Потрібна допомога адвоката?

Залишай заявку

Key legal risks of using AI in business

The implementation of AI raises several blocks of risks at once: data, liability, ethics, and cybersecurity. Firstly, artificial intelligence models often “feed on” personal and sensitive data of clients, employees, or counterparties, which exacerbates questions of the lawfulness of processing, storage, and transfer of information in the context of Ukrainian legislation and GDPR standards.
Secondly, the problem of allocating responsibility between the developer, integrator, and end user of the system is growing: who is liable for an erroneous AI decision — for example, an unlawful refusal to a client or a discriminatory assessment of a candidate during automated recruitment. Thirdly, generative AI intensifies ethical dilemmas: content manipulation, deepfakes, intentional or unintentional discrimination, excessive dependence of staff on algorithms, and the erosion of professional responsibility.
Role of legal support in corporate AI governance
Effective legal support for AI implementation begins with building a governance system, rather than with “point‑based” checks of individual contracts or policies. Companies are advised to create a cross‑functional AI governance committee that includes lawyers, compliance officers, IT and cybersecurity specialists, HR, and business managers, which allows legal requirements to be integrated into all stages of the AI solution lifecycle.
Lawyers in this process act as “architects of the rules of the game”: they are responsible for developing internal AI usage policies, impact assessment procedures (AI impact assessment), as well as forming the contractual framework with developers and providers of AI services. Importantly, the legal function must be closely integrated with the company’s risk management system so that regulatory requirements are automatically transformed into KPIs and control procedures.
Strategic approach to AI compliance
Global experience shows that it is not enough for businesses to simply “comply with the law” — they need to build a strategic approach to managing AI risks, which includes culture, staff training, and continuous process improvement. Companies that adopt the “fail fast — learn fast” principle adapt AI usage more successfully, as they quickly test solutions, capture errors, and transform them into formalised legal and organisational changes.
In such a model, legal support becomes a continuous service: regular compliance audits, updating internal policies in line with changes in the AI Act, GDPR, and Ukrainian regulations, as well as preparing the company for possible regulatory inspections. For Ukrainian businesses, proactive setup of AI compliance procedures is particularly relevant, as national legislation is rapidly evolving under the influence of European standards and the future special AI law will only tighten requirements.
Practical tasks of a lawyer in AI implementation
At the practical level, legal support includes drafting and adapting contracts with AI providers, where intellectual property rights, liability limits, and data processing regimes are clearly defined. Particular attention is paid to including provisions on algorithm audits, mechanisms for accessing system decision logs, and the customer’s right to conduct independent checks of the model’s safety and ethics.
Another block of work is setting up internal AI usage policies for staff: defining prohibited practices, rules for using external generative services, incident reporting procedures, and preventing leaks of confidential information through AI tools. For high‑risk sectors (finance, healthcare, justice), lawyers develop special “human‑in‑the‑loop” protocols that ensure critical decisions cannot be made solely by an algorithm.
Prospects for AI legal regulation in Ukraine
Academic research and strategic documents emphasise that the Ukrainian model of AI regulation must address at least five systemic problems: fragmentation of the regulatory framework, vague terminology, weak institutional coordination, ethical uncertainty, and limited influence of the private sector on policy‑making. Solving these challenges will require active dialogue between the state, business, and expert community, as well as the implementation of best EU and US practices in protecting human rights when using AI.
For corporate lawyers and compliance officers, this means that the role of legal support for AI implementation will only grow: they must simultaneously navigate current rules and anticipate future requirements, embedding them into the company’s digital transformation strategy. Companies that invest in AI legal architecture today gain not only protection from regulatory risks, but also a competitive advantage in global markets where responsible technology use is becoming standard.
If you have any questions or problems related to AI implementation in your business, setting up internal policies, or assessing regulatory risks, it is advisable to engage a specialised legal advisor who will help you build a safe and effective AI compliance system in line with Ukrainian and European legislation.
Author: Ihor Yasko, Managing Partner of Legal Firm “WINNER”, PhD in Law.

Потрібна допомога адвоката?

Залишай заявку

Scroll to Top