Modernization in 2026: AI Rewrites the Rulebook for Regulatory Agencies

State regulatory agencies don’t need a strategy document to feel the pressure of an outdated system. They experience it every day. A license application enters the queue; data arrives in fragments; inconsistencies hide in plain sight and staff spend hours stitching together context that should already exist in a system of record.

That friction now defines the core problem modernization must solve.

NASCIO’s 2026 State CIO Top 10 Priorities reflects that reality. Modernization holds the fourth position, but the more consequential shift sits at the top of the list. Artificial intelligence replaces cybersecurity as the top priority for the first time in 12 years. For regulatory agencies, that shift resets the modernization equation entirely. Upgrading systems no longer suffices. Agencies must build an operational foundation that lets AI deliver at scale or risk adding another layer on top of the same broken workflows.

This article continues a 10-part series examining NASCIO’s top priorities for state regulatory agencies in 2026. Each installment explores how pairing advanced technology platforms with disciplined operational practices enables agencies to meet rising expectations, extend limited resources and deliver stronger outcomes for the public they serve.

Why Modernization Looks Different This Time

NASCIO’s 2026 list marks the report’s 20th year and drew responses from 51 state and territory CIOs. Their 2026 modernization focus centers on:

• Business process improvement with security, compliance and privacy built in
• Application modernization and cross-agency collaboration
• Robust digital service frameworks

That emphasis on process before technology reflects a hard-won lesson from prior waves of public sector modernization. Regulatory agencies that layered new digital tools onto broken workflows got expensive broken workflows. The arrival of AI in state government makes that lesson more consequential, not less.

GL Solutions CEO Bill Moseley has spent 28 years serving government regulatory agencies and watched prior technology waves reshape public sector operations. He frames AI within that longer arc:

“AI is just among the technology changes that have occurred during our lifetimes. There’s not something completely bizarre about this. It’s just yet another technology tool. The advent of databases, online websites, advanced reporting tools, cloud hosting — these are all just technology changes. How do you implement that?”

That last question, how you implement it, separates agencies that genuinely modernize from those that merely bolt new features onto the same old processes.

The Foundation Problem: Why Process Comes Before AI

State regulatory agency leaders hear the AI pitch constantly. Vendors promise automation, efficiency gains and reduced administrative burden. But Moseley identifies a prerequisite most conversations skip:

“If you don’t know how you operate, and the agency’s doing all different kinds of things, then AI is really just going to be a chatbot sitting on someone’s desk instead of something that actually automates the business process that you have.”

The numbers bear this out. A Capgemini survey of 350 government agencies found:

• 64% started pilots or early rollouts of generative AI
• Only 21% put a live service in the public’s hands

The gap between experimentation and production rarely comes from technology limitations. It comes from licensing and permitting agencies lacking the standardized workflows that AI needs to automate rather than disrupt.

Closing that gap requires getting the sequence right. Process standardization and workflow documentation come first. AI-driven automation comes after. Agencies that reverse that order don’t get transformation; they get a faster version of the same broken process.

AI Forces Agencies to Revisit the Business, Not Just the Software

Modernization has historically meant replacing old technology. AI raises a fundamental question: does the underlying business process itself still make sense?

State governments, moving past experimentation, now work to integrate AI into workflows, citizen service delivery, predictive analytics and engagement use cases. For regulatory agencies, that integration demands a fresh look at every major workflow:

• How staff review license applications
• How inspectors prioritize site visits
• How case managers detect fraud
• How agencies communicate with the public

Take document intake. Most state licensing agencies today assign staff to manually review uploaded photos, insurance certificates and supporting materials. AI changes that workflow entirely:

• Reads and flags non-compliant photos before staff ever open the file
• Extracts dollar amounts from insurance certificates automatically
• Feeds structured data into a rules engine that determines eligibility

“It doesn’t completely take human beings out of the process,” Moseley notes. “It just takes a lot of the leg work out of the process to help you do things faster.”

The same logic applies to field inspections. AI-powered risk monitoring reviews complaint histories and violation patterns, then prioritizes inspector routes by risk level and geographic efficiency. Case management advances similarly. Rather than forcing investigators to read through months of file history, AI digests the entire case and surfaces a narrative summary with key dates, complaints, interviews and findings, ready for action before the board hearing.

These changes do not merely accelerate existing workflows. They restructure the nature of professional judgment in a regulatory agency, directing human attention where it delivers the highest value.

The Workforce Multiplier at a Moment of Persistent Shortage

State regulatory agencies rarely have the luxury of adding headcount to absorb new demands. AI adoption now addresses that constraint directly.

As digital intake volumes climb, AI becomes a force multiplier, helping teams manage growth without proportional increases in headcount. Gallup’s Q4 2025 data shows 43% of public-sector employees use AI at least a few times a year, up from 28% in Q2 2024, with 21% using it daily.

The Federal Reserve Bank of St. Louis puts the productivity impact in concrete terms: workers using generative AI save 5.4% of their weekly hours. For agencies where staff already carry heavy caseloads, that recovered time redefines what a small team can actually process.

Moseley connects that efficiency directly to public safety outcomes:

“As you take labor out of the whole process of the mundane sort of thing, you can rechannnel some of those resources to do things that AI can’t do. AI can’t interview a witness who was harmed by a physician or a child harmed in a foster care facility. You need people to do that kind of activity. But AI will allow you to free up resources to keep the public safe.”

AI does not shrink the workforce. It redirects it toward the work that demands human judgment, empathy and accountability.

Five AI Use Cases Regulatory Agencies Deploy Today

The agencies moving fastest on modernization share something in common: they deploy AI against specific workflows, not broad ambitions. Five use cases that deliver results today:

1. Intelligent Document Intake: AI reviews uploaded photos, blueprints and certificates against agency requirements, flags non-compliant submissions before staff review and extracts structured data for rules engine processing.
2. Risk-Based Inspection Prioritization: AI analyzes complaint patterns, violation histories and operational data to rank inspection priorities and optimize field routes, focusing limited inspector time where risk runs highest.
3. Program Integrity Analytics: AI runs anomaly detection across claims, license activity and ownership records, then triages suspicious patterns and flags cases for investigator review with clear supporting context.
4. Virtual Assistance on Public Portals: Context-aware AI guides licensees to the correct permit or application based on their specific situation, drawing only from agency-approved rules and desk manuals rather than the open internet.
5. Staff Productivity Co-Pilot: AI summarizes lengthy case files, drafts deficiency notices, translates communications in real time, redacts documents for FOIA responses and suggests replies to licensee inquiries.

The scale of adoption tells its own story. According to a study by the Brookings Institution, federal AI use cases grew from 710 in 2023 to more than 3,600 in 2025. The state trajectory mirrors that growth, with regulatory agencies finding the most traction in use cases that reduce repetitive processing and surface actionable intelligence.

Governance Provides the Guardrails for Responsible Adoption

Speed without governance creates its own category of risk. Regulatory agencies that race toward AI deployment without guardrails create compliance exposure and erode the public trust that regulatory authority depends on.

NASCIO called on Congress and federal agencies to partner with states on AI governance, recognizing existing state frameworks and providing funding and workforce development resources. For regulatory agencies, responsible AI governance means:

• Training data drawn from approved agency sources only
• Audit trails on every AI-assisted decision
• Clear human review protocols before consequential actions take effect
• Platforms that prove security rigor rather than merely claiming it

That last point matters. GL Solutions achieved GovRAMP Ready status because modern regulatory agencies require vendors to demonstrate security compliance under rigorous third-party audit, not self-attestation.

Modernization Without AI Strategy Solves Yesterday’s Problem

NASCIO’s 2026 priorities signal a new operating reality: AI and modernization do not run on separate tracks. Regulatory agencies that treat them as independent initiatives build toward two destinations instead of one.

Those that align them, building the operational foundation first, then deploying AI against standardized, well-governed workflows, transform into genuinely modern institutions. They meet elevated public expectations with the staff and budgets they actually have.

The agencies that answer the “how do you implement it” question well deliver:

• Faster licensing and renewals
• More effective, risk-prioritized inspections
• Stronger fraud and program integrity detection
• A public experience that rivals private sector benchmarks

The agencies that skip the foundational work will continue paying for capable tools that never quite deliver.

AI in Modernization FAQs

1. Why does NASCIO rank AI above cybersecurity in 2026?
   NASCIO elevates AI to reflect its growing impact on government operations, while cybersecurity remains essential as a foundational requirement for safe AI adoption.
2. What does modernization mean for state regulatory agencies in 2026?
   Modernization extends beyond system upgrades and cloud migration. It focuses on building standardized, well-governed workflows that allow AI to operate effectively at scale.
3. Why do processes matter more than technology in AI adoption?
   AI depends on consistent, structured workflows. Without them, AI amplifies inefficiencies instead of automating or improving operations.
4. What are the most common AI use cases in regulatory agencies?
   Agencies apply AI to document intake, inspection prioritization, fraud detection, public-facing portals and staff productivity support.
5. How does AI change the role of licensing agency staff?
   AI reduces repetitive tasks and data processing, allowing staff to focus on higher-value work such as investigations, interviews and decision-making that requires human judgment.

Ryan Pedersen

Chief Technology Officer Ryan Pedersen is an expert in technical solutions to industry needs. Ryan joined GL Solutions in 2010 as a developer and subsequently managed the development team for several years. He has served since as Vice President for Operations and Vice President for Business Solutions and currently works as Chief Technology Officer.