Most companies have a data governance policy. Almost none have data governance infrastructure. Those are different things, and confusing them is why the problem never gets solved.
Ask a revenue leader if their company has a data governance policy and they’ll say yes. Ask them if it’s working and the answer gets complicated.
There are standards for how records should be formatted. There are rules about what fields are required. There are guidelines for how data flows between systems. They’re documented somewhere. And the duplicate rate is still 25%. The CRM still has contacts who left two years ago. Sales still doesn’t trust the data.
The policy isn’t the problem. The problem is that the policy isn’t enforced by anything. It depends entirely on humans to follow it. And in a high-volume GTM environment with dozens of lead sources, hundreds of integrations and constant pressure to move fast, humans don’t follow it consistently.
Governance that lives in a document is aspirational. Governance that’s built into the system is operational. Most companies have the first. Almost none have the second.
The second reason governance fails is structural. IT genuinely has the best interests of the organisation in mind—they’re protecting system integrity, ensuring compliance and building infrastructure that scales. The challenge isn’t intent. It’s that most data governance policies were designed for IT and compliance use cases, and as revenue teams have grown and AI has entered the GTM stack, those standards haven’t kept pace with what sales and marketing actually need.
IT defines what a record needs to pass a compliance check: required fields, acceptable formats, system integration specs. That’s the right standard for IT’s use case. Revenue teams need a different standard: what does a record need to contain to route to the right rep, score accurately and activate an AI model? Those definitions don’t overlap as much as you’d think.
Legal governance gets optimised further in the wrong direction. What can we collect? What do we have to delete? How do we minimise exposure? Those are real questions, but they produce a policy built around constraint, not performance. Revenue teams end up with rules that limit what they can do without equipping them to do it better.
IT and Legal are optimising for exactly what they’re accountable for—system integrity, compliance and uptime. The gap isn’t one of intent; it’s one of incentives. Pipeline contribution isn’t in their scorecard, which means data quality for revenue outcomes has to be owned by the revenue team with IT as a partner in enforcement, not the sole author of the standard.
The answer isn’t to bypass IT—it’s to build a system that works with them. That means strict global governance rules that IT can define, lock and enforce across every system and every data source. And it also means enough flexibility for regional teams to layer in their own requirements without opening a ticket or waiting on an engineering sprint. The best programmatic governance infrastructure does both: IT sets the global standard and it holds everywhere, while business teams can extend it in a way that’s self-service and non-technical.
The shift from policy-based governance to programmatic governance is the most important change a revenue organisation can make. And it’s underappreciated because it sounds technical when it’s really operational.
Policy-based governance says: records should have a valid email address, a complete company name and a job title that matches our standard taxonomy. It lives in a wiki. It gets reviewed annually. It gets violated constantly.
Programmatic governance says: no record enters this system without a valid email address, a normalised company name and a job title that matches our taxonomy. The rule fires automatically. Every record. Every source. No exceptions, because there’s no human to grant them.
That distinction matters more than it sounds. When governance is programmatic:
This is what the companies with the best data quality have built. Not better policies. Better enforcement infrastructure.
For years, companies could tolerate policy-based governance. Bad data was an operational nuisance. Reps wasted time. Reports were slightly off. You cleaned the CRM every couple of quarters and moved on.
AI changes the math entirely.
When an AI model scores leads, it doesn’t know a record is bad. It processes it the same way it processes every other record. When it routes outreach, it doesn’t verify the contact is still at the company. When it personalises a message, it uses whatever job title is in the field. The AI executes on whatever data it receives, confidently and at scale.
Policy-based governance can’t keep up with that. A quarterly CRM cleanup doesn’t protect an AI model that’s processing thousands of records daily. A style guide for data entry doesn’t matter when 80% of your records come in through API integrations that nobody is manually reviewing.
The only governance that works at AI speed is governance that operates at AI speed. Rules enforced in real time, at the point of entry, on every record, from every source.
The next evolution isn’t just programmatic governance at the point of entry. It’s governance as persistent, callable infrastructure.
Right now, most validation happens once, when a record is captured. But as AI agents become more embedded in GTM, the question of data quality comes up at every decision point. Is this contact current before I send the sequence? Is this firmographic data accurate before I score this account? Is this record compliant before I include it in this campaign?
The direction the best revenue teams are building toward is a validation layer that any system in the stack can call on demand. Your CRM, your MAP, your AI scoring model, your outreach tool. Instead of validating once and hoping the data stays accurate, you validate at the moment of use.
That’s governance that actually keeps pace with how AI-driven GTM operates. Not a policy document. Not a quarterly cleanup project. Infrastructure that enforces the standard continuously, across every system, at every decision point.
If your current governance lives primarily in documentation, three things to move on:
Most companies treat data governance as something you write down and hope people follow. The companies that actually solve the problem treat it as something you build into the system and enforce automatically.
That distinction, between aspirational policy and operational infrastructure, is the difference between a data quality initiative that works once and one that holds up at scale. Especially as AI takes over more of the execution layer and the tolerance for bad data goes to zero.
The policy isn’t the problem. The enforcement is.
—
If your data governance lives primarily in documentation, start by auditing your intake layer. Measure the gap between your documented standard and what’s actually entering your systems. That’s where the infrastructure work begins.
Insights