Author
The Responsible AI Studio editorial team — practitioner-led writing on AI governance, regulation, and the artefacts that make compliance shippable.
We mapped 378 AI-relevant laws across 14 jurisdictions and 14 industries: the regulatory wave, the strictest markets, and the most-regulated sectors.
AI hiring bias audit basics for HR and recruitment teams — NYC Local Law 144, the EU AI Act, and how to scope your first audit.
AI risk register template guidance — how to write a register entry for an employee-facing AI tool, scored on a 5×5 matrix and mapped to NIST AI RMF.
AI tool DPA explained — when an employee AI guideline needs a separate data processing agreement under GDPR Article 28, and what it must include.
What a ChatGPT employee use policy must cover — approved tools, data rules, disclosure, and enforcement — before staff use generative AI at work.
Employee AI guidelines explained — how HR, compliance, and People Ops teams roll out acceptable use, with jurisdiction-aware steps and rollout checklist.
AI vendor assessment template guidance — how to assess the shadow AI tools your employees already use, with a scored 30-question framework.
Article 50 of the EU AI Act requires disclosure when AI is in the loop. What to label, when to label it, and how the watermarking deadline is shifting.
Banks across EU and US face three AI-relevant regulatory layers — the AI Act, DORA, and SR 26-2. How they stack, overlap, and diverge.
SR 26-2 modernised bank model risk management — and left GenAI out of scope. A practitioner's playbook for the AI governance gap it opened.
SR 26-2 placed generative AI outside model risk management. This guide builds the parallel governance track FinServ needs to fill the gap.
NYDFS's October 2024 Industry Letter clarifies how 23 NYCRR Part 500 applies to AI risks. A practitioner walkthrough for FinServ teams.
The Fed's revised model risk management guidance (SR 26-2) supersedes 15 years of SR 11-7 — quietly leaving generative AI to other governance functions.
Annex III of the EU AI Act lists the high-risk AI use cases. This checklist walks HR, security, and ops teams through what counts and what to do about it.
EU AI Act, NIST AI RMF, and ISO 42001 are one governance programme, not three compliance projects. Here's how the obligations line up in practice.
A practitioner's guide to the EU AI Act in May 2026: what is already enforced, what the Omnibus defers, and the moves your AI programme should still make.
The EU's Digital Omnibus on AI defers some deadlines and adds a new prohibition — but most obligations stay live. A practitioner read of the May 2026 deal.