The EU AI Act: what enterprises need to know in 2026
Risk tiers, provider vs. deployer obligations, and building a governance program before enforcement ramps up.
Read article →
Blogs & articles
Insights on AI governance
Regulation by region, reported enterprise AI incidents worldwide, and governance best practices.
Featured
2 articles
3 articles
3 articles
8 articles
8 articles
When your chatbot makes a promise: the Air Canada liability lesson
A tribunal held an airline responsible for incorrect fare information its chatbot provided — a landmark case for customer-facing AI governance worldwide.
Read featured article →Europe
EU AI Act, GDPR, and regional compliance
Americas
US federal and state law, Canada, and Latin America
US AI regulation in 2026: federal policy and the state patchwork
Executive action, NIST adoption, agency enforcement, and navigating 50-state rules.
Read article →California and Colorado AI laws: compliance for deployers
Transparency, impact assessments, and algorithmic discrimination duties for state AI acts.
Read article →Cross-border AI governance in the Americas
Operating across the US, Canada, and Latin America — data residency and unified workflows.
Read article →Asia-Pacific
Singapore, China, India, Japan, and South Korea
Singapore's AI governance framework and AI Verify
IMDA's Model AI Governance Framework and practical adoption for regional headquarters.
Read article →China's AI rules: what multinational enterprises must know
Generative AI measures, algorithm filings, and cross-border data implications.
Read article →APAC AI governance: India, Japan, and South Korea
DPDP Act, Japan AI Guidelines, Korea AI Basic Act — one regional program.
Read article →Enterprise AI issues worldwide
Reported incidents, enforcement actions, and lessons learned
When your chatbot makes a promise: the Air Canada liability lesson
Governance implications when customer-facing AI gives incorrect binding information.
Read article →Shadow AI and the Samsung lesson
When employees paste secrets into chatbots — and why deploy gates matter before the breach.
Read article →Deepfake CFO fraud: the $25M video-call scam
Synthetic media attacks and why payment agents need runtime controls.
Read article →Fake legal citations and professional liability
Hallucination risk in knowledge-work agents — lessons from the courtroom.
Read article →Employment AI under fire: NYC bias audits
Algorithmic hiring tools face audits, lawsuits, and global discrimination scrutiny.
Read article →GDPR meets AI: multimillion-euro fines
Clearview, ChatGPT investigations, and lawful basis for enterprise deployers.
Read article →Italy's ChatGPT suspension: privacy lessons
Why generative AI needs governance before national regulators intervene.
Read article →Public-sector AI failures and accountability
Reported rollbacks in the Netherlands, UK, and Australia.
Read article →Platform & practice
openRegal capabilities, frameworks, and governance workflows
NIST AI RMF in practice
Mapping Govern, Map, Measure, and Manage to deploy gates and GRC workflows.
Read article →Governing multi-agent AI from deploy to runtime
Why agentic systems need governance across the full lifecycle.
Read article →Deploy gates: stopping ungoverned AI
How deployment controls prevent shadow AI before production.
Read article →Runtime policy enforcement
Why approval isn't enough — allow/deny on live agents with audit trails.
Read article →AI compliance evidence: what auditors look for
Test artifacts, policy versions, and the audit trail regulators expect.
Read article →Dual-portal governance: engineering and GRC
Purpose-built workspaces connected by one auditable workflow.
Read article →Tool allowlists and agent security
Controlling APIs agents can invoke and detecting undeclared tool use.
Read article →Regal AI: automated risk assessment
From intake to risk tier, controls, compliance tests, and runtime policy.
Read article →