By 2028, violations of AI regulations are expected to drive a 30 percent increase in legal disputes for tech companies, Gartner forecasts.
Regulatory Compliance Remains a Top GenAI Challenge
A May–June 2025 Gartner survey of 360 IT leaders involved in deploying GenAI tools revealed that over 70 percent consider regulatory compliance one of their top three challenges when rolling out productivity assistants in enterprise applications. Despite this, only 23 percent of respondents expressed strong confidence in their organization’s ability to manage security and governance aspects of GenAI adoption.
“Global AI regulations vary widely, reflecting each country’s priorities in balancing AI leadership, innovation, and risk mitigation,” said Lydia Clougherty Jones, Sr. Director Analyst at Gartner. “Inconsistent compliance obligations complicate alignment of AI investments with measurable enterprise value and may expose organizations to additional liabilities.”
Geopolitical Factors Influence AI Strategy
The same survey highlighted the impact of geopolitical factors on AI deployment. 57 percent of non-U.S. IT leaders reported that geopolitical conditions moderately affected their GenAI strategies, while 19 percent noted a significant impact. Interestingly, nearly 60 percent of organizations were unable or unwilling to adopt non-U.S. GenAI alternatives, limiting their flexibility in response to these pressures.
AI Sovereignty Shapes Enterprise AI Decisions
AI sovereignty—the ability of nation-states to control AI development, deployment, and governance—emerged as a critical factor in strategy. In a September 3, 2025, Gartner webinar poll of 489 participants:
40 percent viewed AI sovereignty positively, seeing opportunities for their organizations.
36 percent were neutral, taking a “wait and see” approach.
66 percent reported proactive engagement with sovereign AI strategies.
52 percent indicated strategic or operational adjustments due to sovereign AI considerations.
Several tech companies have faced legal challenges related to AI regulatory violations in recent years. In 2025, California enacted Senate Bill 53, known as the “Transparency in Frontier Artificial Intelligence Act,” which mandates that large AI developers publicly disclose safety protocols and report critical incidents within 15 days.
This legislation aims to prevent AI misuse in areas like bioweapon development or infrastructure sabotage by requiring companies to implement and publicly disclose safety protocols for high-compute AI systems. Violations incur fines of up to $1 million, and the law includes whistleblower protections and a public research cloud, AP News reports.
In the realm of AI training data, companies like OpenAI and Stability AI have been involved in lawsuits alleging unauthorized use of copyrighted content to train their generative AI models.
For instance, in 2024, a group of U.S. authors, including Pulitzer Prize winner Michael Chabon, sued OpenAI in federal court in San Francisco, accusing the Microsoft-backed program of using their works to train its models without permission, Reuters reports. Similarly, in 2024, Stability AI faced a lawsuit from artists alleging that the company used their copyrighted works without authorization to train its AI image generation models.
Additionally, the Federal Trade Commission (FTC) has taken action against companies for deceptive AI practices. In 2025, the FTC finalized an order requiring DoNotPay to pay $193,000 in monetary relief and to notify consumers who subscribed to the service between 2021 and 2023 about the settlement. The order also prohibits DoNotPay from advertising that its service performs like a real lawyer unless it has sufficient evidence to back it up.
Strengthening GenAI Governance to Reduce Legal Risk
As GenAI productivity tools proliferate amid shifting legal and geopolitical landscapes, organizations must enhance moderation of AI outputs to mitigate risk. Key strategies include:
Engineer Self-Correction: Train models to self-correct and decline to answer questions outside defined parameters, using phrases like “beyond the scope.”
Rigorous Use-Case Reviews: Evaluate potential legal, ethical, safety, and user-impact risks associated with AI outputs. Employ control testing to ensure outputs align with organizational risk tolerance.
Increase Model Testing and Sandboxing: Build cross-disciplinary teams of decision engineers, data scientists, and legal counsel to test and validate outputs, documenting all mitigation measures.
Content Moderation Techniques: Incorporate features such as “report abuse” buttons and AI warning labels to prevent misuse or misinterpretation of AI-generated content.
With regulatory pressures and geopolitical complexities on the rise, IT leaders must prioritize AI governance, compliance, and strategic moderation to avoid costly disputes and ensure enterprise-wide GenAI adoption delivers measurable value.
Rajani Baburajan
