BACK TO UNFILTERED
AI and GovernanceJune 25, 2026|READING TIME: 4 MIN

When AI Speaks, Who Is Liable?

When an AI system speaks, decides, or acts, "the AI did it" is not a defense. A case for attribution, audit trails, and real accountability infrastructure.

When AI Speaks, Who Is Liable?

"The AI made a mistake." That sentence is a confession with no confessor. And in every boardroom, courtroom, and audit committee meeting where accountability gets tested, a mistake without a confessor is just a liability looking for a home.

Most companies now call their AI governance program "responsible AI principles" — a webpage, a slide deck, a values statement with no name attached to it. That is theater. It looks like accountability. It functions like insulation. The gap between the two will get expensive, either because leaders close it voluntarily or because regulators and plaintiffs close it for them. The voluntary route is cheaper, and it preserves more dignity for everyone involved.

A Tool Does Not Decide. An Agent Does.

Here is the first distinction every CFO, general counsel, and board member has to internalize: there is a categorical difference between a tool and an agent. A hammer does not recommend. A calculator does not advise. But an AI system that reads a patient chart and suggests a treatment, that reviews a loan application and returns a decision, that drafts a contract and sends it — that system is acting. It is not a tool in the legal or ethical sense. It is an agent operating on someone's behalf.

Agency creates liability. Always has. The principal-agent relationship is one of the oldest frameworks in law and finance precisely because societies recognized, centuries ago, that when you authorize someone — or something — to act for you, you answer for what it does. "The AI did it" is not a defense. It is an admission. You deployed it. You authorized it. You are the principal.

Accountability used to follow authority. Now companies want the authority without the accountability. That trade does not clear.

Consider a diagnostic tool that flags the wrong result, or a hiring model that quietly filters out qualified candidates. The person on the receiving end does not care whether the error originated in the model weights, the training data, or a deployer's configuration settings. They care who answers for it. Someone must. Full stop.

The Audit Trail Is the Accountability Infrastructure

Accountability, at its core, is a record-keeping problem. Who authorized what, when, with what information, and what happened as a result. This is not bureaucracy — it is the architecture of trust. Without it, no one can reconstruct a decision, assign responsibility, or learn from a failure. The same discipline that governs a financial statement has to govern an AI system that speaks or acts on a company's behalf.

Real accountability infrastructure for AI looks like this:

  • Attribution at every layer. Which model version produced the output? Which operator configured the deployment? Which human reviewed — or chose not to review — the result before it reached the end user? Every layer needs a name attached to it.
  • Immutable decision logs. Not summaries. Logs. The same way a financial audit requires source documents, an AI governance audit requires the actual inputs, outputs, and configuration states at the time of each consequential decision.
  • Defined human-in-the-loop thresholds. Not "human oversight" as a vague concept, but a written policy stating which categories of decisions require human review before action, who that human is, and what authority they hold to override the system.
  • Liability mapping before deployment, not after incident. The model maker, the deployer, and the operator each carry a distinct slice of responsibility. Document it contractually, explicitly, before the system goes live. After the incident is too late and too expensive.

The people entering AI research, product, and governance roles today will inherit whatever standard gets set now. What they deserve to inherit is a profession that treated accountability as a design requirement, not a retrospective apology issued after the damage is done.

The Standard We Set Now

Money used to buy distinction. Now it buys delivery. Power used to require presence. Now it scales invisibly through systems. The question is not whether AI will speak, decide, and act on behalf of people and organizations — it already does. The question is whether the humans who own those systems will stand behind what the systems do.

Governance is not a constraint on innovation. It is the condition under which innovation earns trust. Build the audit trail. Name the responsible parties. Accept that deploying an agent means answering for the agent. That is not a burden. That is leadership. And leadership, unlike liability, does not get to hide behind a model card.

SUBSCRIBE TO
UNFILTERED

UNFILTERED — one essay a week on culture, business, travel, design, AI, and leadership. No noise, no recycled advice.

  • ONE ESSAY, WEEKLY
  • READ IN 5 MINUTES
  • UNSUBSCRIBE ANYTIME

Alicia Dahling writes Unfiltered weekly.

OTHER ESSAYS