Key facts

  • Existing director duties of care and skill already extend to AI-related decisions.
  • The EU AI Act adds specific compliance obligations layered on top of general duties.
  • Ignoring AI governance exposes directors on both general and regulatory grounds.
  • Documented oversight (minutes, reviews, evidence) is a director's best protection.
  • This is general information, not legal advice — seek qualified legal counsel for your specific position.

How existing duties apply to AI

A director's duty to exercise reasonable care, skill and diligence is not new, and does not require a novel legal theory to apply to AI. A board that allows AI to be deployed without any oversight, risk assessment or governance structure may struggle to demonstrate it met this existing duty if something goes wrong.

What the EU AI Act adds

The EU AI Act creates specific compliance obligations — around risk classification, transparency, documentation and, for high-risk systems, conformity assessment — that sit alongside general director duties. Non-compliance with these specific obligations creates a distinct exposure from a general failure of oversight.

What reduces director exposure

Documented oversight is the clearest protection: board minutes showing AI risk was discussed, a record of who is accountable for governance, evidence of a risk classification process, and a paper trail showing decisions were made with reasonable information — not necessarily perfect decisions, but demonstrably considered ones.

This is general information, not legal advice

This page describes the general shape of the issue. Directors concerned about their specific position, sector or company structure should seek advice from a qualified corporate lawyer.

Frequently asked questions

Can directors be personally liable for AI-related failures?

Existing duties of care and skill already extend to AI decisions, and the EU AI Act adds specific compliance obligations on top — so exposure can arise on both fronts.

Does the EU AI Act create new director duties?

It creates specific compliance obligations for the organisation; general director duties of care already existed and now extend to AI-related decisions.

What is the best protection for directors on AI risk?

Documented oversight — board minutes, accountability records and evidence of a considered risk process.

Is this legal advice?

No — this is general information. Directors should seek advice from a qualified corporate lawyer for their specific position.

What should boards ask about AI to reduce exposure?

See our guide on what boards need to know about AI, covering the inventory, risk classification, accountability and evidence questions to raise.

Related pages

Sources

Last updated 19 June 2026.