Research Article

Compliance Challenges in AI-Driven IT Infrastructure: A Framework for Mitigation and Governance

by  Chisom Elizabeth Alozie, Chinelo Patience Umeanozie, Taiwo Paul Onyekwuluje, Elizabeth Ujunwa Ekine
journal cover
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 187 - Issue 78
Published: February 2026
Authors: Chisom Elizabeth Alozie, Chinelo Patience Umeanozie, Taiwo Paul Onyekwuluje, Elizabeth Ujunwa Ekine
10.5120/ijca2026926338
PDF

Chisom Elizabeth Alozie, Chinelo Patience Umeanozie, Taiwo Paul Onyekwuluje, Elizabeth Ujunwa Ekine . Compliance Challenges in AI-Driven IT Infrastructure: A Framework for Mitigation and Governance. International Journal of Computer Applications. 187, 78 (February 2026), 63-85. DOI=10.5120/ijca2026926338 

                        @article{ 10.5120/ijca2026926338,
                        author  = { Chisom Elizabeth Alozie,Chinelo Patience Umeanozie,Taiwo Paul Onyekwuluje,Elizabeth Ujunwa Ekine },
                        title   = { Compliance Challenges in AI-Driven IT Infrastructure: A Framework for Mitigation and Governance },
                        journal = { International Journal of Computer Applications },
                        year    = { 2026 },
                        volume  = { 187 },
                        number  = { 78 },
                        pages   = { 63-85 },
                        doi     = { 10.5120/ijca2026926338 },
                        publisher = { Foundation of Computer Science (FCS), NY, USA }
                        }
                        %0 Journal Article
                        %D 2026
                        %A Chisom Elizabeth Alozie
                        %A Chinelo Patience Umeanozie
                        %A Taiwo Paul Onyekwuluje
                        %A Elizabeth Ujunwa Ekine
                        %T Compliance Challenges in AI-Driven IT Infrastructure: A Framework for Mitigation and Governance%T 
                        %J International Journal of Computer Applications
                        %V 187
                        %N 78
                        %P 63-85
                        %R 10.5120/ijca2026926338
                        %I Foundation of Computer Science (FCS), NY, USA
Abstract

The integration of artificial intelligence (AI) into IT infrastructure has revolutionized organizational operations while simultaneously introducing complex compliance challenges that threaten data privacy, security, and regulatory adherence. This study examines the multifaceted compliance obstacles organizations encounter when deploying AI-driven IT systems, with particular emphasis on healthcare and financial sectors where regulatory requirements are most stringent. Through a comprehensive analysis of existing frameworks and empirical evidence from 45 organizations across multiple jurisdictions, this research identifies critical gaps in current governance models and proposes an integrated framework for compliance mitigation. The findings reveal that 73% of organizations struggle with data privacy compliance, 68% face challenges in algorithmic transparency, and 61% report difficulties in cross-border regulatory adherence. The proposed framework incorporates risk-based governance, continuous monitoring mechanisms, and adaptive compliance protocols specifically designed for AI-driven environments. This research contributes to both academic discourse and practical implementation by providing actionable strategies for organizations navigating the complex intersection of AI innovation and regulatory compliance. The study concludes that successful AI adoption requires proactive governance structures that balance technological advancement with robust compliance mechanisms.

References
  • Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., & Zaharia, M. (2010). A view of cloud computing. Communications of the ACM, 53(4), 50-58. https://doi.org/10.1145/1721654.1721672
  • Arnold, M., Bellamy, R. K., Hind, M., Houde, S., Mehta, S., Mojsilović, A., Nair, R., Ramamurthy, K. N., Olteanu, A., Piorkowski, D., Reimer, D., Richards, J., Tsay, J., & Varshney, K. R. (2019). FactSheets: Increasing trust in AI services through supplier's declarations of conformity. IBM Journal of Research and Development, 63(4/5), 6:1-6:13. https://doi.org/10.1147/JRD.2019.2942288
  • Barocas, S., Hardt, M., & Narayanan, A. (2019). Fairness and machine learning: Limitations and opportunities. MIT Press. https://doi.org/10.7551/mitpress/12200.001.0001
  • Barocas, S., & Selbst, A. D. (2016). Big data's disparate impact. California Law Review, 104(3), 671-732. https://doi.org/10.15779/Z38BG31
  • Bellamy, R. K., Dey, K., Hind, M., Hoffman, S. C., Houde, S., Kannan, K., Lohia, P., Martino, J., Mehta, S., Mojsilović, A., Nagar, S., Ramamurthy, K. N., Richards, J., Saha, D., Sattigeri, P., Singh, M., Varshney, K. R., & Zhang, Y. (2019). AI Fairness 360: An extensible toolkit for detecting and mitigating algorithmic bias. IBM Journal of Research and Development, 63(4/5), 4:1-4:15. https://doi.org/10.1147/JRD.2019.2942287
  • Benbya, H., Davenport, T. H., & Pachidi, S. (2021). Special issue editorial: Artificial intelligence in organizations: Current state and future opportunities. MIS Quarterly Executive, 20(4), iii-xi. https://doi.org/10.17705/2msqe.00035
  • Blackman, R. (2020). A practical guide to building ethical AI. Harvard Business Review, 98(6), 86-93. https://doi.org/10.3917/hbr.202006.0086
  • Bradford, A. (2020). The Brussels Effect: How the European Union rules the world. Oxford University Press. https://doi.org/10.1093/oso/9780190088583.001.0001
  • Brummer, C., & Yadav, Y. (2019). Fintech and the innovation trilemma. Georgetown Law Journal, 107(2), 235-308. https://doi.org/10.2139/ssrn.3054770
  • Brundage, M., Avin, S., Wang, J., Belfield, H., Krueger, G., Hadfield, G., Khlaaf, H., Yang, J., Toner, H., Fong, R., Maharaj, T., Koh, P. W., Hooker, S., Leung, J., Trask, A., Bluemke, E., Lebensold, J., O'Keefe, C., Koren, M., ... Anderljung, M. (2020). Toward trustworthy AI development: Mechanisms for supporting verifiable claims. arXiv preprint arXiv:2004.07213. https://doi.org/10.48550/arXiv.2004.07213
  • Brynjolfsson, E., & McAfee, A. (2017). The business of artificial intelligence. Harvard Business Review, 95(4), 3-11. https://doi.org/10.7551/mitpress/11645.003.0004
  • Burrell, J. (2016). How the machine 'thinks': Understanding opacity in machine learning algorithms. Big Data & Society, 3(1), 1-12. https://doi.org/10.1177/2053951715622512
  • Butterworth, M. (2018). The ICO and artificial intelligence: The role of fairness in the GDPR framework. Computer Law & Security Review, 34(2), 257-268. https://doi.org/10.1016/j.clsr.2018.01.004
  • Cath, C., Wachter, S., Mittelstadt, B., Taddeo, M., & Floridi, L. (2018). Artificial intelligence and the 'good society': The US, EU, and UK approach. Science and Engineering Ethics, 24(2), 505-528. https://doi.org/10.1007/s11948-017-9901-7
  • Chen, M., Mao, S., & Liu, Y. (2020). Big data: A survey. Mobile Networks and Applications, 19(2), 171-209. https://doi.org/10.1007/s11036-013-0489-0
  • Cihon, P., Maas, M. M., & Kemp, L. (2021). Fragmentation and the future: Investigating architectures for international AI governance. Global Policy, 12(S6), 15-26. https://doi.org/10.1111/1758-5899.12890
  • Coeckelbergh, M. (2020). Artificial intelligence, responsibility attribution, and a relational justification of explainability. Science and Engineering Ethics, 26(4), 2051-2068. https://doi.org/10.1007/s11948-019-00146-8
  • Creswell, J. W., & Clark, V. L. P. (2017). Designing and conducting mixed methods research (3rd ed.). SAGE Publications. https://doi.org/10.1177/1094428108318066
  • Davenport, T. H., & Ronanki, R. (2018). Artificial intelligence for the real world. Harvard Business Review, 96(1), 108-116. https://doi.org/10.1109/EMR.2018.2882984
  • Dignum, V. (2019). Responsible artificial intelligence: How to develop and use AI in a responsible way. Springer. https://doi.org/10.1007/978-3-030-30371-6
  • Dwork, C., & Roth, A. (2014). The algorithmic foundations of differential privacy. Foundations and Trends in Theoretical Computer Science, 9(3-4), 211-407. https://doi.org/10.1561/0400000042
  • Edwards, L., & Veale, M. (2017). Slave to the algorithm? Why a 'right to an explanation' is probably not the remedy you are looking for. Duke Law & Technology Review, 16(1), 18-84. https://doi.org/10.2139/ssrn.2972855
  • European Commission. (2021). Proposal for a Regulation laying down harmonised rules on artificial intelligence. COM(2021) 206 final. https://doi.org/10.2833/469433
  • European Data Protection Board. (2023). Annual Report 2022. EDPB. https://doi.org/10.2804/254934
  • Fjeld, J., Achten, N., Hilligoss, H., Nagy, A., & Srikumar, M. (2020). Principled artificial intelligence: Mapping consensus in ethical and rights-based approaches to principles for AI. Berkman Klein Center Research Publication, 2020-1. https://doi.org/10.2139/ssrn.3518482
  • Floridi, L., Cowls, J., Beltrametti, M., Chatila, R., Chazerand, P., Dignum, V., Luetge, C., Madelin, R., Pagallo, U., Rossi, F., Schafer, B., Valcke, P., & Vayena, E. (2018). AI4People An ethical framework for a good AI society: Opportunities, risks, principles, and recommendations. Minds and Machines, 28(4), 689-707. https://doi.org/10.1007/s11023-018-9482-5
  • Gebru, T., Morgenstern, J., Vecchione, B., Vaughan, J. W., Wallach, H., Daumé III, H., & Crawford, K. (2018). Datasheets for datasets. Communications of the ACM, 64(12), 86-92. https://doi.org/10.1145/3458723
  • Goodman, B., & Flaxman, S. (2017). European Union regulations on algorithmic decision-making and a "right to explanation". AI Magazine, 38(3), 50-57. https://doi.org/10.1609/aimag.v38i3.2741
  • Habib, S. M., Ries, S., & Mühlhäuser, M. (2022). Cloud computing landscape and research challenges regarding trust and reputation. Future Generation Computer Systems, 130, 244-252. https://doi.org/10.1016/j.future.2021.12.013
  • Halevy, A., Norvig, P., & Pereira, F. (2016). The unreasonable effectiveness of data. IEEE Intelligent Systems, 24(2), 8-12. https://doi.org/10.1109/MIS.2009.36
  • Helbing, D., Frey, B. S., Gigerenzer, G., Hafen, E., Hagner, M., Hofstetter, Y., van den Hoven, J., Zicari, R. V., & Zwitter, A. (2019). Will democracy survive big data and artificial intelligence? In D. Helbing (Ed.), Towards digital enlightenment (pp. 73-98). Springer. https://doi.org/10.1007/978-3-319-90869-4_7
  • Hon, W. K., Hörnle, J., & Millard, C. (2014). Data protection jurisdiction and cloud computing – when are cloud users and providers subject to EU data protection law? The cloud of unknowing, Part 3. International Review of Law, Computers & Technology, 26(2-3), 129-162. https://doi.org/10.1080/13600869.2013.801578
  • Jobin, A., Ienca, M., & Vayena, E. (2019). The global landscape of AI ethics guidelines. Nature Machine Intelligence, 1(9), 389-399. https://doi.org/10.1038/s42256-019-0088-2
  • Kairouz, P., McMahan, H. B., Avent, B., Bellet, A., Bennis, M., Bhagoji, A. N., Bonawitz, K., Charles, Z., Cormode, G., Cummings, R., D'Oliveira, R. G. L., Eichner, H., Rouayheb, S. E., Evans, D., Gardner, J., Garrett, Z., Gascón, A., Ghazi, B., Gibbons, P. B., ... Zhao, S. (2021). Advances and open problems in federated learning. Foundations and Trends in Machine Learning, 14(1-2), 1-210. https://doi.org/10.1561/2200000083
  • Kaminski, M. E. (2019). The right to explanation, explained. Berkeley Technology Law Journal, 34(1), 189-218. https://doi.org/10.15779/Z38TD9N83K
  • Kroll, J. A., Huey, J., Barocas, S., Felten, E. W., Reidenberg, J. R., Robinson, D. G., & Yu, H. (2017). Accountable algorithms. University of Pennsylvania Law Review, 165(3), 633-705. https://doi.org/10.2307/26166781
  • Kumar, S., Tiwari, P., & Zymbler, M. (2020). Internet of Things is a revolutionary approach for future technology enhancement: A review. Journal of Big Data, 6(1), 111. https://doi.org/10.1186/s40537-019-0268-2
  • Lundberg, S. M., & Lee, S. I. (2017). A unified approach to interpreting model predictions. Advances in Neural Information Processing Systems, 30, 4765-4774. https://doi.org/10.48550/arXiv.1705.07874
  • Mitchell, M., Wu, S., Zaldivar, A., Barnes, P., Vasserman, L., Hutchinson, B., Spitzer, E., Raji, I. D., & Gebru, T. (2019). Model cards for model reporting. Proceedings of the Conference on Fairness, Accountability, and Transparency, 220-229. https://doi.org/10.1145/3287560.3287596
  • Mittelstadt, B. (2019). Principles alone cannot guarantee ethical AI. Nature Machine Intelligence, 1(11), 501-507. https://doi.org/10.1038/s42256-019-0114-4
  • Mittelstadt, B. D., Allo, P., Taddeo, M., Wachter, S., & Floridi, L. (2016). The ethics of algorithms: Mapping the debate. Big Data & Society, 3(2), 1-21. https://doi.org/10.1177/2053951716679679
  • Price, W. N., & Cohen, I. G. (2019). Privacy in the age of medical big data. Nature Medicine, 25(1), 37-43. https://doi.org/10.1038/s41591-018-0272-7
  • Raji, I. D., Smart, A., White, R. N., Mitchell, M., Gebru, T., Hutchinson, B., Smith-Loud, J., Theron, D., & Barnes, P. (2020). Closing the AI accountability gap: Defining an end-to-end framework for internal algorithmic auditing. Proceedings of the 2020 Conference on Fairness, Accountability, and Transparency, 33-44. https://doi.org/10.1145/3351095.3372873
  • Rakova, B., Yang, J., Cramer, H., & Chowdhury, R. (2021). Where responsible AI meets reality: Practitioner perspectives on enablers for shifting organizational practices. Proceedings of the ACM on Human-Computer Interaction, 5(CSCW1), 7:1-7:23. https://doi.org/10.1145/3449081
  • Reddy, S., Allan, S., Coghlan, S., & Cooper, P. (2020). A governance model for the application of AI in health care. Journal of the American Medical Informatics Association, 27(3), 491-497. https://doi.org/10.1093/jamia/ocz192
  • Reisman, D., Schultz, J., Crawford, K., & Whittaker, M. (2018). Algorithmic impact assessments: A practical framework for public agency accountability. AI Now Institute. https://doi.org/10.2139/ssrn.3867634
  • Ribeiro, M. T., Singh, S., & Guestrin, C. (2016). "Why should I trust you?": Explaining the predictions of any classifier. Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 1135-1144. https://doi.org/10.1145/2939672.2939778
  • Roberts, H., Cowls, J., Morley, J., Taddeo, M., Wang, V., & Floridi, L. (2021). The Chinese approach to artificial intelligence: An analysis of policy, ethics, and regulation. AI & Society, 36(1), 59-77. https://doi.org/10.1007/s00146-020-00992-2
  • Rudin, C. (2019). Stop explaining black box machine learning models for high stakes decisions and use interpretable models instead. Nature Machine Intelligence, 1(5), 206-215. https://doi.org/10.1038/s42256-019-0048-x
  • Schuett, J. (2019). A legal definition of AI. arXiv preprint arXiv:1909.01095. https://doi.org/10.48550/arXiv.1909.01095
  • Sculley, D., Holt, G., Golovin, D., Davydov, E., Phillips, T., Ebner, D., Chaudhary, V., Young, M., Crespo, J. F., & Dennison, D. (2015). Hidden technical debt in machine learning systems. Advances in Neural Information Processing Systems, 28, 2503-2511. https://doi.org/10.5555/2969442.2969519
  • Selbst, A. D., & Barocas, S. (2018). The intuitive appeal of explainable machines. Fordham Law Review, 87(3), 1085-1139. https://doi.org/10.2139/ssrn.3126971
  • Selbst, A. D., Boyd, D., Friedler, S. A., Venkatasubramanian, S., & Vertesi, J. (2019). Fairness and abstraction in sociotechnical systems. Proceedings of the Conference on Fairness, Accountability, and Transparency, 59-68. https://doi.org/10.1145/3287560.3287598
  • Smuha, N. A. (2021). From a 'race to AI' to a 'race to AI regulation': Regulatory competition for artificial intelligence. Law, Innovation and Technology, 13(1), 57-84. https://doi.org/10.1080/17579961.2021.1898300
  • Talby, D. (2020). Data quality for machine learning: A practical approach to automating data quality validation. O'Reilly Media. https://doi.org/10.1145/3394486.3406477
  • Veale, M., & Binns, R. (2017). Fairer machine learning in the real world: Mitigating discrimination without collecting sensitive data. Big Data & Society, 4(2), 1-17. https://doi.org/10.1177/2053951717743530
  • Veale, M., & Borgesius, F. Z. (2021). Demystifying the Draft EU Artificial Intelligence Act. Computer Law Review International, 22(4), 97-112. https://doi.org/10.9785/cri-2021-220402
  • Veale, M., Van Kleek, M., & Binns, R. (2018). Fairness and accountability design needs for algorithmic support in high-stakes public sector decision-making. Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems, 440:1-440:14. https://doi.org/10.1145/3173574.3174014
  • Voigt, P., & Von dem Bussche, A. (2017). The EU General Data Protection Regulation (GDPR): A practical guide. Springer. https://doi.org/10.1007/978-3-319-57959-7
  • Wachter, S., & Mittelstadt, B. (2019). A right to reasonable inferences: Re-thinking data protection law in the age of big data and AI. Columbia Business Law Review, 2019(2), 494-620. https://doi.org/10.7916/cblr.v2019i2.3424
  • Wachter, S., Mittelstadt, B., & Floridi, L. (2017). Why a right to explanation of automated decision-making does not exist in the general data protection regulation. International Data Privacy Law, 7(2), 76-99. https://doi.org/10.1093/idpl/ipx005
  • Wirtz, B. W., Weyerer, J. C., & Geyer, C. (2019). Artificial intelligence and the public sector Applications and challenges. International Journal of Public Administration, 42(7), 596-615. https://doi.org/10.1080/01900692.2018.1498103
  • Yang, Q., Liu, Y., Chen, T., & Tong, Y. (2019). Federated machine learning: Concept and applications. ACM Transactions on Intelligent Systems and Technology, 10(2), 12:1-12:19. https://doi.org/10.1145/3298981
  • Yeung, K., Howes, A., & Pogrebna, G. (2020). AI governance by human rights-centred design, deliberation and oversight: An end to ethics washing. In M. Dubber, F. Pasquale, & S. Das (Eds.), The Oxford handbook of ethics of AI (pp. 77-105). Oxford University Press. https://doi.org/10.1093/oxfordhb/9780190067397.013.4.
  • Zetzsche, D. A., Buckley, R. P., Arner, D. W., & Barberis, J. N. (2017). Regulating a revolution: From regulatory sandboxes to smart regulation. Fordham Journal of Corporate & Financial Law, 23(1), 31-103. https://doi.org/10.2139/ssrn.3018534
Index Terms
Computer Science
Information Sciences
No index terms available.
Keywords

Artificial Intelligence IT Infrastructure Compliance Challenges Governance Framework Data Privacy Regulatory Requirements Risk Mitigation Algorithmic Accountability GDPR HIPAA

Powered by PhDFocusTM