Reflections from an Exclusive Roundtable at The Ivy: Top 10 Takeaways on AI Regulation

Last week, I had the pleasure of hosting an insightful roundtable dinner at The Ivy in Covent Garden, London, bringing together thought leaders, industry experts, and business owners to discuss one of the most pressing topics of our time - AI regulation. Co-hosted by the brilliant Fred Becker, CAO of UnlikelyAI, and Capsule Insurance, the conversation was rich with diverse perspectives, practical concerns and strategic insights.
 

Below are the ten key takeaways from our engaging discussion.

1. EU AI Act – A Phased but Powerful Regulation
 

The EU AI Act, which became law in August last year, is being implemented in stages, allowing businesses time to adapt. Drawing parallels with the GDPR, it can enforce strict fines for non-compliance - up to €35M or 7% of global revenue (whichever is higher), for the most serious breaches, signalling the EU’s commitment to responsible AI development.

2. Four-Tier AI Risk Classification
 

AI systems under the EU AI Act fall into four categories:

• Unacceptable risk: Banned outright (e.g. social scoring, manipulative AI).
• High risk: Requires stringent compliance and audit trails (e.g. credit scoring, border control, law enforcement).
• Limited risk: Requires transparency but minimal compliance (e.g. chatbots and virtual assistants).
• Minimal risk: Low regulatory requirements (e.g. spam filters).

3. The UK’s Uncertain Regulatory Path
 

Unlike the EU’s structured approach, the UK’s regulatory landscape remains fluid. While the previous government favoured a light-touch approach, the new Labour government seems to be moving towards a more structured framework.

4. The Global AI Regulation Landscape
 

Global approaches vary widely, including:

• US: No overarching federal AI law yet, but state-level regulations are emerging.
• China: Strict AI regulations with algorithmic transparency and government oversight.  But there are still significant trust and reliability issues, given state interference.
• OECD/G7: Pushing for risk mitigation and global compliance standards.

5. AI Compliance Challenges for Businesses
 

Many businesses are using AI for customer insights, surveillance and automation. However, transparency is critical. Capturing behavioural data is one thing but tracking identifiable personal data ventures into GDPR territory, requiring careful legal navigation.

6. The Legal and Investment Implications
 

• While GDPR penalties have generally been quite measured in practice, the AI Act may usher in stricter enforcement. Investors and potential acquirers are beginning to scrutinise AI policies, making regulatory compliance a key due diligence factor.
• Programs like Innovate UK are providing significant non-dilutive funding for AI startups.
• Government grants can provide both financial support and accountability structures.
• Investor partnerships can leverage public funding to attract private investment.

7. Transparency and Trust in AI Models
 

With AI models often trained on vast datasets, many companies struggle to pinpoint exact data sources. A key takeaway was the necessity for AI-driven businesses to develop clear, accessible explanations for their data usage to maintain trust with regulators and consumers.

8. Intellectual Property (IP) – The Next Big AI Battleground
 

The conversation highlighted growing concerns about AI’s impact on IP. Many AI models scrape vast amounts of data, often without explicit permission, raising questions about originality, ownership, attribution and fair use. Traditional IP frameworks may be inadequate for the AI era. This is expected to remain a major area of legal contention for the foreseeable future.

9. Risk Management is a Competitive Advantage
 

Companies that proactively engage with regulatory changes - by setting up risk registers, compliance frameworks and internal accountability measures - are better positioned for growth. External accountability via advisors, board members, certification bodies and professional networks,) can help improve compliance. Overall, you should develop a “culture of compliance” across the organisation, not just in the legal/compliance department.

10. The Future: Digital Twins and AI-Driven Workforce Changes
 

Companies are increasingly leveraging AI-driven digital twins for customer profiling and predictive analytics. While this enhances efficiency, it also raises ethical and privacy considerations, requiring thoughtful regulation to balance innovation with consumer rights.

Final Thoughts
 

The roundtable event illuminated the evolving AI regulatory landscape and its direct impact on businesses. While compliance can seem daunting, those who embrace AI governance as a strategic advantage rather than a burden will be best positioned for long-term success.

As AI continues to shape industries, staying informed and engaged in regulatory conversations will be critical.

Some Calls to Action
 

1. Develop a comprehensive risks register: create a documented risk assessment that identifies AI-related risks in your business, potential impacts and mitigation strategies. Update it regularly and ensure accountability across your organisation. Create a culture of compliance across the organisation.
2. Seek external verification and support: consider ISO/SOC certification, working with specialised advisors (including legal) and applying for government innovation programs that provide both funding and accountability structures to strengthen your AI governance approach.  

Need help navigating the opportunities and challenges of AI?
Our AI Advisory Group brings together specialists from across Kingsley Napley to support clients who are building, scaling, selling or using AI technologies. Get in touch to find out how we can help you manage the risks and make the most of the benefits.

About the author

Chris is a highly experienced solicitor who leads the Corporate, Commercial and Finance team’s general Commercial & Technology Contracts, Outsourcing & Data legal advisory services.