Legal liability issues of artificial intelligence and corporate decision making

Artificial intelligence (AI) is now mainstream, in particular, in particular the most popular applications of generative AI. Companies have realized that it is a tool, in its different modalities and versions, that allows making processes more efficient and agile or reconsidering the allocation of the workforce for certain tasks. The decision to acquire or develop AI tools depends on the type of industry and specific needs.

By: Daniel Peña Valenzuela


Corporate management in the age of AI is marked by significant changes in how businesses are organized, operate, and make decisions. Artificial Intelligence technologies are transforming the corporate landscape in various ways, leading to both opportunities and challenges for organizations.

Corporate management in the age of AI requires a strategic approach to leverage the potential of AI technologies while addressing the challenges and ethical considerations associated with their use. Companies that adapt and integrate AI effectively into their operations are more likely to thrive in the rapidly evolving business landscape. Generative AI offers numerous opportunities for businesses, notwithstanding, CEOs and organizations can make mistakes when implementing or utilizing these technologies. Underestimating the Technology: One of the most common mistakes is underestimating the capabilities and limitations of Generative AI.


Artificial Intelligence is useful in corporate decision-making across various industries. For instance in the following fields: (i) Data Analysis and Insights: AI can process and analyze large volumes of data to extract valuable insights. This helps businesses make data-driven decisions by identifying trends, patterns, and anomalies in their data; (ii) Predictive Analytics: AI algorithms can be used to predict future trends, customer behavior, market changes, and more. This assists in making proactive decisions and planning for the future; (iii) Customer Relationship Management (CRM); (iv) AI-powered CRM systems can analyze customer interactions, preferences, and feedback to improve customer service, personalize marketing campaigns, and enhance customer retention strategies; (v) Financial Forecasting: AI can analyze financial data and market indicators to assist in financial planning, budgeting, and investment decisions. It can also help detect financial fraud and reduce risks; (vi) Supply Chain Management: AI can optimize supply chain operations by predicting demand, managing inventory, improving logistics, and reducing costs. This leads to more efficient decision-making in supply chain management; (vii) Human Resources: AI can assist in talent acquisition by screening resumes, conducting initial interviews, and identifying top candidates. It can also help in workforce management and employee engagement; (viii) Marketing and Sales: AI-powered marketing tools can segment audiences, recommend product recommendations, and personalize marketing campaigns. AI can also analyze sales data to optimize pricing strategies and sales forecasts; (ix) Risk Management: AI can assess and predict various types of risks, including cybersecurity threats, credit risks, and market risks. This helps businesses make informed decisions to mitigate and manage risks effectively; (x) Process Automation: AI-driven automation can streamline repetitive tasks and decision-making processes. It improves efficiency and reduces human errors, allowing employees to focus on more strategic tasks; (xi) Natural Language Processing (NLP): NLP-based AI systems can analyze customer feedback, social media mentions, and other text data to gauge public sentiment and make marketing or reputation management decisions; (xii) Product Development: AI can assist in product design and development by analyzing market data, customer feedback, and competitor information to identify opportunities for innovation and improvement; (xiii) Compliance and Regulation: AI can help businesses stay compliant with industry regulations by monitoring and reporting on regulatory changes, ensuring adherence to data protection laws, and identifying potential compliance issues; (xiv) Strategic Planning: AI can provide insights into long-term strategic planning by analyzing market trends, competitive intelligence, and other factors that affect the company’s growth and direction; (xv) Personalized Customer Experiences: AI-driven personalization enhances customer experiences by tailoring product recommendations, content, and communication to individual preferences.

AI can be applied to corporate decision-making. The specific use cases and benefits of AI will vary depending on the industry and the organization’s goals and needs.


The liability of directors in corporate decision-making can vary depending on the legal and regulatory framework of the jurisdiction in which the corporation operates. Directors have a fiduciary duty to act in the best interests of the company and its shareholders. Here are some key aspects of liability for directors in relation to corporate decisions:

  • Duty of Care: Directors are generally expected to exercise due care, skill, and diligence when making corporate decisions. This means they should make informed decisions, be well-informed about the company’s affairs, and act in a manner that a reasonably prudent person would under similar circumstances. If a director fails to meet this duty, they may be held liable for negligence.
  • Business Judgment Rule: Many jurisdictions have a business judgment rule that protects directors from personal liability if they make decisions in good faith and in what they believe to be the best interests of the company. As long as directors are not self-dealing, conflicts of interest are properly managed, and they act within their authority, they are generally protected by this rule.
  • Conflicts of Interest: Directors must disclose any conflicts of interest they may have in a particular corporate decision. Failure to do so can lead to legal liability. If a director stands to benefit personally from a decision at the expense of the company or its shareholders, it can be considered a breach of fiduciary duty.
  • Corporate Governance and Compliance: Directors are responsible for ensuring that the company complies with all applicable laws and regulations. Failure to do so can lead to legal consequences not only for the corporation but also for individual directors who may be held personally liable for regulatory violations.
  • Insider Trading: Directors must also be cautious about insider trading laws. Using non-public information for personal gain or sharing such information with others who may use it for personal gain can lead to serious legal consequences.
  • Environmental and Social Responsibility: In some jurisdictions, there is an increasing focus on environmental and social responsibility. Directors may be held liable if they fail to address significant environmental or social issues that could impact the company’s long-term viability.
  • Bankruptcy and Insolvency: In situations where a company becomes insolvent or enters bankruptcy proceedings, directors may face increased scrutiny. If it’s found that their decisions or actions contributed to the company’s financial distress, they could be held personally liable for some of the company’s debts.
  • Legal Proceedings and Shareholder Actions: Shareholders or other stakeholders can bring legal actions against directors if they believe the directors have breached their duties or acted improperly. These actions can result in financial penalties or removal from the board.

Directors can often mitigate their liability by seeking legal counsel, following best corporate governance practices, and maintaining accurate records of board meetings and decisions. It’s essential for directors to understand the specific legal requirements and standards of care in their jurisdiction and industry to minimize their exposure to liability in corporate decision-making. Additionally, many corporations provide directors and officers (D&O) liability insurance to protect directors from personal financial loss in the event of legal actions.

In Colombia, Law 222 of 1995 introduced a special liability regime to the local legal system. In this sense, civil law evaluates fault in relation to the higher standard of diligence and places the burden on the plaintiff to prove the negligence or carelessness of the person deemed responsible. According to article 22 of Law 222, the following may be responsible in this context: the legal representative, the liquidator, the factor, the members of the board of directors and those who, in accordance with the statutes, exercise administrative functions.

It is the law itself that defines what the duties and obligations of the administrators are, which, if breached, may give rise to their liability. Thus, article 23 of Law 222 of 1995 establishes good faith, loyalty and diligence of a fair businessman as guiding principles in the actions of administrators.

In relation to the duty of diligence, this corporation believes that the standard or abstract model of conduct that should guide the management of the administrator is that of a good businessman, that is, diligence superior to that of an average man, worth noting, that of a professional in the management of the company’s affairs, since the legislator did not limit himself to demanding the actions that any businessman has in the performance of his responsibilities, but rather that which is characteristic of “fair businessmen”

For the high court, the incorporation of the criterion of the fair businessman implies the express exclusion of the tripartite classification of fault in article 63 of the Civil Code, and even more so that of very slight fault and not only that: it also implies that the standard of conduct to which you have referred is understood to be met when the decisions have been made in good faith, without personal interest in the matter, with sufficient information and in accordance with an appropriate procedure,

The liability scheme that concerns directors responds to a model of subjective liability or fault with these requirements (a) the action or omission of a director, contrary to legal, statutory or contractual duties, attributable to fraud or negligence ; (b) damage and (c) the causal link between that and this.

The liability of the administrator may be demanded, either through an individual action (when the damage is suffered by the assets of a partner or a third party) or through a social liability action, which aims to compensate for the damage caused. to the assets of the company.



CEOs who make decisions with the help of Artificial Intelligence (AI) can still be subject to various sources of liability, depending on the specific circumstances, legal framework, and ethical considerations. Here are some potential sources of liability for a CEO using AI in decision-making:

  • Fiduciary Duty: CEOs have a fiduciary duty to act in the best interests of the company and its shareholders. If a decision made with the assistance of AI is found to be contrary to the best interests of the company or if the CEO fails to exercise reasonable care in utilizing AI tools, they could be held liable for breaching their fiduciary duty.
  • Ethical Concerns: Using AI in decision-making may raise ethical concerns, such as bias in AI algorithms or the ethical implications of certain decisions. If a CEO fails to address or consider these ethical concerns, it can lead to reputational damage and potential legal repercussions.
  • Regulatory Compliance: Depending on the industry and jurisdiction, there may be regulations that govern the use of AI, especially in sectors like healthcare, finance, and data privacy. CEOs need to ensure that their use of AI complies with relevant laws and regulations. Non-compliance can result in legal penalties.
  • Data Privacy: If the AI system uses personal or sensitive data to make decisions, CEOs must ensure that the data is handled in compliance with data protection laws (e.g., GDPR in Europe or Law 1581 in Colombia). Mishandling or data breaches can lead to legal liabilities.
  • Transparency and Accountability: Lack of transparency in AI decision-making processes can be a source of liability. CEOs should be able to explain how AI decisions are reached and be accountable for them. If AI is used opaquely, it can lead to legal and regulatory challenges.
  • Security: CEOs are responsible for ensuring the security of the AI systems and data used in decision-making. A data breach or cyberattack can result in legal and financial consequences, especially if it is determined that the CEO did not take adequate measures to protect the AI systems and data.
  • Bias and Discrimination: If AI algorithms used by the CEO’s organization exhibit bias or discrimination, it can lead to legal challenges, especially in cases involving employment decisions, lending, or other areas where discrimination is prohibited by law.
  • Product Liability: If the AI is used in a product or service offered by the corporation, the CEO may be liable for product defects or issues related to AI functionality, particularly if these defects result in harm to consumers.
  • Third-Party Agreements: CEOs need to consider contractual agreements with AI providers. Failure to fulfill contractual obligations or violations of intellectual property rights can result in legal disputes.
  • Shareholder Actions: Shareholders may bring legal actions against CEOs if they believe that decisions made with AI have negatively impacted the company’s performance or shareholder value. This can include claims of mismanagement or breaches of fiduciary duty.

To mitigate these potential sources of liability, CEOs should exercise due diligence in overseeing the use of AI, ensure compliance with relevant laws and regulations, and actively manage ethical and reputational risks associated with AI decision-making. Consulting legal counsel and establishing clear corporate governance and ethical guidelines for AI use can also help reduce liability exposure.


While Generative AI offers numerous opportunities for businesses, CEOs and organizations can make mistakes when implementing or utilizing these technologies. Underestimating the Technology: One of the most common mistakes is underestimating the capabilities and limitations of Generative AI. CEOs may expect too much from the technology, leading to unrealistic expectations and disappointment when it doesn’t perform as anticipated.

  • Lack of Clear Objectives: Implementing Generative AI without a clear understanding of the business objectives it’s meant to address can lead to wasted resources and efforts. It’s important to have a well-defined purpose and strategy for using Generative AI.
  • Insufficient Data Quality: Generative AI relies heavily on data. CEOs may overlook the importance of high-quality, clean, and relevant data, leading to inaccurate or biased outcomes. It is crucial to invest in data quality and governance.
  • Ignoring Ethical Considerations: Failing to address ethical considerations such as bias, fairness, and privacy in AI-generated content can result in public backlash, legal issues, and damage to the organization’s reputation.
  • Not Involving Legal and Compliance Teams: Generative AI can produce content that might infringe on copyright, violate regulations, or raise legal issues. CEOs should involve legal and compliance teams early in the AI deployment process to mitigate these risks.
  • Overlooking Cybersecurity: Generative AI systems can become vulnerable to cyberattacks if not properly secured. CEOs should prioritize cybersecurity measures to protect AI models and data from unauthorized access and breaches.
  • Lack of Human Oversight: Relying too heavily on AI-generated content without human oversight can lead to content that lacks context, coherence, or quality. It’s essential to strike a balance between automation and human involvement.
  • Ignoring User Feedback: Not actively seeking and incorporating user feedback can result in AI-generated content that doesn’t meet customer expectations or needs. Continuous improvement based on user input is critical.
  • Overreliance on AI for Creativity: Generative AI can assist in creative processes, but it should not replace human creativity entirely. CEOs should recognize the value of human creativity and judgment in content creation.
  • Ignoring Employee Concerns: Implementing AI can lead to concerns among employees about job security or the ethical implications of AI. CEOs should address these concerns through transparent communication and training opportunities.
  • Neglecting Scalability and Integration: Failing to plan for the scalability and integration of AI solutions into existing systems can hinder their effectiveness and create technical challenges.
  • Inadequate Testing and Validation: Not thoroughly testing AI models for various scenarios and edge cases can result in unexpected errors or biases. Rigorous testing and validation are essential before deploying AI in production.
  • Overlooking ROI Analysis: Implementing Generative AI without a clear understanding of the return on investment (ROI) can lead to wasted resources. CEOs should assess the cost-benefit analysis before embarking on AI projects.

CEOs need to approach Generative AI with a clear understanding of its capabilities, ethical considerations, and potential risks. By avoiding these common mistakes and adopting a well-informed, strategic approach, organizations can harness the power of Generative AI effectively to achieve their business objectives while mitigating potential pitfalls.


The misuse of artificial intelligence can lead to various problems and challenges, particularly when it comes to establishing evidence of liability. AI systems are often complex and can involve intricate algorithms and neural networks. Understanding and explaining these systems to establish liability can be challenging, especially for non-experts. Many AI systems operate as “black boxes,” meaning their internal workings are not transparent or easily explainable. This lack of transparency can hinder efforts to trace the causes of misuse and attribute liability.

The misuse of AI may involve the unauthorized access or processing of sensitive data. Proving liability might require demonstrating how data was mishandled, which can be complicated by privacy regulations and the difficulty of obtaining evidence related to data breaches. Determining who is responsible for the misuse of AI can be difficult, especially in cases where multiple parties are involved, such as developers, users, or organizations deploying the AI system. AI systems may exhibit unintended behaviors or consequences that were not explicitly programmed. Proving liability in such cases requires establishing a connection between the AI’s actions and the misuse, which can be challenging. Machine learning models, especially those employing reinforcement learning, can adapt and evolve over time. Pinpointing the exact moment or reason for a specific behavior becomes more challenging as the system continuously learns from new data.

The legal and ethical frameworks for AI are still evolving. Establishing liability often requires navigating a complex landscape of laws and regulations that may not have caught up with the rapid advancements in AI technology. Determining whether the misuse was intentional or a result of automated processes can be challenging. Establishing liability may require proving not just the actions taken by the AI but also the intentions behind those actions. If an AI system exhibits biased or discriminatory behavior, proving liability may involve demonstrating the existence of bias, its impact, and the failure of developers or operators to address or mitigate these issues.

Changes in the field of evidence as a consequence of the use of artificial intelligence systems in daily life may warrant reviewing the scope, relevance, use of evidentiary means and interpretation criteria established in the Código General del Proceso y CPACA, among others.


The challenges that decision makers face in companies due to the use of artificial intelligence do not only refer to their practical skills and abilities but to the legal limits.

Although the uses of Artificial Intelligence are still in a very initial stage, it is important that the law begins to define rules that allow its adoption for decision making, risk assessment and management competencies.

Everything indicates that artificial intelligence is not just another tool nor a type of software, but its effects in the corporate sphere can even become a fundamental support in the strategic management function of companies and, therefore, in decision-making. crucial managerial decisions.



External Publications