AI Liability in the Boardroom: Governance, Risk and Enforcement Readiness in 2026
European boards are operating in an increasingly demanding regulatory environment. The EU AI Act, GDPR, DORA, NIS2, and the US Cloud Act are not abstract compliance exercises: they impose direct obligations on boards, legal, compliance functions, and technology executives across the EU, with meaningful differences in how national authorities interpret and enforce these rules in France, Germany, and Italy.
In France, the CNIL has sharpened its enforcement priorities on AI and data processing, while the EU AI Act’s obligations for deployers of high-risk AI systems apply across all regulated sectors. In Germany, the NIS2UmsuCG entered into force in December 2025, establishing personal liability for managing directors in the event of cybersecurity failures, and DORA creates stringent ICT risk management obligations for financial institutions and their supervisory bodies. In Italy, the Garante per la protezione dei dati personali has been among Europe’s most active data protection authorities on AI, and financial institutions face additional supervisory expectations from Banca d’Italia on ICT and AI risk governance.
In this webinar, three leading experts in AI law, risk, and compliance governance explored how boards can move from regulatory awareness to enforcement readiness in 2026, and what governance infrastructure needs to be in place before a regulator, auditor, or counterparty asks.
Event Objectives
This webinar was designed to help Board Members, General Counsel, Chief Compliance Officers, Risk Leads, and Governance professionals:
Speakers
Elise Dufour
Partner, Stephenson Harwood AARPI (Paris)
Elise is a Partner at Stephenson Harwood AARPI in Paris, where she specialises in AI, data protection, and cybersecurity law. She advises organisations across Europe on the regulatory implications of AI deployment, with deep expertise in the EU AI Act, GDPR, DORA, and NIS2. Her practice covers both strategic compliance design and regulatory defence, with particular focus on the French regulatory environment and cross-border obligations for organisations operating across the EU. Elise is a recognised voice on AI governance in the French legal and compliance community.Lena Dridi
Head of Legal & Governance Solutions, Convene
Lena leads the Legal and Governance Solutions offering at Convene, working with legal teams, compliance leaders, and governance professionals across Europe to navigate the intersection of regulatory obligation and board-level infrastructure. Her work spans AI governance, data sovereignty, and the structural requirements that make board oversight audit-ready and enforcement-resilient. She advises organisations on how to translate European regulatory frameworks into practical governance workflows, and regularly speaks on AI liability, board accountability, and the evolving expectations of regulators for responsible AI adoption.Moderator
Laure Mazzoleni-Robin
President, Scientific Committee, Institut du Risk & Compliance
Laure is President of the Scientific Committee at the Institut du Risk & Compliance, France’s leading centre for risk and compliance research, education, and professional development. She leads the Institute’s research agenda and brings extensive expertise in compliance programme design, governance frameworks, and the practical implementation of European regulatory obligations at board and executive level. Laure is a trusted voice in the French and European compliance community on risk culture, AI governance, and the evolving expectations of regulators.
