M&A And Investment Advisory On AI Risk, Compliance, And Governance
AI is one of the biggest value creation opportunities but it also comes with risk. Understand AI-driven risks, and work to mitigate them pre or post-close.
Note: Very few companies are in compliance with all of these regulations, many of which go into effect in 2026
Preparing for Compliance
Emerging Regulatory Requirements Specific To AI
As AI adoption grows, new laws are being introduced to ensure fairness, transparency, and accountability across industries.
Colorado AI Act
EU AI Act
Illinois HB 3773
New York City Local Law 144
Texas Responsible Artificial Intelligence Governance Act
Various California laws and regulations
Legal Risk Awareness
Non‑AI Regulatory Risks in AI‑Driven Organizations
In addition to AI-specific regulation, other issues may substantially affect the value of a potential target.
Data privacy issues
Including compliance with GDPR, HIPAA, and various state privacy laws.
Bias in AI systems
Risks related to ownership, usage rights, and patentability.
Intellectual property protection
Especially “algorithmic bias” in hiring and people operations.
Reputational risk
Public trust impact tied to AI misuse or data handling.
Trusted AI Expertise
Leadership in AI Governance & Diligence
With deep experience in auditing AI systems and advising on regulatory compliance, this expert brings proven leadership in risk, governance, and M&A diligence across global organizations.
ISO 42001 Certified Lead Auditor
Extensive experience auditing AI systems (startup to Global 50)
Deep experience in M&A diligence (sellside and buyside)
John Rood
President, Proceptual
“An international consensus has emerged through a tapestry of regulation:
nearly every company who develops or deploys AI will be required to establish a
robust system of AI governance.”
John Rood
President, Proceptual
What We Do
Key Steps in AI Risk Management
A clear, structured process to assess, reduce, and govern
AI-related risk.
AI-related risk.
Risk Assessment:
What are current and potential post-close liabilities?
Regulatory exposure
Compliance with current and forthcoming regulations.
Risk-based assessment for likely classification and regulatory burden under EU AI Act and Colorado AI Act.
Governance gaps
Examine policies for procurement, deployment, and monitoring.
Review internal control and accountability structure.
Estimate forward-looking compliance costs.
Review data use and privacy policies.
Risks due to intellectual property or privacy violations
Model risk
Evaluate model transparency and explainability (“black boxes”)
Shadow systems – unapproved use of AI tools
Third party tool evaluation
Review procurement process
Summarize current and post-close liability
Risk Mitigation:
Address gaps and reduce risk
AI governance implementation: deploy NIST AI RMF and/or evaluate ISO 42001 certification
Evaluation for additional regulations by jurisdiction, e.g. NYC Local Law 144 Automated Tool audit
Implement model monitoring systems and reporting
Where appropriate, conduct model bias audit
Ongoing Governance Programs:
Support long-term AI accountability
Install software-based go-forward governance system
Create AI risk reporting structure – “what does the board need to know?”
Organization-wide training on AI literacy, compliance, and safety
Evaluation of AI
Past governance, we have extensive experience identifying potential
AI-driven value-creation levers on both revenue and cost sides.
Yes, we do the fun stuff too!
Note: Proceptual, Inc. is not a law firm and does not provide legal advice.
Ready to Take the Next Step?
Contact us to discuss adding AI governance diligence
.