US Companies Report 72% AI Risk Disclosures, Up from 12% in 2023 Amid Regulatory Scrutiny

In a significant shift, artificial intelligence (AI), once celebrated predominantly as a catalyst for growth, has emerged as a serious risk factor for major U.S. companies. Recent analysis of annual SEC Form 10-K filings from S&P 500 companies reveals that a staggering 72 percent now acknowledge at least one AI-related risk, a sharp increase from just 12 percent in 2023. This trend underscores how deeply AI is being integrated into various business operations, including customer service, predictive analytics, and product development.

The growing reliance on AI technology comes with its share of risks, notably in the realms of reputation, cybersecurity, and regulatory compliance. Reputational threats have surfaced as the most frequently cited concerns. Companies express worries that failures in AI systems, such as biased or erroneous outputs, might undermine consumer trust. If businesses overpromise results or deliver subpar AI experiences, they could face long-term damage to their brand and competitive standing.

Alongside reputational risks, cybersecurity has become a pressing concern. Organizations are increasingly aware that AI not only complicates their technological landscape but also broadens the attack surface for cybercriminals. The technology could be manipulated to automate attacks, conduct sophisticated impersonations, or escalate disinformation campaigns, necessitating robust oversight and security measures.

Regulatory Challenges and Evolving Legal Exposure

In addition to reputational and cybersecurity issues, companies are grappling with evolving regulatory and legal challenges related to AI. As governments worldwide establish guidelines surrounding AI deployment, data privacy, and algorithmic accountability, firms face uncertainty. Legal liabilities may arise from intellectual property disputes, including copyright claims and challenges concerning the data used to train AI models. This dynamic regulatory landscape complicates corporate governance and risk management, as businesses must prepare for compliance across diverse jurisdictions.

Ferris State University Achieves NSA CAE Accreditation for Secure AI Program

Beyond these primary concerns, companies are increasingly identifying additional AI-related risks. These include environmental impacts linked to large AI models, potential workforce disruptions from automation, and liability issues associated with autonomous or decision-making systems. The expansive nature of these risks signifies that AI is no longer a niche concern but a critical strategic issue affecting multiple facets of corporate operations.

Despite the rise in AI risk disclosures, analysts note that many reports remain vague, often mentioning AI-related risks without detailing the measures taken to mitigate or monitor these hazards. This lack of specificity can hinder investors and stakeholders from accurately assessing a firm’s preparedness and resilience in the face of potential AI failures.

Integration of AI into Corporate Governance

The heightened focus on AI risks marks a transformative moment in corporate governance. Boards and executives are increasingly expected to incorporate AI into their enterprise risk frameworks, applying the same rigor traditionally reserved for finance, operations, and compliance. Investors are gaining insight into how companies view AI—not merely as a growth opportunity but as a source of operational, reputational, and regulatory challenges. As global regulatory frameworks, including the European Union’s AI Act, develop, companies are likely to encounter more stringent compliance obligations, which will further elevate the importance of effective risk management and transparent disclosure.

Addressing AI risks will require more than just disclosure for many companies. Implementing operational safeguards such as bias testing, red teaming, post-deployment monitoring, and diligent oversight of vendors and third-party AI providers is becoming essential. Organizations that neglect these measures may face not only regulatory scrutiny but also reputational harm and operational disruptions that could materially affect their financial health.

The surge in AI risk reporting signifies a critical turning point for corporate America. What was once merely a tool for innovation has now become a strategic governance issue with implications for investors, regulators, and the public. Companies that can effectively identify, manage, and communicate AI risks will be better positioned to maintain trust, minimize harm, and ensure long-term resilience in an increasingly AI-driven economy.