Quarter of businesses that use AI are unclear of regulatory obligations, according to new report

Stock image: Getty

Donal O'Donovan

A quarter of Irish business that are using artificial intelligence (AI) do not know whether they qualify as “providers” or “deployers” under the EU AI Act.

Almost four out of 10 businesses here have not appointed a named individual for an AI seat, as required under the law.

A new Governing AI report from Irish law firm Arthur Cox shows that almost all businesses in Ireland, 97pc, are using AI, though just 10pc say it is “fundamental” to their operations.

However, while Irish companies are racing to adopt artificial intelligence, they are unclear about the regulatory responsibilities that come with it.

Today's news in 90 Seconds - Monday June 23

The EU AI Act came into force in August 2024, although its provisions are being applied on a phased basis out to August 2027.

It establishes a regulatory framework for AI systems developed or deployed in the EU and aims to provide a high level of protection for health, safety and fundamental rights such as privacy, while promoting adoption of trustworthy AI tools.

“Deployers” of AI technology are businesses that are using the new technology to perform functions within their business and they have specific obligations under the EU AI Act which is now in place – including to have suitably qualified named staff with personal responsibility to oversee the processes. They are also required to maintain records.

“Providers” are businesses or entities that develop and supply AI tools; which have distinct responsibilities under the act.

The Arthur Cox report’s authors say it captures uneven levels of preparedness when it comes to oversight, compliance and long-term planning for the roll-out of high risk AI systems in Ireland.

It is based on a survey of professionals in IT, data, risk, compliance, legal and C-suite roles. It found many businesses have yet to implement oversight and compliance mechanisms concerning AI use, particularly around governance, documentation and accountability.

At the same time, organisations are already identifying areas where the cost of compliance is likely to rise – including data governance, risk management and reporting requirements.

Colin Rooney, partner and head of technology and innovation at Arthur Cox, said many organisations remain unclear on what steps they need to take under the EU AI Act.

“Given the complexity of these new obligations – particularly around documentation, accountability, and data management – businesses must prioritise legal clarity and strategic planning. Proactive compliance will determine whether AI remains a growth driver or becomes a source of risk and disruption,” he said.