate architects into the highest-coupled streams. Stop chairing review boards; start running enablement clinics.
Workload identity replaced “adopt a vault” as the secrets-management bar.
For five years, “moved secrets into a vault” was the bar. Snowflake 2024 (100+ breaches via stuffed credentials) and continuing token-leak incidents made clear that vaulted-static is still static. The new bar is workload identity — short-lived, identity-bound tokens issued at runtime via OIDC (GitHub Actions, GCP WIF, Azure Federated Credentials) or SPIFFE.
Adoption inside Australian Tier-1 banks: roughly 30% of new pipelines use workload identity for cloud access; legacy pipelines still on static credentials. The migration is sequencing through 2026.
Migrate one critical pipeline to OIDC; document the pattern; copy. The 2026 bar isn’t “we have a vault.” It’s “we have no static cloud credentials in CI.”
ISO/IEC 42001 became the AI procurement signal.
ISO/IEC 42001 (the AI Management System standard) is the first certifiable AI standard. Through 2025 it became a B2B procurement asking-point; through 2026 it’s becoming a procurement requirement in regulated sectors. Vendors selling AI-powered SaaS into FSI, healthcare or government are being asked to certify or attest in RFPs.
Practically: it’s the closest certifiable analogue to AI Act conformity. Orgs that already operate under ISO 27001 find 42001 attainable in 6–12 months because most of the management-system overhead transfers.
If you sell AI-powered software to enterprise, scope 42001 readiness now. If you buy AI-powered software, add 42001 to your procurement questionnaire.
Australia’s regulatory clock advanced faster than most boards noticed.
In the last 18 months: APRA CPS 230 (operational risk, eff. 1 Jul 2025), DISR Voluntary AI Safety Standard (Sep 2024, mandatory signposted), DTA AI Policy (1 Sep 2024), SOCI Act RMP obligations operating. EU DORA (Jan 2025) applies to AU subsidiaries of EU groups.
Cumulative impact: by mid-2027, Australian enterprises in FSI, government, healthcare and critical infrastructure will face a substantially harder regulatory floor than they did in 2024 — with limited additional budget. The orgs adapting now compound; the orgs waiting for clarity will retrofit under pressure.
Map your current state against APRA CPS 230, CPS 234, the DISR AI Safety Standard and DTA AI Policy (whichever apply). The gaps are the platform investments worth defending to the board on three concurrent strategic outcomes.
The pattern across all ten findings.
Read end-to-end, the ten findings describe one pattern: the substrate is the moat. AI safety substrate. Supply-chain substrate. Identity substrate. Cost substrate. Architecture-as-code substrate. The discipline-specific work (build the model, run the scan, set the policy) is delivered well by most enterprises; the seam between disciplines (where the substrate lives) is delivered by very few.
That’s also the practitioner thesis behind The 4-Discipline Stack: enterprise architecture, platform engineering & DevSecOps, data modernisation and applied GenAI compound through a shared substrate, or they don’t compound at all. The first 12% are pulling away. The next 24 months decide who joins them.
— Uchit Vyas, Melbourne, 2026