Artificial Intelligence
What you should know

With over 800 AI policy initiatives across 69 countries (OECD), the EU has taken the lead by enacting the world’s first comprehensiveAI regulation. The EU AI Act classifies systems by risk and imposes strict obligations, while in the U.S., regulation remains fragmented and court-driven, with juries deciding on complex issues like copyright without specialized understanding. Importantly, even the EU AI Act does not directly resolve foundational risks such as copyright ownership or privacy—areas that remain only partially addressed or indirectly regulated.

Why It Matters

  • Severe fines—up to 7% of global turnover or €35M for prohibited AI systems; 3% or €15M for high-risk systems; and 1% or €7.5M for other violations

  • Business disruption due to potential product recalls if AI tools are found infringing copyright, with experts warning that redesigning LLMs is often infeasible.

  • Strategic exposure tied to data sovereignty—relying on foreign AI vendors may expose sensitive data to foreign government orders and legal access.

*Sources: ·     OECD AI Repository

Core Requirements

Across jurisdictions, Artificial Intelligence Risk regulations converge around three pillars:

GPAI (General Purpose AI):

Foundation models like GPT, Gemini, Claude, LLaMA when placed on the market as a base model.

AI Systems:

Applications using AI for a specific purpose (e.g., Microsoft Copilot, Midjourney, ChatGPT with UI).

RAG (Retrieval-Augmented Generation):

AI systems enhanced with internal proprietary data; classified under “AI Systems”.
Compliance

Strategic Implications

  • The EU AI Act applies extraterritorially: anyAI system or output used in Europe falls under its scope, even if developed abroad.

  • U.S. states (e.g., Colorado, Illinois, NYC) enforce use disclosure, employee notification, and bias audits.

  • Companies integrating third-party AI must obtain compliance documentation and cannot rely on vendor claims alone.

  • Risk depends on how the AI is used, not just the model architecture.

Your Leadership Checklist

Have you mapped all AI systems deployed across your operations?

Do you have a proactive data strategy to safely leverage AI tools and outputs?

Are you monitoring the fast-evolving AI laws, court decisions, and enforcement actions in your key markets?

Download

Want the full picture?

Download our executive guide on AI governance, global regulatory frameworks (EU/US), risk classification, and enforcement scenarios. Includes model risk matrices, use-case impact maps, and 2025 readiness checklists.

Learn More