The next AI bottleneck is access to the right data

Advanced AI models are becoming easier to purchase, cheaper to run and simpler to embed into enterprise software. Yet many organisations still struggle to move beyond controlled pilots because their systems cannot access accurate, current and authorised operational data without creating privacy, security, accountability or commercial risk.

That moves the enterprise AI problem closer to the organisation itself. Model capability continues to advance, but access to models is becoming less defensible as a standalone advantage. The critical work now sits in data pipelines, access controls, audit trails, privacy safeguards and cross-institutional agreements. Singapore’s refreshed National AI Strategy makes this bottleneck visible at the national scale. Its relevance extends beyond Singapore because many Asian markets face the same enterprise conditions: regulated industries, fragmented legacy systems, cross-border operations and multi-party environments where data cannot simply be pooled and reused.

Model access is becoming less defensible

Stanford HAI reported that inference costs at GPT-3.5-level performance fell from US$20.00 per million tokens in November 2022 to US$0.07 per million tokens by October 2024, a reduction of more than 280-fold. That cost collapse changes where enterprise advantage is likely to sit. Most large organisations can now reach capable LLMs through cloud providers, enterprise platforms or open-source ecosystems. The question is whether those systems can be connected to records, permissions, business rules, exceptions and live workflow data that deeper automation requires.

The implementation data points in the same direction. Gartner’s 2025 AI maturity research found that data availability and quality remain among the top AI implementation challenges, cited by 34% of leaders in low-maturity organisations and 29% in high-maturity organisations. If operational records are fragmented, stale, poorly labelled or locked behind unclear ownership, AI deployments remain narrow. What separates functional enterprise AI from stalled pilot programmes is no longer the algorithm, but whether the organisation can make the right data available under governed terms.

Singapore is treating data as execution infrastructure

Singapore’s updated AI agenda turns this enterprise problem into a national execution question. Its refreshed AI priorities, announced in May 2026, place data access inside sector missions rather than treating it as an IT housekeeping problem. The national AI missions focus on connectivity, advanced manufacturing, healthcare and finance, sectors that together account for more than 40% of GDP. These sectors depend on sensitive, high-value information about customers, assets, transactions, production lines, patients, and logistics flows.

That focus changes the role of data policy. The direction has shifted from broad adoption to mission-specific environments, where datasets, compute resources, regulatory sandboxes and sector expertise are tied to practical problems. For CIOs and data leaders, the strategic layer creates controlled pathways between AI systems and the information they need, while proving who accessed what, why it was allowed, and what happened next.

Singapore’s approach indicates how the state intends to convene regulators, public agencies, research institutions and companies around areas where shared data could support wider economic value. That coordination sets the frame, but adoption will depend on whether institutions can make data available under terms that protect commercial interests, accountability and public trust.

Operational AI needs live and specific data

The importance of that coordination becomes clearer in environments where AI must operate across moving physical systems. Changi Airport Terminal 5 is expected to add about 50 million passengers to its annual handling capacity. Automation in that setting cannot rely on static records. Passenger flows, baggage handling, runway sequencing, gate allocation and transport links all affect one another. A delay at a gate may affect baggage movement, transfer windows and ground transport demand.

The same data problem appears in a different form at Tuas Port. Automated container operations depend on synchronised data across cranes, autonomous vehicles, yard planning, vessel schedules and energy systems. Punggol Digital District extends the same logic into an urban testbed. It functions as a controlled environment for testing how data platforms, robotics, safety rules and human oversight work together before broader deployment.

These operating environments point to the same underlying issue. High-fidelity sector data is becoming strategic because the most useful records are often inside machines, sensors, enterprise applications and partner networks. They are difficult to replicate and share. The practical divide is between pilot data and production data. A pilot can be built on a narrow sample or simulated workflow. Production AI needs live exceptions, messy edge cases, current constraints and a clear line of responsibility when recommendations affect people, assets or regulated processes.

Data sharing requires institutional trust

Turning operational data into a shared AI infrastructure depends on more than technical integration. The central difficulty is trust between institutions. Many datasets required for sector-level AI are commercially sensitive or legally constrained. Companies may recognise the wider value of shared data while still fearing exposure of competitive advantage, customer relationships or proprietary methods.

Singapore’s January 2026 amendments to the Public Sector Governance Act formalise this issue. Public agencies can share data with trusted external partners only under defined safeguards, including legitimate purpose, specific authorisation, documentation and security requirements. The point is not simply that data can be shared. It is that sharing must become a governed operating model, with a defined purpose, controls, and accountability, before AI systems are connected to sensitive workflows.

Enterprises will need similar data-sharing agreements with suppliers, customers and technology vendors. The terms must define purpose, scope, retention, audit rights, liability and controls over downstream use. A manufacturer may resist exposing production data that reveals process efficiency. A bank may face regulatory risk if the use of data is unclear. Organisations that build repeatable data-sharing patterns through standard access tiers, template agreements and audit processes will reduce friction across use cases.

Privacy tools reduce risk but add complexity

If trust is the institutional barrier, privacy-enhancing technologies can help reduce technical risk. These tools can lower some barriers to data collaboration. IMDA’s Privacy Enhancing Technology Sandbox supports privacy-preserving data collaboration, including AI development and cross-border data flows. Techniques such as synthetic data, trusted execution environments and federated approaches can help organisations collaborate while limiting exposure in healthcare, finance, fraud detection and supply chain management.

That said, privacy tools do not fix stale records, weak labelling or unclear ownership. They also do not remove the need to decide who is responsible when AI outputs are wrong or misused. PETs require technical evaluation, security review, legal interpretation, and domain validation, which may increase implementation costs when teams lack the skills to assess whether the method fits the risk.

Agentic AI raises the access stakes

The access question becomes more consequential as AI systems move from generating outputs to taking actions. Agentic AI makes the data access problem more urgent because these systems may call APIs, update records, trigger workflows, or initiate transactions. Organisations must decide what an AI system can see and what it can do after it sees the data.

Singapore’s Model AI Governance Framework for Agentic AI, launched in January 2026, reflects this shift by focusing on access limits, human accountability and lifecycle controls. A chatbot with limited retrieval rights creates one type of risk. An agent that can interact with customer databases, payment workflows or operational controls creates a different level of exposure.

Access should be tiered by purpose, sensitivity and action rights. A system may be allowed to read a record without modifying it, recommend an action while requiring human approval, or operate autonomously only within low-risk boundaries. If an AI agent changes a record, triggers a workflow, or escalates a case, the organisation needs to know what data it used, which tool it called, which instruction it followed, and whether the action can be reversed.

This is especially relevant in Singapore’s priority sectors. In finance, an agent connected to customer profiles or transaction systems carries compliance and fraud risk. In healthcare, data use is tied to patient privacy and clinical responsibility. In manufacturing and logistics, automated actions can affect safety, uptime and service resilience.

Compute supports but does not solve the bottleneck

Data access is one part of the infrastructure equation. Singapore is also expanding the compute layer needed for AI through the ASPIRE 2B supercomputer at the National Supercomputing Centre and the second Data Centre Call-for-Application, which makes at least 200MW of capacity available. Selected applicants must meet the Green Mark for Data Centres 2024 Platinum certification and achieve a Power Usage Effectiveness of 1.25 or better at full IT load.

That capacity is necessary for model training, simulation and data-intensive applications. It also has strategic value when sensitive workloads, latency or sovereignty considerations make external infrastructure less suitable. More computing power allows organisations to process larger workloads and run more experiments without guaranteeing that the data feeding those systems is complete, current, permissioned or suitable for the decision being made.

This is where enterprise spending can become misaligned. AI budgets often gravitate towards visible tools and cloud consumption, while the critical investments are less visible: data quality, integration architecture, metadata, lineage, identity management and access controls. Singapore’s ambition to support 100,000 workers over the next three years to become AI bilingual is relevant only if it translates into people who understand both domain processes and the data systems behind them.

The enterprise advantage is governed access

Taken together, the model, data, governance, and compute layers point to the same enterprise priority. The next AI advantage will sit with organisations that can make the right data available safely, repeatedly and with enough context for systems to act usefully. That capability is difficult to copy because it depends on internal architecture, data discipline, domain expertise and institutional trust.

For CIOs and data leaders, buying stronger models may improve experimentation without automatically changing core workflows. The critical work is creating access pathways that define what AI systems can use, how they can use it, who approves the access, how actions are logged and how errors are corrected. This requires legal teams, security teams, business owners, data engineers and operations leaders to work together.

Singapore’s refreshed AI priorities place this issue at the centre of sector execution by building around missions, compute, sandboxes and data-sharing frameworks. The decisive work will take place within institutions, where commercial caution, legacy systems and accountability concerns shape what can be shared and automated. Enterprises can continue to procure increasingly capable models and still fail to change how work gets done. The route from pilot to production will be built on data quality, access rights, audit trails, integration architecture and trust between organisations, not model procurement alone.