Growing Risks for Regulators in the Age of AI

The rise of Artificial Intelligence (AI) has unlocked extraordinary capabilities across every sector, including in the legal and regulatory sphere. But with that transformation, which is progressing at lightning-quick speed, comes an equally dramatic rise in risks for regulators. Whether overseeing healthcare, education, finance, legal services or other areas of professional standards, regulators are feeling the pressure where the rise in instant-access and quick thinking AI is making it easier than ever for complaints, reports and responses to be generated and submitted. And the pace is only accelerating.
 

Increased Reports: When AI lowers the barriers to making a complaint
 

One of the most significant shifts triggered by AI is the sheer volume of concerns being raised. Whilst formal complaint numbers for recent times await publication, anecdotal evidence from regulators is that generative AI tools such as ChatGPT have made it remarkably simple for the public to articulate problems in formal, often highly legalistic language. Indeed, for many they are now aware of the functions and roles of regulators in a way that they simply were not aware of before.

Tasks that once required specialist knowledge or hours of drafting can now be completed in minutes, and this has removed a major barrier to making a formal complaint. People who may previously have felt unable or unconfident to raise concerns can now do so more easily than ever. The result? A rising tide of reports landing in the inboxes and on the desks of regulators across multiple sectors.

At the same time, organisations are also using AI to flag and generate internal concerns, which can then cascade into regulatory notifications. The effect is a system in which everyone can produce faster and more voluminous concerns – and regulators sit at the end of that funnel.

The Resource Crunch: What happens when volumes outstrip capacity?
 

Regulators already operate in environments where budgets are tight, expectations are high, and statutory duties must be met regardless of internal pressure. A sudden or sustained surge in complaints raises a critical question of how regulators respond to any significant and fast increase in complaints?

This is no longer a hypothetical scenario. Many regulators are already experiencing:

• Increased volumes of submissions that require screening or assessment
• Longer, more complex complaints, often drafted by AI and packed with references, assertions, or irrelevant legal material
• Higher expectations from the public, who assume an AI‑accelerated complaint should mean an AI‑accelerated response
• Operational strain in triaging low‑value or vexatious concerns

Every concern, however spurious, must be sifted before it can be dismissed or investigated, and sifting itself takes time and places demand on resource.

Rethinking the Regulatory Response: Triage, Prioritisation, and Intelligent Sifting
 

To survive this new landscape, regulators will need to evolve. Traditional models of reviewing every concern in full may no longer be sustainable in an environment where the flow of information is effectively limitless. However, regulators have a duty and core responsibility to uphold professional standards and protect members of the public.

Whilst each regulator will have to consider how it deals with the increasing challenges of AI, the regulatory response is likely to develop around a few core pillars:

1. Smarter Triage Systems

Regulators will increasingly require digital tools – including their own AI systems – to sort, cluster, and identify redundant concerns before a human ever sees them. The aim is to ensure that staff time is directed toward cases that truly warrant intervention.

2. Threshold Raising

Some regulators may need to reconsider what triggers a formal investigation or even an initial assessment. This may mean new statutory thresholds, revised guidance, or more robust screening tests.

3. Clearer Rules for Complainants

As AI‑generated complaints become more frequent, regulators may need to set expectations about:

• what constitutes a valid complaint,
• what level of evidence is required,
• how to manage overly technical or AI‑enhanced submissions.

One practical approach may be to introduce word count limits for initial complaint submissions. This would encourage complainants to focus on the core issues and key facts at the outset, making the initial triage process more manageable for regulators. Such limits need not prevent a full account being given – rather, they would create a structured process whereby assessors can request additional information, clarification, or supporting evidence as needed during the assessment phase. This iterative approach allows regulators to gather the right information at the right time, rather than being overwhelmed by lengthy, AI-generated submissions that may contain significant amounts of irrelevant material.

Such changes may include updated complaints procedures or digital intake forms designed specifically to manage AI‑generated content.

4. Use of AI Within the Regulator

There is no avoiding it: regulators will need AI themselves. Tools will become essential that can:

• identify patterns;
• summarise lengthy submissions;
• filter for key risk indicators;
• identify vexatious or automated complaints.

The aim is not to replace human oversight or human judgement and insight, but to ensure humans are only spending time where they are genuinely needed.

The regulatory policy landscape will need to adapt at speed. Key questions are already emerging:

• Should regulators publish formal guidance on how AI‑generated complaints are processed?
• How do regulators ensure fairness when some complainants may use powerful AI tools and others may not?
• Should regulators require complainants to disclose the use of AI in preparing submissions?
• How can regulators maintain public trust if delays grow due to overwhelming case volumes?
• Should legislation evolve to create new categories of “automated” or “AI‑assisted” reporting?

For many regulators, particularly those with sponsor government departments, there is a potential urgent need to advocate for investment in their own technological infrastructure. Regulators cannot be expected to manage an AI-driven surge in complaints using outdated systems and manual processes. Where regulators have sponsoring departments, they should be actively making the case for front-end investment – both in digital triage systems and in their own AI capabilities to help drive operational efficiencies. Without such investment, there is a real risk that regulators will be unable to fulfil their statutory duties in a timely manner, which could undermine public confidence in professional regulation

A Turning Point for Regulation
 

AI is transforming not just the sectors that regulators oversee, but the regulatory system itself.

To remain effective, regulators must:

• embrace a smarter form of digital triage;
• reassess their operating models;
• consider investment in their own AI tools and how to approach this; and
• set clear expectations for the public and professionals alike.

The question now is not whether regulators will adapt, but how quickly they can do so – and whether the policy framework will keep pace with a world where AI has fundamentally changed the scale, scope and nature of regulatory risk.

About the author

Sarah is a Legal Director in the Regulatory team. Sarah is primarily responsible for investigating and preparing cases on behalf of various regulatory bodies. Sarah leads investigations on behalf of the Architects Registration Board (ARB), General Dental Council (GDC) and Teaching Regulation Agency (TRA). Sarah is ranked as a ‘Rising Star’ in Legal 500 2023.