Assessing AI Maturity in German Firms Amid GDPR Challenges

Veeam Software has launched the 'Data and AI Trust Maturity Model' to help German companies evaluate and improve their AI governance and operationalization. This scientifically grounded framework assesses AI maturity across 12 dimensions and five maturity levels, ranging from 'Ad-hoc' to 'leading'. According to research commissioned by Veeam and conducted by the Emerald Research Group, there is a significant gap between companies’ confidence in their AI maturity and their actual ability to implement and govern AI effectively. While around 80% of executives express confidence in scaling AI safely, many lack verifiable evidence to support this.

The model identifies that operational barriers—such as skill gaps in AI and machine learning, integration difficulties, regulatory uncertainties, and data quality concerns—are the main obstacles to scaling AI initiatives, rather than technological limitations. Although nearly 90% of companies report having formal AI governance policies, only approximately a third can provide comprehensive audit evidence when needed. CEO Anand Eswaran of Veeam emphasized that trust in AI adoption cannot be scaled without demonstrable proof.

Complementing this, a long-term Bitkom study on the impact of GDPR, ten years after its implementation, reveals that while data protection efforts have increased substantially (with 71% of firms largely compliant by 2024), 81% of companies find GDPR complicates their business processes. Crucially, 69% believe GDPR restricts AI development by making data training for AI models more difficult. Many companies also transfer personal data to the US, with 61% acknowledging cross-border data transfers and 71% calling for improved solutions.

Bitkom President Dr. Ralf Wintergerst noted that, despite data protection’s importance, German and European regulations are often viewed as excessive and bureaucratic, hindering AI progress. He pointed out that 59% see European data protection as beneficial for AI, yet a majority report challenges due to regulatory uncertainty. The continuous need to adapt compliance efforts amid evolving legal and technological frameworks remains a significant challenge for businesses.

Together, these findings indicate that German companies are advancing AI deployment rapidly but face critical hurdles related to governance frameworks and data protection regulations like GDPR. The new maturity model from Veeam aims to provide executives with actionable insights to bridge these gaps, prioritize efforts, and enhance AI trust, governance, and resilience in a complex regulatory landscape.