A majority of governance professionals believe UK regulation is excessive, according to a survey, while over a third say their companies are either reviewing or reducing their diversity, equity and inclusion policies under pressure from the political environment.

The annual Boardroom Bellwether survey from the Chartered Governance Institute UK & Ireland (CGIUKI) shows that 77% of listed company boards believe regulation is excessive, after a year in which the Labour government has shown signs of relieving the burden in some areas.

Though companies appear to be rethinking DEI, their approach is not solely a response to the evolving political landscape. The report says: “But even without those drivers, potentially worsening economic conditions, rising perception of risk, and modest spending would have prompted some changes to DEI approaches after a rapid five-year build-up.”

The result comes as two thirds (65.2%) of governance leaders expect UK economic conditions to decline in the coming year, with US policy now the major factor in medium term planning. A similar proportion, 69.6%, expect a decline in global economic conditions.

CGIUKI’s report says: “After a couple of years of positivity, we’re back to a more negative outlook on global economic conditions.”

The pessimism is borne out in policy. No one polled for the survey could say they expected a significant increase in capital expenditure.

According to the survey, managers are “prioritising efficiency over growth”.

AI and cybersecurity risks

Meanwhile, artificial intelligence and cybersecurity emerge as the greatest risks.

Peter Swabey, policy and research director at CGIUKI, says the survey uncovers a “mood of caution and recalibration”.

“While AI and cyber resilience are climbing the agenda, confidence in the UK’s economic outlook and regulatory environment remains fragile. The government’s industrial strategy will need to address these concerns.”

Cybersecurity is the leading issue for boards when it comes to risk exposure. One FTSE 250 company secretary told CGIUKI: “Cyber risk is increasing—not just exposure to malicious actors, but also greater reliance on technology compounding the risks.”

The comments come just weeks after the news cycle featured M&S’s struggle with cyber criminals.

The CGIUKI report says: “In some ways the catastrophic cyber-attacks of 2025 might be helping in this area: watching the struggles of those charged with good governance and compliance in afflicted retail businesses has surely pushed the issue even higher up the agenda.

“And given the prominence of reputation risk in our results, it’s not surprising that avoiding a PR disaster post attack is a priority.”

Ethics and AI

AI is also a big issue when it comes to ethics, with half of boards reporting that they have implemented ethics policies: among quoted companies, the figure is 64.5%, a stark difference to the 44% of 2024.

At the beginning of this month, CGIUKI reported company secretaries had serious concerns about the accuracy of AI in corporate reporting.

Claire Bodanis, founder of the specialist reporting advisory firm Falcon Windsor, told the CGIUKI that companies must consider the use of genAI.

“Having a general AI policy is a great start. But, with generative AI tools becoming a feature of the corporate desktop, companies must consider their use in the context of every policy to ensure that AI happens not by accident, to our detriment, but by design, to our advantage.”