Taking longer than expected.
Reload the pageTaking longer than expected.
Reload the pageOriginal data reports and quarterly indices on enterprise AI governance, shadow AI prevalence, and regulated-industry adoption - written for the Australian and APAC compliance, risk, and security leaders who have to act on them. Open-licensed, citation-friendly, and built so practitioners can quote us in board decks and policy filings.
Each report is released under a permissive license so analysts, journalists, and policymakers can cite our findings freely with attribution.
40+ verified statistics on unsanctioned AI at work, each linked to its primary source: how widespread shadow AI is, what data leaks, ChatGPT exposure, enterprise bans and Copilot delays, the Australia and APAC picture, and the AI-security M&A wave. Ungated and updated quarterly.
State of the Secure AI Control Plane: where mid-market regulated companies actually stand on AI governance maturity. 25+ named primary public sources analysed against a 5-stage maturity model.
The state of unsanctioned AI in regulated industries. A 4-tier maturity index, cross-industry prevalence ranges, and the 7 named surveys we synthesised to build it.
Where Australian AI data governance actually stands: breach patterns (OAIC), the cost of cyber incidents (ASD/ACSC), and the responsible-AI execution gap - only about 12% of organisations are leading - reframed for AI governance.
Every percentage and dollar amount in our reports traces to a named, dated source. We publish the full source list with each release.
We track the same metrics each quarter so the indices become longitudinal. Q3 2026 is the baseline; Q4 will compare against it.
Reports released under CC BY 4.0. Cite us in your work without permission, with attribution to Areebi Research.
Australia governs AI through obligations that already apply, not a dedicated AI Act. These briefs translate the regulatory landscape our research tracks into what Australian regulated enterprises actually do.
The automated-decision disclosure obligation - due 10 December 2026.
Read the briefAI and LLM vendors as material service providers under operational risk.
Read the briefSecuring AI models, inference APIs, and prompts as information assets.
Read the briefWhy Australia has no AI Act - and the voluntary baseline (Guidance for AI Adoption, 2025) that replaced the 10 guardrails.
Read the briefKeeping enterprise AI data onshore and inside your network.
Read the briefHow the Australian Privacy Principles map to enterprise AI.
Read the briefEvery Australian AI compliance deadline in one place - Privacy Act ADM, APRA, ACCC - with primary sources.
Read the brief