Navigating AI in Corporate Governance: A Practical Look at Challenges and Opportunities - Part 2

Navigating AI in Corporate Governance: A Practical Look at Challenges and Opportunities – Part 2

19 May 2025

Part 2: The Risks and Challenges of Artificial Intelligence in Corporate Governance and Corporate Law

While artificial intelligence (AI) offers tremendous promise in enhancing corporate governance and legal functions, its adoption also presents complex legal, ethical, and operational risks. From algorithmic bias and opacity to regulatory uncertainty and liability concerns, directors and legal teams must ensure that AI is integrated responsibly and strategically. In this second part of our series, we examine the major challenges boards and corporate legal teams must grapple with as AI becomes embedded in decision-making, reporting, and oversight. We then conclude with a forward-looking reflection on how AI may reshape corporate governance in the years to come.—

Algorithmic Bias and Discrimination

Bias in AI systems presents a major challenge to ethical and effective corporate governance. When algorithms are trained on skewed, incomplete, or historically biased datasets, they can replicate and reinforce existing societal and institutional inequalities—undermining fairness, transparency, and stakeholder trust.

This risk is particularly serious in governance contexts where equity and non-discrimination are foundational principles. Algorithmic bias threatens to embed systemic unfairness beneath a veneer of objectivity. These systems, when deployed without adequate scrutiny, risk entrenching discrimination in ways that are harder to detect and challenge.

Importantly, the issue is not the technology itself, but how it is designed and implemented. As flawed outcomes often stem from flawed human decisions—whether in data selection, model development, or the absence of appropriate oversight. In this sense, algorithmic bias is not inevitable, but preventable.

To address this, companies must adopt clear frameworks for ethical AI governance. This includes ensuring transparency in algorithmic design, conducting regular and independent bias audits, and maintaining strong human oversight. Without these safeguards, biased AI systems can not only harm individuals but also expose firms to serious legal, reputational, and governance risks.

The Isseue of Explainability, Accountability, and Regulatory Fragmentation

As companies integrate AI into decision-making, corporate boards face growing challenges—particularly around explainability. Many advanced AI systems, especially

those based on deep learning, function as “black boxes,” with outputs that even developers struggle to interpret.

This creates a governance paradox: directors are legally required to exercise informed oversight, yet they may not fully understand the AI tools influencing key decisions. When AI-driven outcomes lead to harm or regulatory breaches, assigning responsibility becomes difficult—particularly when human involvement is limited.

To address this, boards must ensure AI systems are “explainable enough” to meet audit and compliance standards. Human-in-the-loop models—where AI decisions remain subject to human review—are increasingly recommended. Regulators are also expected to require documentation, evidence of board understanding, and clear audit trails to support accountability.

These challenges are heightened by a fragmented and rapidly evolving regulatory landscape. The EU AI Act introduces a risk-based framework with strict requirements on transparency and oversight. In this context, boards must actively manage the ethical and legal implications of AI, even in the absence of clear rules. A key question remains: how much decision-making authority can responsibly be delegated to AI—and how much must stay with human leadership?

The Challenge of Legal Liability in an AI-Driven Environment

As AI systems take over tasks traditionally performed by humans, established mechanisms for attributing corporate liability—such as vicarious liability—are increasingly strained. When decisions are made by algorithms operating autonomously, it becomes difficult to pinpoint responsibility or determine when an AI’s behaviour should be legally attributed to the company.

This raises significant governance concerns, particularly as AI begins to influence board-level decisions. Studies caution that corporations may become “increasingly immune to liability” as human involvement diminishes. Attributing fault for unintended algorithmic harm can involve multiple parties: corporate users, programmers, and the AI systems themselves.

AI is already capable of performing a substantial share of managerial and board functions, prompting urgent questions around liability in the event of error or harm. Directors remain ultimately responsible, yet current legal frameworks offer limited guidance on their duties when relying on AI tools. Without reform, accountability risks being diluted in the transition to AI-assisted corporate governance.

Cybersecurity and Data Privacy

AI’s reliance on vast amounts of personal and sensitive data makes it a target for cyberattacks and raises serious compliance challenges under the UK GDPR and EU AI

Act. If compromised, AI systems can expose confidential data or generate misleading outputs, creating legal and reputational risks.

Boards must ensure robust safeguards—such as encryption, access controls, and incident response plans—are in place, and that data is lawfully collected and processed. At the same time, companies must balance regulatory transparency with protecting trade secrets and system security.

As emerging technologies like blockchain add further complexity, responsible data governance is vital. Boards have a key role in embedding privacy-by-design and ensuring AI adoption aligns with both innovation goals and stakeholder trust.

—

Preparing for an AI- Enabled Future

As AI continues to transform corporate operations and governance, boards must grapple with a rapidly evolving landscape marked by both promise and peril. While larger, well-resourced companies may lead the way as early adopters, smaller and less technologically equipped businesses risk being left behind—widening the digital and AI divide.

At the legal and governance level, existing frameworks may require rethinking. AI cannot simply be treated like traditional delegation to human employees. Its opacity, autonomy, and scale of operation pose unique oversight challenges. Although corporate law’s foundational duties—such as acting in the best interests of the company and exercising reasonable care, skill, and diligence—remain constant, their application in the AI era becomes more complex. Directors must be especially cautious not to abdicate oversight to systems they cannot fully interrogate.

The future of AI in corporate governance lies in careful calibration. Boards must weigh efficiency and innovation against ethical, legal, and reputational risks. Current regulatory efforts are still in early stages, but clearer rules and ethical guidance will be essential to fostering responsible adoption across the corporate spectrum.

Crucially, AI should be viewed as a tool—not a substitute—for human judgment. While it can process information at unprecedented scale and speed, it lacks the nuance, empathy, and contextual reasoning that underpin sound corporate judgment. Deal-making, stakeholder engagement, and strategic foresight remain inherently human domains.

The central challenge ahead is not merely technological, but governance-based: how to harness AI’s potential while preserving transparency, accountability, and the indispensable role of human decision-makers.

At Berry Smith, our aim is to help clients navigate this evolving landscape—advising on AI-related legal risks, governance duties, and compliance strategies to ensure your business remains agile, accountable, and ready for the future.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.