By Seth Rogers

AI may be everywhere, but that doesn’t mean people trust it.

Pew Research found more than a third of adults feel more concerned than excited about the growing use of AI.¹ Still, boards of directors and C-Suites allocate heaps of funding to quickly embed AI in their business models.

What if the two priorities — defusing customer concerns and leading with AI — were not at odds? What if instead of asking “Can we trust AI?” we take up a posture of “How do we design trust into AI systems from the outset?”

Approaching the trust conversation this way — as an engineering problem — not only allows business leaders to right-size trust for their systems’ purpose, risk profile and impact, but it may also convert trust from a roadblock into a genuine accelerant for innovation.

What if instead of asking “Can we trust AI?” we take up a posture of “How do we design trust into AI systems from the outset?”

Step 1: Design for the ‘why’

Building trust into AI systems begins with understanding the why. In other words: Why did the system make the decision it made?

Many organizations approach the task as though they’re auditing human employees: tracking who did the what, the when and the where. These questions are important, but with AI systems, they are no longer sufficient.

AI systems inherently lack the same traceability of human-led processes. An AI agent processes inputs, applies models, reaches conclusions and takes actions — but the reasoning that connects these steps may exist only momentarily. Unlike a human, a model cannot reliably explain its thinking weeks later. Without preserved reasoning, accountability evaporates.

Designing for the ‘why’ requires embedding a forensic trail of thought directly into the system architecture.

This means capturing every input that shaped the decision, documenting which models were applied and why, recording the assumptions embedded in the analysis and preserving the confidence levels at each stage of reasoning.

But capturing this information is only half the challenge. The other half is making it meaningful and usable for business stakeholders.

Building trust into AI systems begins with understanding the ‘why’.

Cue semantic verification

Semantic verification is emerging as a powerful tool to make AI reasoning transparent and explainable. It creates comprehensive records at each stage of AI decision-making. This includes inputs, data, transformations, models used, confidence scores and even how multiple models reached consensus when they contribute to a single outcome.

For instance, in a banking context, suspicious activity alerts are often generated from multiple models acting together. Semantic verification can show how these multiple models — such as rules-based systems, anomaly detection models and network analysis tools — interpreted the same underlying data, where their semantic understanding aligned, where it differed and how those perspectives were reconciled into a single decision.

Crucially, semantic verification also enables plain-language explanations to help stakeholders understand the logic. These explanations can be linked to verifiable evidence, such as the specific data points, regulatory requirements or precedents that informed the outcome.

Step 2: Adopt a policy-as-code approach

If semantic verification explains why AI makes certain decisions, policy-as-code ensures those decisions stay within organizational and regulatory boundaries.

Policy-as-code translates governance — security controls, compliance requirements, operational procedures — into machine-readable instructions that can be automatically enforced, tested and updated. Instead of relying on manual checks, which tend to be error-prone and inefficient, organizations can embed compliance directly into their AI systems and development pipelines.

When regulations change (and they are changing constantly) manual processes struggle to keep pace. Policy-as-code enables regulatory agility: when standards are updated, teams can modify a single policy file and push changes across every environment through automated deployment. It also can reduce the burden on the cost of compliance more broadly.

For trust in AI to be practical, it must be achievable across diverse deployment environments.

Step 3: Recognize the strategic value of small models

For trust in AI to be practical, it must be achievable across diverse deployment environments. This is where small language models (SLMs) are reshaping the landscape.

While flagship AI models require costly infrastructure, SLMs with one to three billion parameters can run on standard CPUs, smartphones and even microcontrollers. They offer meaningful AI capabilities (natural language understanding, anomaly detection and predictive monitoring) while operating on milliwatts of energy and without cloud connectivity.

Consider a healthcare setting where wearable devices monitor patient vitals. An edge-deployed SLM analyzes data locally and flags anomalies while also preserving patient privacy by keeping sensitive data on the device itself. Here, privacy is preserved not through promises, but through architecture.

Questions to ask your team today

Teams can calibrate their approach to engineering trust into AI systems by asking themselves a few questions:

Not all AI applications carry the same risk. A recommendation engine that suggests marketing content, for example, will not need the same level of governance as a model that flags suspicious financial activity.

Categorize initiatives based on risk and impact, then set the appropriate level of autonomy and oversight. For advanced use cases, trust comes from architecture: independent validation agents, cryptographic audit trails and clear override protocols.

AI systems evolve. So should trust mechanisms. Establish measurable accuracy and compliance standards, schedule regular reviews and use automated triggers to catch drift or anomalies. Circuit breakers and batch audits ensure that when confidence dips, human oversight steps back in without slowing the business.

Evaluate whether your AI systems provide clear, verifiable reasoning that regulators, risk teams and business stakeholders can understand and assess. If not, developing semantic verification and explainability capabilities should become a priority.

Embedding compliance rules directly into AI workflows turns regulation into a speed lever. Automated enforcement at decision points reduces manual effort, accelerates response to policy changes, and ensures every decision is traceable to the correct rule set. Done well, this shifts compliance from a cost center to a differentiator.

What this means for business leaders

Organizationally, centering trust in AI systems does not require a wholesale reinvention of workflows, but it does demand a shift in where governance takes place and by whom.

Risk and compliance teams, for example, might need to move upstream from post-hoc remediation into system design and development. New roles, such as model validators and policy engineers, are also likely to emerge as key players, alongside data scientists and engineers.

The guiding principle behind these changes is the same one that underpins any effort to right-size trust: building the workforce, workflows and accountability structures that allow AI systems to move faster where they can, and more carefully where they must.

How Kyndryl is uniquely positioned to help

Kyndryl’s policy‑as‑code capability gives enterprises a practical path to scale AI responsibly and securely by embedding compliance and control directly into AI workflows. This approach directly tackles the top concern for enterprise leaders, especially in highly-regulated industries: ensuring AI‑enabled workflows remain compliant and trustworthy, even at scale.

Policy‑as‑code: governance built in, not bolted on
Kyndryl’s policy‑as‑code capability translates organizational rules and regulatory requirements into machine‑readable policies that automatically guide agent behavior. The end-goal being: AI that operates within clear boundaries and is subject to consistent, enforceable oversight.
The Agentic AI Framework: scaling AI you can trust
Kyndryl’s policy‑as‑code capability is, critically, embedded directly into the Kyndryl Agentic AI Framework. This integration helps organizations move confidently from isolated pilots to AI‑native operations, where secure, self‑learning agents work within human‑in‑the‑loop governance to ensure responsible scaling.
Enterprise‑scale governance backed by deep operational experience  
Kyndryl strengthens this governance model with decades of experience operating complex enterprise environments, managing nearly 190 million automations every month. That operational depth translates into more reliable guardrails, better agent explainability and fewer surprises in production.