There’s a pattern I keep running into when I talk to IT leaders at mid-sized UK organisations. They’ve had a budget line for AI since at least early 2024. They’ve probably run a pilot or two. They might even have bought some Copilot licences. And yet, when you ask what’s actually changed about how the business runs, the honest answer is usually “not much.”
This isn’t a technology problem. The tech works. It’s genuinely very good now, far better than most sceptics were willing to admit two years ago. The problem is that AI projects in UK organisations tend to die in a specific, predictable way, and recognising the pattern is the first step to not falling into it.
The “interesting demo” trap
Here’s how it usually goes. Someone in leadership, often the CEO or a board member, sees a demo. It might be at a conference, or from a vendor, or just something a colleague forwarded them. They come back energised. They want “an AI strategy.” A workshop gets scheduled. A working group forms. Someone produces a slide deck with use cases ranked by effort and impact.
Then nothing happens for eight months.
Or, worse, something does happen: an isolated pilot gets built, demos beautifully in a sandbox, and then hits the wall the moment it tries to touch real organisational data. Permissions are wrong. The information architecture in SharePoint is a mess going back a decade. Nobody has clear ownership of the finance data the chatbot is supposed to summarise. The project quietly gets parked.
I’ve seen this at housing associations, at professional services firms, at NHS trusts, at manufacturers. It’s almost comically consistent.
The boring stuff is the actual problem
The reason these projects fail isn’t that the AI isn’t smart enough. It’s that most organisations haven’t done the plumbing work that AI exposes. Copilot for Microsoft 365 is the clearest example of this. It works by reading the data your users already have access to. If your permissions model is a mess, and in most UK organisations it genuinely is, then the first thing Copilot does is surface that mess to everyone at once.
Suddenly the graduate on the marketing team can see finance reconciliation documents that were never properly locked down. The board papers turn up in a search result. A sensitive HR case gets summarised into a Teams chat. The project gets paused while someone runs around firefighting, and the narrative internally becomes “AI is dangerous” rather than “our file permissions have been broken for years and we finally noticed.”
This is why the first serious piece of work on any AI rollout usually isn’t about AI at all. It’s about data governance, identity, access, and labelling. Tedious, expensive, unglamorous work. The kind of work that doesn’t make for a good board update.
What the partners who know what they’re doing actually do
The UK Microsoft partner ecosystem has been going through a sorting process over the last eighteen months. A lot of firms slapped “AI” onto existing propositions and called it a pivot. A smaller number genuinely reorganised around it, in some cases earning Microsoft’s new Frontier Partner designation, which is aimed at a tight group of partners leading on AI transformation.
What distinguishes the serious operators, in my experience, is that they spend the first few conversations talking about things other than AI. They’ll want to understand your data estate before they’ll talk about agents. They’ll ask about change management before they’ll discuss Copilot Studio. If you get on a call with someone who wants to jump straight to use cases and licensing, that’s a signal.
One UK pureplay Microsoft firm publishes an overview of its AI consulting services that makes the strategy, readiness, and change management stages explicit rather than burying them. Whether you end up working with them or not, it’s a useful reference point for what a sensible engagement looks like, particularly if you’re currently being pitched at by firms promising transformation in six weeks.
The honest version of an AI roadmap
If you strip the jargon out, the realistic sequence for most UK organisations looks something like this:
Get your house in order first. Audit SharePoint permissions. Clean up your identity and access model in Entra. Look hard at data classification and sensitivity labels in Purview. Work out who owns which data and whether those owners are actually paying attention.
Then, and only then, start with low-risk, high-visibility use cases. Meeting summarisation. Document drafting. Internal search. The boring ones. Let people get comfortable. Measure what’s actually being used, not what was licensed.
Agents, automation, custom AI apps: those come later, when you’ve earned the right to build them on top of a cleaner foundation. Plenty of organisations will try to skip ahead. Most of them will be back at step one within a year, just poorer.
