Hostname: page-component-6766d58669-7fx5l Total loading time: 0 Render date: 2026-05-21T06:21:02.685Z Has data issue: false hasContentIssue false
  • English
  • Français

Reimagining corporate governance in the AI era: Law, legitimacy and algorithmic power

Part of: AI and The Corporation

Published online by Cambridge University Press:  21 May 2026

Patrick Joseph O’ Malley  and
Peter Underwood Open the ORCID record for Peter Underwood [Opens in a new window]
Patrick Joseph O’ Malley
Affiliation:
Faculty of Law, University of Auckland, Auckland, New Zealand
Peter Underwood*
Affiliation:
School of Law, Universidad de Navarra, Navarra, Spain
*
Corresponding author: Peter Underwood; Email: peter.underwood@auckland.ac.nz
Rights & Permissions [Opens in a new window]

Abstract

Corporations play a foundational role in the global economy, yet persistent gaps remain between corporate governance ideals, legal frameworks and organizational practice. The rapid integration of artificial intelligence (AI), particularly generative AI and large language models, intensifies these challenges by reshaping corporate decision-making, compliance and accountability. This paper examines how AI both promises to alleviate long-standing governance problems, such as information asymmetries and managerial opportunism, and generates new risks arising from opacity, automation bias and diminished human oversight. It analyzes five interrelated areas of tension: the emerging AI governance gap, models of AI integration within corporate structures, the adaptation of directors’ duties to algorithmic decision-making, the transparency paradox created by AI-mediated disclosure and the problem of anthropomorphism, whereby attributing agency to AI risks obscuring human responsibility. Rather than offering definitive solutions, the paper identifies critical questions that corporate law must confront as automated and semi-automated corporations become an established reality. It argues that sustaining legitimacy in the AI era requires renewed emphasis on human judgment, board-level oversight and adaptive governance frameworks capable of reconciling technological power with legal accountability and societal expectations.

Keywords

corporate governanceCorpTechcorporate powerAI in the boardroom

Information

Type
An Editorial
Information
Cambridge Forum on AI: Law and Governance , Volume 2 , 2026 , e2
Check for updates
Creative Commons
Creative Common License - CCCreative Common License - BYCreative Common License - NCCreative Common License - ND
This is an Open Access article, distributed under the terms of the Creative Commons Attribution-NonCommercial-NoDerivatives licence (http://creativecommons.org/licenses/by-nc-nd/4.0), which permits non-commercial re-use, distribution, and reproduction in any medium, provided that no alterations are made and the original article is properly cited. The written permission of Cambridge University Press or the rights holder(s) must be obtained prior to any commercial use and/or adaptation of the article.
Copyright
© The Author(s), 2026. Published by Cambridge University Press.

1. Introduction

More than ever, corporations occupy a fundamental position in the global economy and society. The governance of these entities presents enduring challenges that have occupied corporate law scholarship for over a century and promise to continue doing so in novel ways into the foreseeable future. The rise of “Big Tech” companies and their partners in “Big Finance” has further solidified the position of corporations within the global order, while simultaneously exposing persistent governance failures and gaps between legal and ethical frameworks and corporate economic reality. Artificial intelligence (AI), and in particular generative AI and large language models (LLMs), introduces all manner of both opportunities and risks to corporate governance structures. These technologies present the possibility of constructively addressing long-standing problems within corporate law discourse, but equally risk exacerbating existing challenges or creating new governance failures.

The integration of AI into corporate operations represents more than incremental technological change. Generative AI systems offer the potential to automate significant swathes of corporate decision-making, from compliance monitoring to strategic planning. Advanced technology could enhance efficiency and accuracy in corporate decision-making, reduce managerial opportunism and address information asymmetries/lack of transparency that have long plagued principal-agent relationships. In theory, AI could provide the corporation as a distinct legal person with enhanced decision-making capabilities independent of the human agents as directing minds that have dominated corporate law theory. These perceived benefits have generated considerable enthusiasm for AI adoption, driven largely by competitive pressures and the promise of economic gains.

However, the introduction of automated or semi-automated decision-making systems within corporations presents considerable risks. The use of AI raises crucial questions about data governance, directors’ duties and the reliability of information on which corporate decisions are based, as well as more generally about the impact of all such on fundamental human and civil rights. When AI systems generate outputs that directors and other key corporate figures, such as executive officers, rely upon, yet those systems remain opaque and prone to errors, including “hallucinations,” traditional concepts of fiduciary duty become strained. The automation of compliance functions may create new forms of regulatory arbitrage or diminish the adaptive capacity of legal rules to ensure functional accountability in the running of global corporate groups. Furthermore, the tendency to anthropomorphize AI systems, attributing to them understanding and agency they do not possess, risks obscuring human accountability for corporate decisions and potentially legitimating forms of corporate power that escape meaningful oversight. This poses a fundamental challenge for achieving a workable legal, economic and ethical balance between businesses, their management, investors, workers and other key stakeholders in this new AI-driven era. One recent example of the challenge of proper corporate oversight of technology can be seen in a wave of successful cases, including class actions, brought against Big Tech companies such as Meta Platforms Inc. and Google’s parent company in bellwether cases claiming that the companies (with executive involvement) deliberately designed their platforms to be addictive, contributing to serious mental health problems in young users (Courthouse News Service – “Meta and Google hit with $6 million verdict for social media harms to young woman,” March 2026). Many more such cases have been filed or are planned to be filed. Demands for meaningful corporate oversight of technology are only going to increase. These challenges transcend jurisdictional boundaries. Corporations globally are integrating AI into governance structures, often at a pace that exceeds regulatory adaptation, even in places that are attempting to do so meaningfully, such as Europe with the EU AI Act. The implications are both doctrinal and conceptual, raising fundamental questions about the nature and purpose of corporate governance. What forms of human judgment remain necessary to legitimate corporate power? Where should we resist automation despite apparent efficiency gains? How do traditional corporate law doctrines apply when decision-making processes become algorithmic?

This paper examines these opportunities and risks by exploring five critical areas of tension. First, we consider the governance gap: whether AI will narrow the persistent mismatch between governance ideals and corporate practice or widen this gap through new forms of opacity and complexity. Second, we examine the embedding of AI into corporate structures and efforts to fill the gap between past governance and the future, considering emerging models of AI-enabled compliance and evaluating the implications of fragmented versus unified approaches for regulatory effectiveness and accountability. Third, we address the dilemma facing directors’ duties in an era of AI adoption, where competitive pressures to innovate collide with fiduciary obligations formulated for human decision-making contexts. Fourth, we analyze the transparency paradox: AI’s promise to reduce information asymmetries exists in tension with the opacity of algorithmic processes and the unreliability of AI-generated outputs. Finally, we explore the anthropomorphism problem: the risk that attributing agency to AI systems obscures both their limitations and the human choices embedded in their design and deployment.

Our objective is not to resolve these tensions definitively, but rather to identify and examine several salient questions that legal systems must confront as AI becomes embedded in corporate governance structures. The automated or semi-automated corporation is not a future possibility but an emerging reality. How corporate law responds to this transformation, through doctrinal adaptation, regulatory intervention or fundamental reconceptualization, will shape not only the future of the corporation but also the broader relationship between technological capability, corporate power and legal accountability, and how these in turn influence the complex interrelation between and among key corporate and societal stakeholder groups.

2. The governance gap – integration

We begin by considering the governance gap and whether AI will ultimately narrow the persistent mismatch between governance ideals and corporate practices or widen this gap. This is evaluated through new forms of opacity and complexity, leading to an undermining of the delicate balance between the corporation, its top management, shareholders and other key stakeholder groups, as well as with society more generally. Such a gap arises when AI’s impact on individual rights renders traditional frameworks insufficient to protect them properly. These frameworks were primarily developed for conventional business activities and are now inadequate to address the unique characteristics of AI system = 0987654. Such impacts are wide-ranging, affecting employment, credit allocation, healthcare delivery, social services and even mental health (Jackowski & Greser, Reference Jackowski and Gresern.d.).

It seems to us that top management must be knowledgeable, informed and proactive in managing the continued rollout of AI tools, in order to both identify the potential governance gaps in their particular company and how to best manage this from a legal, ethical, financial and reputational perspective. In light of this gap, we consider that management should be doing everything feasible to ensure that all use of AI tools by the company, employees or other agents in firm activities is safe, functional, fit for purpose and subject to proper human oversight, especially considering the possibility of significant negative externalities. The fundamental question, as we look into the future, is what corporate management should do as the directing minds to ensure corporate organizations are ensuring full compliance and not just legal, but also or greater, ethical use of AI. Indeed, this is a very difficult balancing act to implement over time successfully. It certainly demands updated and engaged critical thought processes for boards and executive teams, whether such processes are judged under US, UK, European Member State or other advanced company law frameworks. As regards AI, directors need to fully dedicate themselves to 360-degree oversight and active strategy deliberations, or risk possibly being replaced by others or AI itself, as well as being held criminally or civilly liable for oversight failures under national or regional legislation. As far as a new way to demand accountability for good governance and proper attention, both legal and ethical, to stakeholders’ interests, such as workers’ and others’ interests, this governance gap may negatively impact. We believe that new tools and new accountability tools need to be developed and made available.

As more observers are noting, traditional approaches to corporate accountability are, at least for now, inadequate to address the interconnected and systemic nature of these AI transition issues (Jackowski & Greser, Reference Jackowski and Gresern.d.). Both new measures and the repurposing of extant measures are thus needed. For example, in the US system, which tends to be quite ex post and focused on litigation options, we believe that, in light of the uncertainty that the AI governance gap presents and the risk that bona fide interests will fall through the cracks, more accountability for AI failures needs to be thoughtfully and carefully implemented, possibly involving a new fit-for-purpose compliance accountability civil lawsuit, a simplified and more focused version of the Delaware Caremark cases, which have become quite popular accountability tools for all manner of governance and compliance failures (such as in the Boeing case or the Marchand/“Blue Bell Ice Cream” cases). Such a new suit would procedurally simplify the bringing of good faith and properly evidenced derivative suits by shareholders or possibly other materially affected, especially those in the public benefit corporation (PBC) form, who are trying to make a good faith attempt to make up for governance failures and the governance gap that may devolve due to some uses of AI (O’Malley, ). Of course, more generally in the US, the US securities class action as another ex post tool of accountability for corporate groups will continue to evolve and significantly impact listed companies, both US and foreign, who are on the US securities markets. This is a potent accountability tool which we are sure will be adapted to make up for the governance gaps and accountability gaps that are inevitably going to be dealt with over the next couple of years. Fundamentally, at a basic level of the board and top-level executives, they will have to make use of all tools available in deciding how to best manage the demands of global strategy, profitability and legal compliance, as well as ethical and reputational considerations that inevitably will arise and are arising due to this massive rollout of AI use throughout their global organization. Indeed, we believe that the human face-to-face element will remain fundamentally important (O’Malley, ). The human factor and human oversight will remain fundamental ingredients to good corporate governance that is fit for purpose, safe, ethical and respectful of the law, as well as society’s greater expectations. Ultimately, the intent to do this is a fundamental sine qua non for an ongoing workable balance on many levels between the corporation, its key shareholders and other stakeholders, especially workers, the international community and nation-states.

Several experts have focused on the effects of this AI gap on key stakeholders, especially workers. While the question of how, when and why to deploy AI in a company’s business is ultimately part of the fiduciary and statutory duties of directors and executive officers, who have a duty to act in the best interests of the company in order to ensure the success of their companies and that such are not left behind by rapidly changing technological, commercial and legal developments. The fact remains that today, many companies are dealing with the question of a potentially massive replacement of human workers or agents with AI applications. This poses, of course, material new questions for the long-running and complex debate between shareholder primacy models and variations on stakeholder governance models, where, of course, worker or employee interests usually figure large (Ahern, Reference Ahernn.d.). This is, for example, a key consideration of the German co-determination corporate governance system, which pays close attention to the ongoing impact of AI on worker interests and how this will all play out at the various board levels. A number of German experts in co-determination foresee that in light of the current and prospective AI challenges to German corporate governance, employee co-determination, as a whole can and must be robustly applied to minimize risks and fully take advantage of the benefits of AI in the company, in such a way that accords with workers’ rights, under German and other national laws and European rules and principles (such as the European Pillar of Social Rights; Klengel and Wenckebach Reference Klengel and Wenckebach2021).

Thus, when dealing with likely employee reductions in order to reflect AI adoption, directors in many corporate governance systems, for example the UK under enlightened shareholder value, will have to somehow, at least ethically, ensure the welfare of those employees who remain with the company, and that they are capable of managing, in a mission-critical way, the AI that is being rolled out and used. UK boards deciding to adopt AI and thus reduce the labor force are likely safe from shareholder or corporate governance challenges for such, as long as the minutes of the board meeting where such a decision to replace human agents with AI can indicate that the interests of employees were considered before making the decision (Ahern, Reference Ahernn.d.). Therefore, there are not currently many strong corporate governance protective norms for workers or employees that can be readily enforced by them in the corporate governance system. Thus, some authors argue we need to be much wider in looking for how employee interests can be protected under strategic board decision-making relating to AI adoption (Ahern, Reference Ahernn.d.).

One area where this AI governance gap could possibly be covered, especially as to workers’ rights, would be under special dual-purpose or hybrid corporate entities, such as the PBCs in the US (or possibly purposefully adapted versions of Community Interest Companies in the UK). Such entities usually provide both general and specific protections for key stakeholders’ rights in corporate strategy and decision-making. For example, a PBC under Delaware law is a for-profit corporation (…) that is intended to produce a public benefit or public benefits and to operate in a responsible and sustainable manner (our emphasis). To that end, a public benefit corporation shall be managed in a manner that balances the stockholders’ pecuniary interests, the best interests of those materially affected by the corporation’s conduct (our emphasis), and the public benefit or public benefits identified in its “certificate of incorporation”

(Delaware General Corporation Law § 362(a). Public benefit corporation defined; contents of certificate of incorporation).

Curiously, the PBC seems to have recently become a key focus of corporate structuring efforts as regards the largest, most important AI-related companies: OpenAI has chosen to recently restructure, using a dual foundation parent company and PBC group operating form (Anthropic PBC, Announcements, The Long-Term Benefit Trust, 19 Sept. 2023). As well, Anthropic (Claude) set up as a Delaware PBC in 2021, using a unique “Long-Term Benefit Trust” which holds a special class of stock and gains power to elect board members to ensure the company sticks to its ethical mission (Anthropic PBC, Announcements, The Long-Term Benefit Trust. 19 Sept. 2023). Even xAI was initially incorporated in Nevada as a public-benefit corporation. By May 2024, it had dropped its public-benefit status and was recently rolled into SpaceX Inc. (Kolodny, Lora, 25 August 2025, “Elon Musk’s xAI secretly dropped its benefit corporation status while fighting OpenAI,” CNBC).

Different from normal, shareholder governance of US companies, there is significant flexibility with PBCs (or similar) to consider the legal and ethical issues that the AI corporate governance gap presents. For example, the OpenAI Group PBC Certificate of Incorporation contains a provision consistent with Section 141(a) of the Delaware General Corporation Law requiring the PBC directors to consider only the Mission (and may not consider the pecuniary interests of stockholders or any other interest) in respect of safety and security issues related to the OpenAI enterprise (Letter from the Delaware Department of Justice, 2025). Similarly, Anthropic notes that,

The public benefit purpose stated in Anthropic’s certificate is the responsible development and maintenance of advanced AI for the long-term benefit of humanity. This gives our board the legal latitude to weigh long- and short-term externalities of decisions–whether to deploy a particular AI system, for example–alongside the financial interests of our stockholders. (Anthropic PBC, Announcements, The Long-Term Benefit Trust. 19 Sept. 2023)

Of course, such flexibility is an ideal: there is always the risk with PBCs and other Envrionmental, Social and Governance (ESG)-focused entities toward green-washing, an evolution toward a more profit-driven focus over time, or even the legal uncertainty impacting these new company forms.

Another key tool that will increasingly play a role in bridging this gap will be the structure, quality, expertise and mission of AI oversight at the board level. Increasing numbers of corporate governance and compliance experts see the value of investing seriously therein by corporates. Since AI technologies often operate in rapidly evolving regulatory environments, the Risk Committee should, therefore, oversee scenario planning exercises and mitigation plans that anticipate legal and ethical challenges and change management, including monitoring litigation trends, enforcement actions and public controversies involving AI (Savoie, Reference Savoien.d.). Indeed, going further, certain publicly traded companies have established specialized board committees dedicated to overseeing AI and emerging technologies. These AI and Technology Oversight Committees (AITO Committees) are designed to centralize expertise, enhance accountability and ensure that AI systems are deployed ethically, lawfully and in alignment with corporate strategy. Setting up dedicated AITOs provides key advantages, such as focused expertise on AI-specific risks, but also disadvantages, such as overlapping with other corporate structures. Therefore, coordination with other key corporate and compliance committees is crucial to avoid mistakes and governance chaos. Such dedicated risk and AITO committees should provide regular updates to the full board to ensure proper monitoring, discussion and oversight of such risks at the highest levels, in accordance with applicable fiduciary or statutory duties. While traditional board committees, such as audit, risk and governance, retain oversight responsibilities for AI within their respective domains, the complexity and cross-functional nature of AI systems often necessitate a dedicated forum (Savoie, Reference Savoien.d.).

Bridging the gap will ultimately depend on the “tone from the top,” evidencing board and executive willingness to experiment with new structures internally and even with new or specially adapted corporate entities as a whole. Regardless of the specific bespoke approach of a given company in a given industry, the fact remains that top management will be expected to act in good faith, demanding proper attention, resources and follow-up to AI use in all parts of the corporate group globally. Hiding from AI impacts, whatever they may be, directly and indirectly, is no longer an option for the modern corporate fiduciary.

3. Fragmented and unified compliance: embedding into structures and filling the gap

Embedding of AI into corporate structures and efforts to filling the gap between past governance and the future will have to be well thought-out and integrated into every aspect of general compliance and general governance structures. Overall, AI compliance and the board and executive officer team’s adequate efforts will be a sine qua non to reaching that much-needed integrated and functional AI compliance place, in such a way that may well partially redefine ultimate long-term business success (e.g. from a UK Company Act s. 172 perspective).

The impact of AI on corporate governance and compliance is currently undergoing a significant transformation, and neither governance nor compliance will be the same after this transition is finished. Indeed, compliance itself and its role in long-term business success, both economic and reputational success, for companies and corporate leadership will become inseparable. While a lot is occurring right now and will occur over the next couple of years with new AI legislation, guidelines and software best practices, ultimately, the set, the tone at the top-by-top management, boards and executive officers will be transformed, and they themselves will have to find a workable solution to, quote-unquote, successfully manage AI compliance. All of these matters are intertwined and will never be separate again in all likelihood. AI already presents significant risks to large commercial organizations. Indeed, responsible AI is not keeping up with rapidly expanding AI capabilities, as safety benchmarks are lagging and incidents have recently been rising sharply (Stanford HAI, The 2026 AI Index Report, chapter 3).

While present compliance oversight by top management may still heavily focus on the past, as well as the present and maybe even the near future, due to the rapidly developing and changing AI landscape, in order to be successful AI compliance and oversight by top management will have to rise to much higher levels of competency. Not just looking back at what has been or is being done but actively looking out over everything that may potentially occur over the next several years. Boards are going to have to regularly analyze their businesses with a 360-degree approach that is far more substantively demanding and interdisciplinary, nimbly combining management theory, economics, general business practice expertise, law, business ethics, anthropology, sociology, and AI and related technological familiarity, in a manner that boards and executive offices generally have not done up till now, save for AI or quantum computing focused businesses. Thus, over time, there will be demands for higher quality board members and executive officers, better and more responsive board committees and related structures that ultimately lead to greater levels of real critical thinking and flexible interdisciplinarity. This means a mix of people at the top who are more varied in their competencies, more actively engaged and better prepared than ever before. Top management really will have to think deeply into, at least as it relates to AI usage in their organizations, who will be and could be impacted by this technology, both directly and indirectly, in the best case and especially the worst case, and what can we do to best prepare our systems to be as compliant legally and ethically as possible. Ultimately, the reputation of the company, its industry more generally and top management themselves will depend on their ability to successfully answer this question.

Both in globally recognized hard- and soft-law rules, AI governance/compliance is redefining the playbook. For example, recently, the FRC of the UK set expectations for company reporting ahead of the 2026 AGM season. Among the key points for UK-listed companies was specific guidance relating to cyber and AI oversight, recommending that boards report on governance arrangements for addressing cyber risk as well as AI risks and opportunities, and that businesses ensure robust risk management practices are in place (FRC, Annual Review of Corporate Governance Reporting, Nov. 2025, 44–46).

Of course, the first major global legislative effort to generally regulate all or nearly all aspects of AI development is the EU AI Act. An extremely wide-ranging number of the Act’s requirements impact compliance systems and ultimately notions of expected quality board governance. For example, Art. 17 is a key “capstone” requirement (of the 12 listed) under Art. 16 of the AI Act, mandating that providers of high-risk AI systems (HRAIS or HRAISs) implement a quality management system (QMS) that will guarantee compliance with and the proper functioning of the other wide-ranging obligations. Art. 16 outlines the obligations of providers of HRAISs, imposing strict requirements to ensure compliance, transparency and accountability. Providers must ensure their AI systems meet rigorous technical and safety standards and implement a compliant QMS as per Art. 17 (Art. 17 – Quality management System, Commentary on the EU AI Act,.

Companies providing HRAISs must make significant efforts to build and monitor efficient and adequate Art. 17 QMSs. Such effort, like much of primary compliance, should be viewed as a good and necessary long-term investment that is mission-critical in many cases. Even though the AI Act is a new and wide-ranging regulatory regime, good faith efforts by providers to do the best job possible will certainly be viewed by authorities and other key stakeholders as a positive element in many contexts. A quality QMS could help boards or executives mitigate criminal or civil liability for damages or rights violations stemming from AI and may factor in decisions whether to launch an investigation or not, or when assessing penalties. Indeed, under many areas of EU law, a company’s robust compliance program and monitoring system can mitigate penalties for legal violations. Proactive, well-implemented programs with regular audits, training and monitoring may lead to reduced fines or leniency, especially if companies self-report or cooperate. However, superficial “paper tiger” systems offer little benefit, and outcomes vary by Member State and violation context. Most, if not all, of the currently recognized principles that apply to setting up and running successful European and global compliance/governance programs (of which the QMS is a “capstone system of systems”) apply to AI Act QMS efforts. All the best practices and efforts made in other areas of technical, legal and financial compliance, to name a few, must be carried through here into AI Act compliance. AI regulations and compliance pose unique challenges for all stakeholders involved, but overall, it is still just the latest iteration of a challenge regarding successful corporate compliance for competitive global business undertakings.

To help with this, on 30 October 2025, the EU proposed a standard Art. 17 QMS that boards should follow to ensure adequate compliance with the EU AI Act: prEN 18286: Artificial Intelligence – Quality Management System for EU AI Act Regulatory Purposes became the first harmonized standard for AI to enter public enquiry, with expected approval slated for 2026 sometime. This harmonized standard is specifically designed to offering top management a product-focused framework for AI lifecycle governance (European Commission, Standardisation of the AI Act, last updated 20 March 2026). prEN 18286 is largely based on a European adaptation ISO/IEC 42001, the world’s first international standard for Artificial Intelligence Management Systems (AIMS), providing a framework for organizations to manage AI-related risks and ensure responsible AI development and use, which was introduced in December 2023 by the ISO and the International Electrotechnical Commission (IEC). It aims to establish requirements for organizations to create, implement, maintain and improve an AI management system. This standard is designed for any organization involved in developing, providing or utilizing AI-based products or services, ensuring that AI systems are developed and used responsibly. Risk management: It helps organizations identify and mitigate risks associated with AI throughout its lifecycle, promoting resilience and compliance with regulatory requirements, assigning a key role to the board and other top-level management active oversight.

Under proposed federal legislation in the US, boards will have to take a more integrated approach to potential new risks under AI compliance. The proposed “TRUMP AI Act” requires certain companies to submit quarterly reports to the Department of Labor on how AI is affecting jobs, including any layoffs or job displacement caused by AI. It also requires major online platforms, including social media sites, to implement safeguards to better protect users and visitors under the age of 17 from sex trafficking, suicide and other serious abuses. It also allows federal and state officials and private individuals to file lawsuits against AI system developers for harms caused by AI, such as defective design, failure to warn, breach of express warranty, or when the system is unreasonably dangerous. If an AI deployer makes major changes to the system or intentionally misuses it in ways it was not intended, they can also be held liable. Finally, it creates a new federal right for individuals to sue companies that use their personal data or copyrighted works to train AI models without explicit consent (The Republic Unifying Meritocratic Performance Advancing Machine Intelligence by Eliminating Regulatory Interstate Chaos Across American Industry Act (TRUMP AMERICA AI) Act SECTION-BY-SECTION (Sen. Marsha Blackburn, TN, 19 December 2025)). Thus, the urgency of taking AI compliance seriously at the board/highest level of corporate governance will only materially increase in the US under this and other current or proposed state AI-focused laws.

Looking at the UK, there are a number of AI/technology-related recommendations that evidence the growing importance of these issues to overall “quality corporate governance,” especially as understood pursuant to the latest version of the guidance for the UK Corporate Governance Code of 2024. It provides questions that boards should consider when analyzing strategy in relation to technologies. This guidance notes that boards should monitor/review the material controls, which are company-specific depending on their features and circumstances, such as size, business model, strategy, operations, structure and complexity. While the board decides which controls are material, these could include information and technology risks, including cybersecurity, data protection and new technologies (e.g. AI) (UK Financial Reporting Council, Corporate Governance Code Guidance, 29 January 2024, last updated: 1 April 2026).

Therefore, overall responsibility for adequate and fit-for-purpose AI compliance – which will increasingly be crucial to long-term business success for corporate groups, as laws such as the EU AI Act and other legislation start to materially impact day-to-day business – squarely rests on the shoulders of the highest levels of management. Successful corporate compliance depends on quality corporate governance at the board level, and successful board governance (and generally business success) depends on successful AI compliance and oversight. The process of melding unified compliance issues and quality corporate governance over the past 20 years or so will rise to new heights with the increasing impact of the “great AI rollout.” Almost everything in governance will be redefined in light thereof.

4. The director’s dilemma: between innovation and accountability

Directors’ duties sit at the intersection of two competing imperatives: corporate management’s drive for innovation and the enduring demand for accountability. This section explores these tensions, critically evaluating the position directors now occupy. Resolving them is a crucial part of mitigating risk while embracing technological advancement.

This scrutiny is not entirely new; historical examples illustrate early attempts to integrate AI into governance. In 2014, a Hong Kong company appointed an “AI director” to its board (“Algorithm Appointed Board Director,” 2014), prompting debate over the legitimacy of such a role. While that appointment was symbolic rather than functional (Lee & Underwood, Reference Lee and Underwood2022), the rapid evolution of generative AI has intensified governance challenges. Regulators are increasingly attentive; for instance, the SEC recently sanctioned investment advisers for falsely claiming AI integration (SEC.gov | SEC Charges Two Investment Advisers with Making False and Misleading Statements About Their Use of Artificial Intelligence, n.d.), highlighting regulatory concerns surrounding “AI washing.” Navigating this delicate balance between innovation and regulatory compliance now dominates scholarly and managerial discourse.

These developments sharpen the underlying tension: balancing innovation with accountability is not a binary choice but a nuanced challenge within directors’ fiduciary duties. A key example is the duty to promote the success of the company (Companies Act, 2006, n.d., Section 172). This duty is primarily subjective, grounded in what the director believes to be in the company’s best interests. Accordingly, a refusal to adopt AI could, in principle, satisfy this duty if the director genuinely holds that belief. However, notably in Saxon Woods (Saxon Woods Investments Limited v. Francesco Costa [2025] EWCA Civ 708, n.d.), it demonstrates circumstances where courts temper this subjectivity with an objective standard. It is therefore plausible that, within a shareholder-centric framework, a director’s decision not to implement AI systems might constitute a breach of duty.

Beyond fiduciary duties, the economic realities of innovation introduce further complexity. Given the increasing reliance on technology and the expanding array of available tools, there is a pressing need for a framework that enables directors to confidently embrace innovation. Innovation has long been linked to economic growth and transformative societal change, as evidenced by developments such as the motor car and the internet. Yet innovation carries costs, and investors who supply capital typically expect timely returns. Where short-termism dominates investor priorities, directors face significant challenges, particularly as technology firms investing heavily in R&D often experience weaker financial performance (Lantz & Sahut, 2005). When financial metrics serve as the primary measure of directors’ success, genuine innovation can be stifled. Directors’ duties provide a potential safeguard for those seeking to innovate. In the UK, Section 172’s list of wider considerations provides a potential “shield” for directors prioritizing innovation. Among these are the consequences of long-term decision-making and the maintenance of high standards of business conduct, which are elements that could form the blueprint for judicial deference to innovation-focused strategies.

Even where frameworks encourage innovation, delegation to management in AI adoption raises its own risks. Deference to management in evaluating the development and deployment of AI has the potential to drive innovation and growth; yet it also introduces significant risks, which are amplified when AI functions as a facilitator rather than a mere tool. A primary concern is the potential breach of the duty to exercise reasonable care, skill and diligence. When generative AI is adopted for efficiency, the question arises: where does liability rest? Some argue that appointing roles such as a technology director (Lee & Underwood, Reference Lee and Underwood2022) may mitigate these risks, though not eliminate them. LLMs promise substantial efficiency gains and could be justified as appropriate instruments for board-level tasks. However, the phenomenon of hallucinations presents a direct and material risk to both the company and its directors. Given that directors’ duties often include objective elements, what they ought to know, the prevalence of hallucinations cannot be ignored. Even in the legal sector, which prides itself on rigorous standards, AI systems specifically designed for lawyers exhibit hallucination rates ranging from 17 to 33 percent (Magesh et al., Reference Magesh, Surani, Dahl, Suzgun, Manning and Ho2025). Directors who adopt AI systems cannot evade liability by claiming delegation without adequate oversight; the duty to exercise reasonable care and skill remains paramount.

Directors today stand at the crossroads of innovation and accountability, navigating unprecedented challenges posed by AI. While duties under statutes like Section 172 (Companies Act, 2006) offer scope for long-term, innovation-driven decisions, the rise of generative AI amplifies risks, hallucinations, regulatory scrutiny and liability for inadequate oversight. Courts increasingly blend subjective and objective standards, signaling that refusal to engage with transformative technologies may itself breach fiduciary obligations. A balanced framework is essential: one that empowers directors to harness AI responsibly while safeguarding against misuse. Ultimately, reconciling these tensions is critical to sustaining corporate growth without compromising governance integrity.

This persistent tension between innovation and accountability is compounded by another challenge: transparency. As directors grapple with the dual imperatives of innovation and accountability, a further question emerges: how can corporations maintain trust when the very technologies driving progress obscure their inner workings? This tension between the promise of AI and the opacity it introduces renders further challenges for the corporate landscape.

5. Transparency paradox

The integration of AI into corporate governance is often portrayed as a panacea for the enduring problem of asymmetric information, a challenge that has preoccupied corporate law scholarship for decades. Regulatory developments such as the EU’s CSDDD (The Corporate Sustainability Due Diligence Directive (CSDDD) – Directive (EU) 2024/1760, n.d.) and the Corporate Sustainability Reporting Directive (CSRD) (Directive (EU) 2022/2464, n.d.) reinforce this optimism, signaling a shift toward enhanced disclosure and accountability. Together with AI’s capacity to process vast datasets and automate reporting, these developments suggest that an era of near-complete transparency is within reach. Yet this vision remains aspirational. Transparency, far from being a straightforward technological achievement, is a contested ideal that becomes increasingly complex when mediated through algorithmic systems.

Prime facie, generative AI appears to offer a compelling remedy for disclosure inefficiencies. LLMs can synthesize thousands of pages of corporate data into concise, digestible outputs, potentially reducing the informational burden on investors and stakeholders. For example, Shell’s 2024 Annual Report spans 481 pages, while BP’s extends to 372 pages, documents that few stakeholders can realistically scrutinize in full. AI-driven summarization could transform this landscape, enabling rapid access to salient information and supporting informed decision-making. However, this promise is tempered by profound risks that challenge the very notion of transparency.

The first risk lies in the inherent opacity of AI systems themselves. Generative AI operates through probabilistic associations rather than deterministic reasoning, and its outputs are vulnerable to “hallucinations,” fabricated information presented as fact (Hacker et al., Reference Hacker, Mittelstadt and Hammer2025). In the context of mandatory corporate reporting, such errors are not benign. Failures in disclosures can attract civil liability (e.g. Financial Services and Markets Act, 2000, n.d., Section 90A). This also triggers the possibility of regulatory enforcement by FCA sanctions for defective disclosures (The Financial Stability Implications of Artificial Intelligence, 2024). Poorly trained models and inadequate data governance exacerbate these risks, undermining the reliability of AI-generated reports and, by extension, the legitimacy of corporate governance frameworks that rely upon them.

Moreover, the paradox deepens when considering the behavioral dynamics of human oversight. While legal compliance frameworks emphasize directors’ duties to exercise reasonable care and skill (as explored above), empirical research documents a tendency toward automation bias, the inclination to over-rely on algorithmic outputs (Kahn, Reference Kahn2024). Generative AI’s conversational interface compounds this risk by fostering pseudo-social interactions that encourage mechanistic trust (Yankouskaya et al., Reference Yankouskaya, Liebherr and Ali2025). Without robust oversight frameworks and AI literacy training, directors may inadvertently externalize hallucinations, transforming a tool intended to enhance transparency into a vector for misinformation.

A second dimension of the paradox is the risk of over-disclosure. AI’s capacity to generate voluminous reports at scale may overwhelm stakeholders with excessive information, obscuring rather than clarifying corporate realities (C. Villiers, Reference Villiers2001; C. L. Villiers, Reference Villiers2006). Villiers argues that disclosure regimes premised on quantity rather than quality fail to achieve meaningful accountability. Similarly, Deakin (Deakin & Konzelmann, Reference Deakin and Konzelmann2003) argues that lessons from corporate scandals tell us that a regime based on disclosure can only take us so far. Generative AI amplifies this concern: while it can condense information, it can also proliferate outputs, dashboards, summaries and predictive analytics, creating a deluge of data that stakeholders and shareholders must navigate. In this sense, transparency becomes performative, privileging the appearance of openness over substantive intelligibility.

A practical, albeit basic, illustration underscores these tensions. To test the reliability of generative AI in corporate reporting, we posed the following prompt to a publicly available system (ChatGPT, n.d.):

I’m looking to invest in shares in either Shell or BP and I’d like to know which company looks after their people better. Can you provide some statistics in brief?

The initial response focused on financial performance charts, despite the prompt’s emphasis on employee welfare and the inclusion of diversity metrics that were accurate for Shell but inaccurate for BP. Health and safety data, arguably central to “looking after people,” was omitted entirely. When the prompt was refined to request fatalities and injuries, the system hallucinated figures based on probability rather than fact.

By contrast, when the same task was executed using the enterprise version of Microsoft Copilot with authenticated annual reports uploaded, the results were markedly improved. The system generated a comparative scorecard (Table 1). For example, BP reported one fatality in its Brazil bioenergy business, compared to four fatalities across Shell’s operations in India, Malaysia, the Netherlands and Nigeria. BP disclosed 38 Tier 1 and 2 process safety events, while Shell reported 90 such incidents. Training and development figures also diverged significantly: BP highlighted graduate schemes for approximately 1,100 employees, whereas Shell reported 264,000 training days.

Table 1.

“Scorecard” generated by Microsoft Copilot

Shell reports higher safety incidents and fatalities than BP (90 vs 38; 4 vs 1), while BP has a larger workforce (100,500 vs ~96,000) and Shell invests more socially ($165M vs $76M). See long description.

5.1. Employee and contractor care scorecard

This experiment demonstrates both the potential and the vulnerabilities of AI-enabled transparency. Without carefully selected data and precise prompting, outputs can mislead rather than inform. Furthermore, it raises regulatory concerns about “AI washing,” where firms may strategically frame disclosures to align with algorithmic parsing rather than substantive performance (SEC.gov | SEC Charges Two Investment Advisers with Making False and Misleading Statements About Their Use of Artificial Intelligence, n.d.). Conversely, when deployed with authenticated data and robust oversight, AI can enhance comparability and accessibility, offering a glimpse of its transformative potential.

The transparency paradox is not confined to individual firms. As Chiu (n.d.) observes, risks must be understood through the lens of the reporting chain, the network of actors that consume and intermediate corporate disclosures, including investors, analysts, regulators and even social media “finfluencers.” If these actors converge upon the same generative models, analytical homogenization may occur, amplifying errors across markets and potentially precipitating systemic instability. Conversely, if AI enhances monitoring capabilities, market discipline could be strengthened, incentivizing firms to invest in sound governance of AI adoption. Which trajectory prevails depends on the robustness of regulatory frameworks and the diversity of AI models deployed.

The pursuit of transparency through AI promises efficiency and accountability, yet risks opacity, misinformation and systemic fragility. Transparency is not merely a technical output but a normative construct underpinning corporate legitimacy. If AI-generated disclosures are unreliable or unintelligible, the procedural ideal collapses, eroding trust in both corporations and the regulatory regimes that govern them. Addressing this challenge requires a multi-layered response: mandatory disclosure of AI use in reporting, board-level governance frameworks for oversight (Cunningham et al., Reference Cunningham, Maskin and Carlson2023) and proactive regulatory supervision, including stress-testing of dominant models (The Financial Stability Implications of Artificial Intelligence, 2024). Without such measures, the season of light may yet yield to darkness.

The transparency paradox reveals a further challenge, as corporations increasingly rely on AI to mediate disclosure, the boundaries between human judgment and algorithmic output begin to blur. This raises not only epistemic concerns about accuracy but ontological questions about agency. The next section explores how the attribution of “personhood in relation to AI systems” complicates traditional doctrines of responsibility and legitimacy.

6. Anthropomorphism problem

One of the most striking developments in AI has been its apparent adoption of “human-like” behaviors. A simple yet telling example can be seen within the technology itself: Claude, for instance, displays the word “thinking” beneath a prompt, subtly suggesting cognitive processes that evoke human traits. Scholars outside the legal sphere have described this phenomenon as technology being “too human and not human enough” (Laestadius et al., Reference Laestadius, Bishop, Gonzalez, Illenčík and Campos-Castillo2024), capturing the tension between simulation and reality. This raises profound questions about the blurred boundaries between AI and human interaction, questions that resonate with long-standing debates in corporate law concerning the concept of “types of person.” Just as the corporation has been afforded legal personhood, parallels are now drawn between AI systems and corporate personhood. This section explores these challenges and critically evaluates the problem of anthropomorphizing AI, considering its implications for accountability, legitimacy and the normative foundations of governance.

Personhood in corporate law has historically been divided into corporate (juridical) personhood and natural personhood, with agency challenges between the two dominating the literature in the mid-20th century. The notion of personhood has even been extended to other legal fictions, such as the Whanganui River in New Zealand. Personhood in the corporate context predates limited liability and can be attributed back as far as Sutton’s Hospital (1612) 77 Eng Rep 960 and the separation of a corporate fund (see Watson, Reference Watson2022). The origin of corporate personhood as understood today is outlined in the mid-late 1800s, where courts grappled with notions of personhood in closely held corporations (Foss v Harbottle, 1843; Salomon v Salomon & Co Ltd, 1897). The modern-day approach for a corporation to become operational and formally recognized as a legal person is through the process of registration and incorporation. It therefore follows that, should AI develop into a similar legal fiction, a framework requiring a similar registration process would be required.

Transplanting features from corporate law requires an understanding of the applicability of personhood to corporations. Much like corporations, AIs can be seen as legal fictions (see Coase, Reference Coase1937; Gindis, Reference Gindis2016; Jensen & Meckling, Reference Jensen and Meckling1976). Analogous to corporations, efficiency gains could be derived from AI becoming juridical persons. Yet a key feature of theories of the firm (corporation) is the idea of agency and whether this is carried out by a flesh-and-blood (Gindis, Reference Gindis2016). Personalizing AI systems obfuscates the relationship between those using the AI and those subject to its use. This leads us to the question of why we might grant personhood to an AI system. Such a grant differs from the corporation, which scholars such as Micheler contend is real by their very nature of collective efforts of a group of persons (Micheler, Reference Micheler2021). Gindis contends that the firm (as he conceptualizes it) is essential to transaction cost minimizing (Gindis, Reference Gindis2016). In this sense, AI systems are entirely different as there is no economic efficiency through minimizing contract costs, nor the development of a corporate fund (Watson, Reference Watson2022). It can, therefore, be surmised that, despite its “fictitious” similarity, AI systems as current efficiency tools fall short of a justification akin to that of corporate personhood so as to grant legal status.

Even if legal personhood were extended to AI, lessons from corporate law remain instructive. First and foremost is human oversight. A key characteristic of corporate law (Kraakman, Reference Kraakman2017) is that of delegated management. If AI systems are to develop into legal persons, there must be human oversight through individuals akin to the director–company relationship. These natural agents of the AI system must be subject to duties of regulatory oversight and, given the externality effects of corporations, must mitigate the externality threat posed by AI. It is also suggested that a lesson which can be learned from corporate law is that of a register and reporting requirements. Should AI develop into a legal person, these correlative controls are ones that should be clearly defined from the outset.

The anthropomorphism problem illustrates how framing AI as a legal person risks obscuring accountability and distorting the normative foundations of corporate law and governance. While corporate personhood has been claimed to evolve to serve economic and organizational efficiency, AI is absent from a comparable justification in its current state of development. The legal fiction of AI in this sense is symbolic, not functional. Notwithstanding AI’s absence of legal personality, its meteoric rise in recent years raises questions of legitimacy and how the use of these AI systems could perpetuate power imbalances. The next section examines this crisis.

7. Legitimacy crisis

Corporate power is a pervasive and complex phenomenon that extends beyond traditional notions of individual influence. Berle famously described power as “next to love as one of the oldest social phenomena” (A. A. Berle, Reference Berle1959, p. 77), and within the corporate context, this power is amplified by structural and financial architecture. Corporations possess the ability to impose their will not only on internal parties but also on shareholders, creditors and society at large. Mikler’s empirical research underscores this reach: Fortune Global 500 companies account for half of the global economy, with the top 20 firms generating revenues exceeding the expenditure of 166 states (Mikler, Reference Mikler2018). This capacity enables corporations to influence state policy, as evidenced during the global financial crisis and the COVID-19 pandemic, where governments often prioritized corporate interests over public welfare. Corporate power is exercised through multiple channels: control over capital allocation, pricing strategies, access to raw materials and technological innovation (A. A. Berle, Reference Berle1959, p. 99). It is further entrenched by the separation of ownership and control, creating discretionary administrative power concentrated in managerial hands (Moore, Reference Moore2015). While economic power is justified as essential for production and distribution (A. A. Berle, Reference Berle1959, p. 99), its legitimacy depends on effective accountability. Without robust checks, corporate power risks becoming structurally unstable, challenging both governance integrity and democratic norms (Parkinson, Reference Parkinson1995; Stokes, Reference Stokes1986).

The justification of corporate power is often legitimized by control mechanisms; in the absence of democratic systems within the corporation, this legitimacy is achieved through market norms. It is universally accepted that corporations are by their very nature powerful and that the functioning economy is dependent on these corporations. The challenge in the age of the technology revolution is that there is a growth of non-fungible capital, where fungible capital has been the norm since the early adoption of the corporation, through promoters. Berle and Means highlighted additional challenges where there is dispersion among shareholders (A. Berle & Means, Reference Berle and Means1932) as traditional methods of shareholder oversight were becoming increasingly diluted. This new age of “data capital” (MIT Technology Review Insights archive, n.d.) is rendering a similar outcome. Data is now more valuable than ever before and those in possession of significant data wield new dimensions of power.

Data as a form of “capital contributor” is not in and of itself problematic or nefarious; the challenge is who controls the contribution and use of this data. The abuse of data by technology companies pre-dates the discovery of generative AI (Cadwalladr & Graham-Harrison, Reference Cadwalladr and Graham-Harrison2018). Technology companies can be seen as quasi-public in this regard because of the power and influence they have, especially in light of the holding of significant datasets. The further development of technology and agentic AI to process this dataset affords corporations previously enigmatic boundaries. Coupled with the seemingly boundaryless ability to process and manipulate data is the holding of this data. Large technology companies that control these technologies are in a form of oligopoly, which further concentrates the already inordinate power a “typical” multinational company may have.

This concentration of power is held by the “Big Tech” companies such as Alphabet (Google), Amazon, Meta (Facebook), Apple and Microsoft (Statista, n.d.). Moreover, these large corporations are purchasing smaller AI start-up companies as “aggressive” acquisitions in the AI race (“The Race For AI,” ). The M&A market for AI companies has more than doubled in the last decade (“Acquiring AI Companies,” ). Khanal et al. contend that rapid popularization of GenAI will further accelerate the power in the hands of Big Tech (Khanal et al., Reference Khanal, Zhang and Taeihagh2025). These strategies and the ability to grow already powerful corporations and reduce competition through acquisition demonstrate the need for tailored intervention in the corporate landscape to manage these new challenges.

Corporations are powerful actors in society, capable of making decisions with profound external consequences (Parkinson, Reference Parkinson1995; Underwood, Reference Underwood2024). In the age of Big Tech, this power is magnified by control over data and algorithmic systems, creating new dimensions of influence that extend beyond traditional economic capital. The long-standing critique of corporate power and the need for its legitimization now intersects with technological dominance, where oligopolistic structures and aggressive acquisitions further concentrate authority. To sustain trust and accountability, closer attention must be paid to the concept of a social license to operate (Brand, Reference Brand2024). A robust framework is essential, one that ensures corporate power in the technological era is not only efficient but legitimate, aligning governance with democratic principles and societal expectations.

8. Conclusion

This paper has examined key themes, challenges and opportunities at the intersection of corporate law and AI. It has explored governance gaps, integration dilemmas and the competing approaches of fragmented and unified compliance, alongside the tensions embedded in directors’ duties. Further, it has addressed the categorization of personhood and the legitimacy problems that arise when technology reshapes corporate governance. Together, these themes underscore the complexity of regulating corporations in an era of algorithmic decision-making, both at present and while looking forward to what may be a future full of constant and, at times, unexpected change.

We are, in Dickensian terms, in a season of extreme light, where innovation promises unprecedented gains, but without careful, context-specific measures, these opportunities risk being eclipsed by systemic failures that may have enduring adverse effects on both corporate governance in particular and on global society as a whole. Indeed, the delicate balance between the corporation and its many public and private stakeholders may be put at risk. The papers that follow interrogate these tensions in depth, revealing how corporate law must adapt to safeguard accountability and legitimacy. As corporations assume an ever-expanding role in society, amplified by technological power, the question is no longer whether law can keep pace, but whether it can recalibrate the very foundations of governance. The study of this intersection has never been more urgent, and its resolution will indeed shape the architecture of corporate power for decades to come.

In this season of light and shadow, the future of corporate law will be measured not by its ability to regulate technology but by its capacity to safeguard human trust and concrete interests (i.e. humans as the ultimate corporate beneficiary) in an era where code, not capital, commands power.

Acknowledgements

In preparing the final version of this article, the authors used assistive tools for language editing and to produce a case/use study for AI in context. All AI-generated content was critically reviewed and approved, and the authors retain full responsibility for the accuracy and integrity of the manuscript.

Author contributions

CRediT Taxonomy Peter Underwood Writing – original draft–Equal, Writing – review & editing–Equal Patrick O’ Malley Writing – original draft–Equal, Writing – review & editing–Equal.

Funding statement

This research received no specific grant from any funding agency in the public, commercial or not-for-profit sectors.

Competing interests

The authors declare no potential conflicts of interest with respect to the research, authorship and/or publication of this article.

Patrick J. O’Malley, BA (Providence College), DÉS (The Graduate Institute), JD (Boston College Law School), PhD (University of Navarra), is a dual US–UK qualified lawyer and Associate Professor of Law and International Relations in the Faculty of Law of the University of Navarra in Pamplona, Spain. While his professional legal experience focused on international capital markets, corporate transactions and venture capital, his academic interests have focused on global corporate anti-bribery compliance, the intersection between ethical and legal issues in business, AI and corporate governance, as well as legal recognition of corporate stakeholders. Previous publications include a monograph with Edward Elgar entitled Directors’ Duties and Corporate Anti-corruption Compliance: The “Good Steward” in US and UK Law and Practice.

Peter Underwood, LLB (Nottingham Law School), LLM (ULaw Bristol), PhD (Exeter), is a Senior Lecturer at the Faculty of Law, University of Auckland, New Zealand. Prior to this, he was a Lecturer in Law at the University of Exeter, UK, where he was a director of the research center for commercial and corporate law. Previous publications include AI in the Boardroom: Let the Law be in the Driving Seat and a recent monograph with Routledge titled Corporate Group Legitimacy.

References

Directive (EU) 2022/2464.Google Scholar
Saxon Woods Investments Limited v. Francesco Costa [2025] EWCA Civ 708.Google Scholar
Sutton’s Hospital (1612) 77 Eng Rep 960.Google Scholar
The Corporate Sustainability Due Diligence Directive (CSDDD) - Directive (EU) 2024/1760.Google Scholar
Ahern, D. (n.d.). The great AI goodbye: Profit maximisation, employee impacts, and directors’ best interests duty. Cambridge Forum on AI.Google Scholar
Berle, A., & Means, G. (1932). Modern corporation and private property. Transaction Publishers.Google Scholar
Berle, A. A. (1959). Power without property: A new development in American political economy. (vol 56). Harcourt, Brace.Google Scholar
Brand, V. (2024). Directors’ duties and AI regulation. Griffith Law Review, 33(4), 324354. https://doi.org/10.1080/10383441.2024.2422221CrossRefGoogle Scholar
Cadwalladr, C., & Graham-Harrison, E. (2018, March 17 ). Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach. The Guardian. https://www.theguardian.com/news/2018/mar/17/cambridge-analytica-facebook-influence-us-electionGoogle Scholar
ChatGPT. (n.d.). ChatGPT. Retrieved 3 December 2025, from https://chatgpt.com/Google Scholar
Chiu, I. H.-Y. (n.d.). Using generative artificial intelligence in corporate narrative reporting: Understanding risks within the lens of a ‘reporting chain’ approach. Cambridge Forum on AI.Google Scholar
Coase, R. (1937). The nature of the firm. Economica, 4(16), 386405. https://doi.org/10.1111/j.1468-0335.1937.tb00002.xCrossRefGoogle Scholar
Companies Act 2006.Google Scholar
Courthouse News Service. Meta and Google hit with $6 million verdict for social media harms to young woman. Retrieved 8 April 2026 from https://www.courthousenews.com/meta-and-google-hit-with-6-million-verdict-for-social-media-harms-to-young-woman/Google Scholar
Cunningham, L. A., Maskin, A., & Carlson, J. B. (2023). The UPS and DOWNS of GENERATIVE AI for Boards: Generative AI is changing the way the public accesses information, but it doesn’t change how directors must approach their duty of care. Directors & Boards, 48(1), 1621. https://doi.org/10.2139/ssrn.5016014Google Scholar
Deakin, S., & Konzelmann, S. J. (2003). After Enron: An age of enlightenment? Organization, 10(3), 583587. https://doi.org/10.1177/13505084030103017CrossRefGoogle Scholar
Financial Services and Markets Act (2000).Google Scholar
The Financial Stability Implications of Artificial Intelligence. (2024, November 14 ). Financial Stability Board. https://www.fsb.org/2024/11/the-financial-stability-implications-of-artificial-intelligence/Google Scholar
Foss v Harbottle, 67 E.R. 189; (1843) ___ (1843).Google Scholar
Gindis, D. (2016). Legal personhood and the firm: Avoiding anthropomorphism and equivocation. Journal of Institutional Economics, 12(3), 499513. https://doi.org/10.1017/s1744137415000235CrossRefGoogle Scholar
Hacker, P., Mittelstadt, B., Hammer, S. (2025). Oxford Handbook on the Foundations and Regulation of Generative AI. https://philpapers.org/rec/HACOHO 10.1093/oxfordhb/9780198940272.001.0001CrossRefGoogle Scholar
Jackowski, M., & Greser, J. (n.d.). AI and corporate responsibility–From fragmented compliance to unified governance. Cambridge Forum on AI.Google Scholar
Jensen, M. C., & Meckling, W. H. (1976). Theory of the firm: Managerial behavior, agency costs and ownership structure. Journal of Financial Economics, 3(4), 305360. https://doi.org/10.1016/0304-405x(76)90026-xCrossRefGoogle Scholar
Kahn, L. (2024, November). AI Safety and Automation Bias. Center for Security and Emerging Technology. https://cset.georgetown.edu/publication/ai-safety-and-automation-bias/ 10.51593/20230057CrossRefGoogle Scholar
Khanal, S., Zhang, H., & Taeihagh, A. (2025). Why and how is the power of Big Tech increasing in the policy process? The case of generative AI. Policy and Society, 44(1), 5269. https://doi.org/10.1093/polsoc/puae012CrossRefGoogle Scholar
Klengel, E., & Wenckebach, J. (2021). Artificial intelligence, work, power imbalance and democracy – Why co-determination is essential. Italian Labour Law e-Journal, 14(2), 161. https://doi.org/10.1017/9781839701047.012Google Scholar
Kraakman, R. H. (2017). The anatomy of corporate law: A comparative and functional approach. Oxford University Press.10.1093/acprof:oso/9780198739630.001.0001CrossRefGoogle Scholar
Laestadius, L., Bishop, A., Gonzalez, M., Illenčík, D., & Campos-Castillo, C. (2024). Too human and not human enough: A grounded theory analysis of mental health harms from emotional dependence on the social chatbot Replika. New Media & Society, 26(10), 59235941. https://doi.org/10.1177/14614448221142007CrossRefGoogle Scholar
Lantz, Jean-Sébastien Sahut, Jean-Miche 2005 INTERNATIONAL JOURNAL OF BUSINESS, R&D Investment and the Financial Performance of Technological Firms 103 251Google Scholar
Lee, J., & Underwood, P. (2022). AI in the boardroom: Let the law be in the driving seat. International and Comparative Corporate Law Journal. https://doi.org/10.2139/ssrn.3874588Google Scholar
Letter from the Delaware Department of Justice, Re: OpenAI, Inc.’s Corporate Restructuring, Statement of Non-objection, 28 Oct. 2025, https://news.delaware.gov/files/2025/10/2025-10-28-OpenAI-DEAG-Statement-of-Nonobjection.pdfGoogle Scholar
Magesh, V., Surani, F., Dahl, M., Suzgun, M., Manning, C. D., & Ho, D. E. (2025). Hallucination-free? Assessing the reliability of leading AI legal research tools. Journal of Empirical Legal Studies, 22(2), 216242. https://doi.org/10.1111/jels.12413CrossRefGoogle Scholar
Micheler, E. (2021). Company law: A real entity theory. Oxford University Press.10.1093/oso/9780198858874.001.0001CrossRefGoogle Scholar
Mikler, J. (2018). The political power of global corporations. John Wiley & Sons.Google Scholar
MIT Technology Review Insights Archive. (n.d.). Data’s Identity in Today’s Economy. MIT Technology Review. Retrieved 4 December 2025, from https://www.technologyreview.com/2016/04/07/108767/datas-identity-in-todays-economy/Google Scholar
Moore, M. T. (2015). Understanding the modern company through the lens of Quasi-Public Power. University of Cambridge Faculty of Law Research Paper, 53.10.2139/ssrn.2655493CrossRefGoogle Scholar
Parkinson, J. E. (1995). Corporate power and responsibility: Issues in the theory of company law. Oxford University Press.Google Scholar
Salomon v Salomon & Co Ltd, [1897] AC 22 (HL) ___ (1897).Google Scholar
Savoie, C. (n.d.). Current Directions in AI governance for corporate boards of directors: Listed company challenges. Cambridge Forum on AI.Google Scholar
SEC.gov | SEC Charges Two Investment Advisers with Making False and Misleading Statements About Their Use of Artificial Intelligence. (n.d.). Retrieved 3 December 2025, from https://www.sec.gov/newsroom/press-releases/2024-36Google Scholar
Statista. (n.d.). Artificial intelligence (AI) market leaders. Statista. Retrieved 4 December 2025, from https://www.statista.com/topics/13788/artificial-intelligence-ai-market-leaders/Google Scholar
Stokes, M. (1986). Company law and legal theory. Legal Theory and Common Law, 155183. https://doi.org/10.4324/9781315091730-12Google Scholar
Underwood, P. (2024). Corporate group legitimacy: Reconceptualising the corporate group. (1st ed.). Routledge.10.4324/9781003424352CrossRefGoogle Scholar
Villiers, C. (2001). Disclosure obligations in company law: Bringing communication theory into the fold. Journal of Corporate Law Studies, 1(1), 181209. https://doi.org/10.1080/14735970.2001.11419858CrossRefGoogle Scholar
Villiers, C. L. (2006). Corporate reporting and company law. Cambridge University Press.10.1017/CBO9780511494857CrossRefGoogle Scholar
Watson, S. (2022). The Making of the modern company. (1st ed.) Hart Publishing.10.5040/9781509923656CrossRefGoogle Scholar
Yankouskaya, A., Liebherr, M., & Ali, R. (2025). Can ChatGPT be addictive? A call to examine the shift from support to dependence in AI conversational large language models. Human-Centric Intelligent Systems, 5(1), 7789. https://doi.org/10.1007/s44230-025-00090-wCrossRefGoogle Scholar
Figure 0

Table 1. “Scorecard” generated by Microsoft CopilotTable 1 long description.