AI Sigil Logo
Contact Us
Back to all insights
A lockbox

Sections

AI Compliance Challenges for General Counsel

AI Compliance: Challenges for General Counsel

The inconsistent nature of artificial intelligence (AI) regulations worldwide presents significant and immediate challenges for organizations and their legal counsel. As businesses harness AI’s transformational power, general counsel (GC) everywhere must navigate a labyrinth of new regulations that are not just divergent but, in some cases, diametrically opposed. They must ensure regulatory compliance while contending with competing stakeholder interests, international tensions, and risks that change with the latest innovations in AI. Successful organizations will be those that identify AI’s true business value while implementing appropriate safeguards for high-risk applications.

Regulatory Landscape

The European Union (EU) has emerged as a regulatory pacesetter, advancing stringent, rights-based rules like the AI Act — a comprehensive, risk-based regulatory framework with strict compliance requirements and hefty penalties. On the other hand, the United States relies on a fragmented, sector-by-sector approach with agency guidelines and state actions addressing privacy and bias rather than a unified AI law. This approach creates a patchwork of compliance burdens — particularly for UK-based GCs — in high-stakes and highly regulated industries like healthcare, finance, and insurance.

Adding to the challenges GCs face is the rapid speed of AI innovation, which has intensified the discussion surrounding the balance between innovation and ethical oversight. Furthermore, the recent rollback of AI safety protocols by the new U.S. presidential administration has highlighted the need to find the right balance between spurring innovation and upholding ethical standards like fairness and accountability — which, along with healthy competition and supportive copyright laws, are necessary to maintain public confidence.

Navigating New Policies

Amid these changes, GCs worldwide must navigate the new policy front with agility and urgency — supporting their company’s AI ambitions while ensuring that safeguards exist for high-risk uses. Failing to comply with various laws can result in severe financial penalties, and regulators are increasingly scrutinizing AI uses that have the potential to affect human rights, safety, and fairness. Amid a continuously changing and complex regulatory landscape, a risk and use-case-focused approach is recommended for GCs to remain in compliance.

Rapid Corporate Implementation of AI Poses Risks

UK-based GCs find themselves in a particularly tough spot — caught between the EU’s comprehensive regulatory standards and the United States’ more fragmented approach. However, at the same time, they must also contend with the rapid implementation of AI across organizations. As AI plays an increasingly major role in corporate functions such as human resources and asset management, GCs must adjust their compliance strategies to regulatory changes.

An example of where AI is rapidly being woven into corporate functions is the performance reviews employees receive each year. New AI tools can summarize the feedback that employees receive from peers and managers and provide insights into their strengths, areas for improvement, and goal-setting opportunities. However, when these AI-assisted reviews influence legally sensitive decisions like pay, promotion, or termination, organizations must establish robust safeguards. Human oversight is crucial to ensure that the AI models used by HR produce accurate results consistently and any biases are mitigated.

The use of AI in HR introduces unique risks due to its “black box” reasoning, which is often opaque, and its resulting decisions, which may be more pervasive, widespread, or harder to account for than individual human biases. This raises liability issues akin to those surrounding self-driving cars: with autonomous vehicles, the question is who is liable for accidents; in HR, it’s who bears responsibility when systemic discrimination occurs. To foster trust and reduce such risks, fairness, transparency, and accountability must be embedded into all AI-driven processes.

In many organizations, the use of AI also extends far beyond HR and other internal processes. For instance, AI is widely used to improve customer help tools like chatbots. These modern chatbots can respond to unexpected questions and customize their answers to fit each customer, with the goal of creating a more satisfying customer experience. However, while the legal risks associated with AI agents in customer support are generally modest, landmines still exist. Poorly trained AI agents may provide inaccurate information, leading to customer frustration and potentially damaging customer relationships and the organization’s reputation.

Global Regulatory Challenges Ahead

While implementing AI presents reputational and ethical concerns, these are intensified by the broader challenges that GCs face in navigating new AI regulations. Given the complexities of this transformative technology, many organizations are not fully prepared for the regulatory challenges ahead. Whether counseling multinational corporations or UK-based organizations straddling divergent EU and U.S. regulations, GCs must understand the magnitude of this challenge.

In the United States, the decentralized regulatory approach has led to a mix of divergent state laws — a situation exacerbated by the new presidential administration’s deregulatory approach. This makes compliance a moving target. And while the current EU rules are clearly defined, they also require rigorous adherence, leaving little room for error. Complicating matters further is the reality that AI is evolving at a breakneck pace.

To address such challenges, organizations should use analytics and other advanced, data-driven tools to identify compliance gaps and adapt to policy changes. In addition, fostering internal collaboration across legal, compliance, and IT teams is crucial to seamlessly implement AI initiatives and stay in compliance as regulation evolves.

At the same time, regulations, risks, and opportunities will keep changing; therefore, GCs need to stay flexible and proactive. Global GCs, in particular, must align their compliance efforts across regions with very different regulatory philosophies, even as they prepare for future shifts. Taking part in industry discussions with policymakers can help influence how future AI governance frameworks are shaped.

A Use Case-Focused Approach to Compliance

For many GCs, the most effective way forward will be to tackle the current tangle of regulations according to specific use cases. GCs should prioritize the AI use cases that pose the greatest risk to individuals, organizations, or society at large, like hiring, employee performance evaluations, and high-stakes decision-making that impact consumers in regulated industries such as healthcare, insurance, and financial services. By identifying and addressing high-risk AI applications, organizations can ensure they comply with applicable regulations and ethical standards while fostering innovation and mitigating legal risks.

The following three use cases offer a useful illustration of this approach:

  • AI-Powered Hiring Tools: AI systems used in recruitment and hiring processes must be carefully monitored to ensure they do not perpetuate biases or violate anti-discrimination laws. Regular audits of hiring algorithms, combined with human oversight, are essential to maintaining fairness and compliance.
  • AI in Financial Decision-Making: In financial services, AI tools used for credit scoring, loan approvals, or investment decisions must meet rigorous standards of accuracy and fairness. GCs can play a pivotal role in implementing robust validation processes to ensure these tools meet both regulatory and ethical benchmarks.
  • AI in Healthcare Diagnostics: AI applications in healthcare, such as tools that diagnose illnesses or recommend treatments, carry life-and-death implications. Organizations must prioritize transparency, ensuring that these tools are thoroughly tested, explainable, and compliant with relevant healthcare regulations.

Although GCs work to address various use cases, they must also remain vigilant about avoiding “AI-washing” whereby organizations overstate the capabilities or ethical soundness of their AI systems. This will require transparency, accurate communication, and a commitment to validating the actual performance and limitations of AI tools.

Conclusion

The rapid implementation of AI in corporate processes and the fragmented nature of global regulation present significant challenges for organizations and their GCs, while simultaneously creating opportunities for thoughtful, proactive governance and innovation. This challenge is compounded by the rapid evolution of AI models and use cases, which often outpace lawmakers’ ability to draft rules ensuring their safe and fair use.

By adopting a use case-focused approach, GCs can bring clarity to this complex and quickly changing regulatory landscape. Prioritizing high-risk applications and implementing strategies that balance innovation with compliance becomes even more critical at a time when geopolitical variables — from the new administration’s deregulatory agenda to state-driven ambitions — could further alter the legal terrain. GCs who successfully navigate these dynamics will enable the organizations they serve to thrive as AI and the regulations that govern this transformational technology evolve.

More Insights

A shield with a digital pattern

CII Advocates for Strong AI Accountability in Financial Services

April 24, 2025 AI,AI Governance,AI Regulation,Artificial Intelligence Regulation
The Chartered Insurance Institute (CII) has urged for clear accountability frameworks and a skills strategy for the use of artificial intelligence (AI) in financial services. They emphasize the...
Read More
A regulatory checklist

Regulating AI in APAC MedTech: Current Trends and Future Directions

April 24, 2025 AI,AI Regulation,Medtech Innovation,Regulatory Compliance
The regulatory landscape for AI-enabled MedTech in the Asia Pacific region is still developing, with existing frameworks primarily governing other technologies. While countries like China, Japan, and...
Read More
Light bulb

New York’s AI Legislation: Key Changes Employers Must Know

April 24, 2025 AI,AI Regulation,Artificial Intelligence Regulation,Regulatory Compliance
In early 2025, New York proposed the NY AI Act and the AI Consumer Protection Act to regulate the use of artificial intelligence, particularly addressing algorithmic discrimination in employment...
Read More
A circuit board with a warning sign

Managing AI Risks: Effective Frameworks for Safe Implementation

April 24, 2025 AI,AI Governance,AI Regulation
This article discusses the importance of AI risk management frameworks to mitigate potential risks associated with artificial intelligence systems. It highlights various types of risks, including...
Read More
A compass to signify guidance and direction in navigating the AI landscape.

Essential Insights on the EU Artificial Intelligence Act for Tech Companies

April 24, 2025 AI,AI Ethics,AI Regulation,European Union AI Governance
The European Union has introduced the Artificial Intelligence Act (AI Act), which aims to manage the risks and opportunities associated with AI technologies across Europe. This landmark regulation...
Read More
1. A robot figurine 2. A circuit board 3. A book titled "AI Ethics"Selected: A book titled "AI Ethics"

South Korea’s Landmark AI Basic Act: A New Era of Regulation

April 24, 2025 AI,AI Governance,AI Regulation
South Korea has established itself as a leader in AI regulation in Asia with the introduction of the AI Basic Act, which creates a comprehensive legal framework for artificial intelligence. This...
Read More
A blueprint

EU AI Act and DORA: Mastering Compliance in Financial Services

April 24, 2025 AI,EU AI Compliance
The EU AI Act and DORA are reshaping how financial entities manage AI risk by introducing new layers of compliance that demand transparency, accountability, and quantifiable risk assessments...
Read More
A lock and key set representing security and access

AI Governance: Bridging the Transatlantic Divide

April 24, 2025 AI,AI Governance,AI Regulation,International Policy
Artificial intelligence (AI) is rapidly reshaping economies, societies, and global governance, presenting both significant opportunities and risks. This chapter examines the divergent approaches of...
Read More
A toolbox

EU’s Ambitious Plan to Boost AI Development

April 24, 2025 AI,AI Regulation,Global AI Policy,Regulatory Frameworks
The EU Commission is launching a new strategy to reduce barriers for the deployment of artificial intelligence (AI) across Europe, aiming to enhance the region's competitiveness on a global scale. The...
Read More

Ready to become AI compliant?

Take the first steps in your transformation towards international AI compliance.

Book a Discovery Call See Frameworks

Explore

Need More Assistance?

Our expert sales team is here to answer your questions, just leave your email and we’ll get in touch.

Research & Market Studies
A digital energy meter
AI Safeguards: A Step-by-Step Guide to Building Robust Defenses
As AI becomes more powerful, protecting against its misuse is critical. This requires well-designed "safeguards"...
A light bulb
Algorithmic Audits: A Practical Guide to Fairness, Transparency, and Accountability in AI
Algorithmic auditing is crucial for ensuring AI systems are fair, transparent, and accountable. A comprehensive...
A compass
AI Explainability: A Practical Guide to Building Trust and Understanding
As AI systems exert increasing influence over our lives, understanding how they arrive at conclusions...
A shield symbolizing protection against unregulated AI practices.
AI Governance: Transparency, Ethics, and Risk Management in the Age of AI
AI is rapidly transforming society, creating both opportunities and risks. A proposed AI governance framework...
Latest News on AI Compliance
A broken shield
Assessing the High-Risk Landscape of AI in Insurtech
The Insurtech sector is increasingly intersecting with AI regulations, particularly regarding the classification of AI...
A compliance checklist
Essential Insights on the EU AI Act for Machine Builders
The EU AI Act, which defines four levels of risk for AI systems, aims to...
A robot arm
Revamped Federal AI Policies: A New Era of Innovation and Efficiency
On April 3, 2025, the OMB released two revised policies aimed at guiding federal agencies...
A magnifying glass highlighting the importance of scrutiny and clarity in regulations.
EU Seeks Stakeholder Input on Upcoming AI Guidelines
The European Commission is inviting stakeholders to provide input on upcoming guidelines for general-purpose AI...

© 2023 AI Sigil

Medium Envelope