The law firm’s Governing AI report found that 97 per cent of organisations it surveyed are already using some form of AI, though only 10 per cent consider it to be fully embedded or “fundamental” to their operations.

A quarter of respondents were not sure whether their use of AI means they are classified as a “provider” or a “deployer” under the EU AI Act, and another 38 per cent have yet to assign clear responsibility for AI oversight within their leadership teams.

Arthur Cox says the research indicates that many companies are continuing to grasp the implications of AI for their businesses, and have yet to implement a complete and comprehensive oversight and compliance mechanisms concerning its use particularly around governance, documentation and accountability.

At the same time, organisations are already identifying areas where the cost of compliance is likely to rise. Data governance and AI-specific controls are viewed as the most resource-intensive areas (both 19 per cent), followed closely by risk management and reporting requirements (16 per cent).

Concerns about data privacy and internal capability are also front of mind. Data protection was named the top implementation challenge (17 per cent), with AI literacy emerging as the second-highest concern (13 per cent).

The EU continues to dominate the regulatory agenda, with 76 per cent of respondents saying EU frameworks are more strategically important than those being developed in the US or China.

Colin Rooney, partner and head of technology and innovation at Arthur Cox, said: “The findings clearly highlight a widespread recognition among Irish businesses that AI is vital to their future growth.

“Yet our survey shows many organisations remain unclear on what steps they need to take under the EU AI Act.

“Given the complexity of these new obligations — particularly around documentation, accountability, and data management — businesses must prioritise legal clarity and strategic planning.

“Proactive compliance will determine whether AI remains a growth driver or becomes a source of risk and disruption.”

Olivia Mullooly, partner in the technology and innovation team, said: “What’s striking from this survey is that while companies are quick to explore and adopt AI capabilities, they do not always have a clear vision for its use in the organisation and there is a governance gap to be addressed in developing risk frameworks and structured oversight of its use.

“Boards and senior management teams should ensure this remains on the agenda to establish transparent structures from the outset of the use of AI technologies, defining who is accountable, ensuring decision-making processes are documented, and embedding AI firmly within existing corporate governance practices.

“Businesses that address these areas promptly will be best placed to capitalise sustainably on AI’s benefits.”

Ian Duffy, also a technology and innovation partner, added: “In our technology and innovation group, we see firsthand the potential AI has to transform business models. But transformation must be matched with responsibility.

“The EU AI Act sets a high bar for transparency and risk management, and companies need to move quickly to align their practices.

“Those who invest in governance and compliance now will be better positioned to innovate with confidence and credibility.”

Ciaran Flynn, head of governance and consulting services at Arthur Cox, said: “AI governance is no longer a future consideration — it’s a present-day imperative.

“The survey findings show that while adoption is high, many organisations are still in the early stages of building the internal structures needed to manage AI responsibly.

“Establishing clear accountability, robust documentation practices, and cross-functional oversight will be essential to meet regulatory expectations and maintain stakeholder trust.”