Governing with Artificial Intelligence

AI has the potential to contribute to significant improvements in regulatory design and delivery. It can allow governments to tailor regulatory strategies for better economic, societal and environmental outcomes, while effectively addressing relevant challenges and concerns such as accountability, transparency and regulatory burdens. To achieve this, governments need to move away from the traditional “regulate-and-forget” approach of regulatory policymaking and adopt an “adapt-and-learn” approach (OECD, 2024[24]).1 Digital technologies, including AI, play a pivotal role in this shift, not only by extending the regulatory toolbox but also by enabling more innovative, effective and efficient rule making through data-driven design, decision-making and enforcement (OECD, 2021[25]).

With regards to improving regulatory design, AI offers policymakers a number of significant opportunities. Regulatory systems can be complex, with thousands of pieces of legislation across numerous line ministries and agencies. AI can help navigate an existing stock of regulations and can analyse vast and complex datasets to identify gaps, overlaps and patterns in regulatory frameworks. This can enable more informed and targeted design decisions to improve outcomes. AI can also automate routine tasks, which can create efficiencies by streamlining process such as policy analysis, regulatory impact assessment (RIA), and legal drafting. It can strengthen stakeholder engagement by facilitating simplified regulatory understandings and analysing public consultations. AI can also enable anticipatory analysis and experimentation that can inform risk management, improving the design of future-ready regulatory frameworks.

Regarding regulatory delivery, AI can help improve the performance of delivery agencies. They can, for instance, use AI algorithms to optimise inspection resources, improve safety and reduce regulatory burdens for businesses. Regulators have been using AI to improve the activities and processes of these institutions to better protect public interests and resource efficiency (OECD, 2021[25]). Specific approaches include:

• Enhancing risk-based approaches with data analysis that help increase the accuracy and parameters of risk assessments to improve how inspections are targeted;

• Improving efforts to monitor and detect non-compliance, such as on social media platforms, which enhances oversight efficiency of regulatory agencies; and,

• Enhancing the diverse activities of economic regulators to better understand and oversee their sectors and markets.

AI systems that use NLP, such as LLMs, offer significant opportunities for simplifying and enhancing the written aspects of regulatory governance. Governments can use such systems to generate drafts from templates and existing regulation, ensuring that standards are met while saving time and resources. In the United States (US), for example, the state legislature of California became the first in the country to use AI to draft a resolution in 2023 (Tribune News Service, 2023[26]). This was closely followed by Costa Rica, which used ChatGPT drafts law to regulate AI (Guio and Müller-Daubermann, 2024[27]). AI can also be used to cross-reference new drafts with current laws, identifying conflicts and reducing human errors, leading to simpler, more consistent and accessible regulations (Box 5.12).

Ex ante regulatory impact assessment (RIA) and ex-post evaluation are foundational elements of sound regulatory governance. They should not be seen as discrete requirements to be conducted successively, but rather as mutually complementary tools embedded in the policy cycle to inform the appropriate adaptation of regulatory (or alternative) approaches (OECD, 2024[24]; 2021[28]).

Regulators can use AI to enhance each of these elements, using AI to improve the speed and accuracy of assessment, while minimising the burden of such activities. This can allow for more frequent assessment of regulation to help create adaptive and future-fit regulations that remain relevant and effective in a rapidly changing environment. This use of AI may be especially necessary for ensuring appropriate governance of AI. AI experts note as a top risk that governance mechanisms and institutions are unable to keep up with the rapid pace of technological developments (OECD, 2024[29]).

As an initial step, AI can help estimate the burdens of potential new regulations and other policies, which can have a bearing on how easily companies can accommodate regulatory changes and how likely they are to comply. This naturally affects the success of any regulatory measure. It is also an important consideration for regulators comparing different governance approaches and their associated cost-benefit trade-offs for more efficient and economically sound policymaking (Box 5.13).

AI can also enhance policy assessment and support more informed, iterative decision-making by enabling sophisticated policy experimentation and evaluation. Through simulation of regulatory scenarios of the future, AI allows policymakers to model and predict the potential impacts of different regulatory choices (OECD, 2025[31]). This helps with regulatory impact assessments, as it supports decision-makers understand the consequences of proposed regulations on different sectors and stakeholders. It can help pre-emptively forecast the effectiveness of potential policies by uncovering patterns that may not be immediately apparent through traditional analysis methods.

For example, the University of Dublin led the development of the Innovation Policy Simulation for the Smart Economy (IPSE), a tool that simulates the effect of policy instruments based on regional profiles and sector information. The aim is to better understand the potential drivers of innovation and their impact before policy instruments are rolled out (Nesta, 2024[32]). Similarly, PolicyEngine is a tool that uses digital-ready legislation to inform policy changes and model changes to see how changes would affect governments and citizens. Users can select their country (Canada, United Kingdom, United States and Nigeria are currently available), relevant policy area and policy parameters that are to be changed, and calculate the economic and budgetary impact to see how the changes affect government income, for example. PolicyEngine has been integrating ChatGPT into its system to provide further analysis and explainability to users (Martin, 2023[33]).

While governments are slowly improving their stakeholder engagement activities for regulatory governance, most OECD countries have significant scope to improve these efforts (OECD, 2023[34]). AI can improve the process efficiency and effectiveness in engaging stakeholders when designing policy. It can do so by using advanced analytics and intelligent user interfaces, contributing to a more inclusive regulatory design process, improving governments responsiveness, and enhancing transparency and trust in government. A growing number of AI chatbots are facilitating public consultations on new or revised regulations by interacting with many stakeholders simultaneously, and synthesising data for governments to further adjust their regulatory proposals. Chatbots can also respond instantly to stakeholder queries, guide them through the consultation process, and simplify complex legislative text to enhance the public's understanding. This makes the process of regulatory consultation more accessible to stakeholders and lowers burdens for regulators when it comes to participatory policy design. The “AI in civic participation and open government” section of this chapter further analyses how AI is being used for stakeholder engagement and public participation.

Economic regulators handle diverse functions where AI can be applied, including tariff-setting, authorising activities, handling complaints, mediating disputes, monitoring markets, and conducting inspections and enforcement activities. Beyond core regulatory functions, economic regulators carry out many activities to be effective at their work, such as research to better understand the sectors and markets they oversee.

While some efforts are underway, regulators are in the early stages of using AI, with few exploring or piloting its use.2 According to a survey by the Body of European Regulators for Electronic Communications (BEREC), “the adoption of AI by the National Regulatory Agencies is still at its infancy” and very few regulators have “undertaken or are planning to conduct studies to explore ways how AI can be adopted” (BEREC, 2023[35]). Nonetheless, the current and potential uses of AI in regulatory approaches reflect a broader trend towards increased use of data and digital technologies. OECD (OECD, 2025[31]; 2020[36]) analysis shows that digital tools help regulators by enabling better data use and informed decision-making. Facing pressure to do more with less, regulators are increasingly turning to AI to make processes more efficient and effective.

Recent discussions among the OECD Network of Economic Regulators (NER)3 and examples in recent literature reveal that AI is already used in inspections, market monitoring and consumer-facing areas like complaints handling or responding to consumer queries. For example:4

• EU e-communications regulators are using AI for radio channel modelling and optimising spectrum sharing, detecting illegal or prohibited content online, conducting customer relations management such as complaint classification, and measuring people’s online experiences and platform behaviours at scale. This can be coupled with monitoring the market to ensure that products for sale online comply with product safety rules (Box 5.14) (BEREC, 2023[35]; Faculty, 2021[37]).

• Austria’s energy regulator (E-control) is developing an AI application to help consumers understand their energy bills and a chatbot to respond to consumer queries.

• Peru’s water regulator (Sunass) (2024[38]) is applying AI in the development of inspection reports. The application automates the generation of reports based on variables recorded by inspectors in tables, significantly simplifying the process and reducing the time spent on report writing. The reports are validated by the specialists to ensure their accuracy. Sunass has also developed a tool that uses geospatial analysis and a classification algorithm to calculate the investment needs and gaps in Peru’s water sector.

• The Israeli Capital Market Authority has begun developing an AI-powered tool that aggregates information from websites on insurance and savings. The project integrates advanced financial models, ML and NLP to enable earlier and more accurate identification of risks, anomalies and suspected cases of fraud in the capital markets. Additionally, it provides tools to increase transparency for the general public and investors. The system — currently at the proof-of-concept stage — offers visual tools for training models, monitoring performance, decision-making and generating actionable insights for Authority employees.5

• Brazil’s National Agency for Land Transportation (ANTT) uses AI in its supervision of transport infrastructure to support an effective delivery of its mandate as an economic regulator in the sector. The Road Information System combines data on aspects including accidents, roadside assistance, possible offenders, toll gates, speed cameras and traffic sensors on 26 concessionaires. The system records 15 000 entries per second with real-time data and combines AI tools with a human interface with a team on a 24/7 basis. The information allows the ANTT to supervise activities in the road transport sector more effectively and supports data-driven regulatory decision-making by the ANTT and other public actors.

Effective regulatory delivery depends on an accurate understanding of risks. Public authorities should base their inspection and enforcement activities on risk criteria. Therefore, it is critical to monitor how risks evolve in real life, enable adaptive responses to possible changes and regularly update risk criteria.

ML techniques can calculate the accuracy of risks assessments and refine parameters (Box 5.15). Recent ML applications are promising in identifying key risk predictors, considerably improving the effectiveness of risk-based targeting (OECD, 2021[28]). As ML algorithms evolve with new data, they need to be updated regularly to remain reliable (Cary Coglianese, 2024[39]). While these tools have considerable potential, regulators need to use discretion when using AI applications to predict compliance to ensure accuracy and avoid biases.

Regulators can use AI to improve risk modelling to better target inspections. Through a risk-based approach, regulators direct their resources towards activities that pose a threat to public goods and, more broadly, to the achievement of desired objectives. Improving inspection efficiency and regulatory enforcement depends on a precise understanding of risks to the public interest (OECD, 2014[41]). Establishing and evaluating risk criteria is necessary to gauge the level of risk posed by private operators and to target enforcement efforts. This better protects the public good, ensuring the efficient use of resources and fostering a trust-based relationship with businesses (OECD, 2018[42]; Blanc, 2018[43]). See Box 5.16 for an example of this approach.

AI-enabled risk modelling can also be enhanced through data gathered from social media. Historical inspection results and databases already serve to better target future inspections and preventive strategies. Regulatory delivery authorities have also started to acquire and use data available on social media platforms to identify potential non-compliances. Whereas traditional sources of information rely on authorities and inspectors, social media allow direct access to citizens exposed to risks. This helps further inform risk-based approaches and ensure decisions are result-oriented.

Inspections should be guided by risk assessment, and public complaints often highlight emerging risks. Better inspections begin with informed and cohesive decisions. Complaints need to be used to improve risk-based inspection planning, and should, only in a few cases, lead to impromptu inspections. A risk-based complaint management system is therefore essential to ensure the right balance between proactive inspections — which occur after careful risk-based planning — and reactive inspections — which are unplanned and occur ad hoc in response to complaints deemed serious.

Official complaints are frequently lodged through dedicated apps. However, the public might be reluctant to use these initiatives or simply ignore that this can help track health and safety issues. Regulatory authorities could therefore use social media platforms and ML techniques to support risk analysis and gain broader and timelier insights than through traditional methods (OECD, 2021[28]). The OECD supported an initiative in Italy’s Lazio region to test complaints on social media as a source of the CMS inspired by international initiatives (Box 5.17).

Smarter compliance monitoring and targeting of non-compliance situations should be underpinned by accurate data repository. When inspectors are challenged by the increase of potentially suspect data, ML solutions can help identify non-reliable data and spot non-compliance.

Innovative tools streamline data submission, detect anomalies and analyse compliance pattens (Box 5.18), that enhance oversight efficiency for regulatory delivery authorities.

• Inadequate or skewed data in AI systems

• Lack of transparency and explainability

If AI systems rely upon inadequate or skewed data, it could lead to inaccurate or adverse outcomes for some individuals or groups. With regard to PFM, this could result in, for example, adverse regulatory outcomes where some individuals or groups are improperly targeted for enforcement action.

Advanced AI systems often make decisions within a black box, often without even the system operators understanding how it arrived at the decision (Valderrama, Hermosilla and Garrido, 2023[44]; OECD, 2024[29]). This risk of limited explainability, necessitates human oversight and evaluation of the AI system and its outputs to ensure transparent and accountable regulatory decision-making. If AI is used for regulatory design or delivery — such as drafting texts, conducting assessments and engaging with stakeholders — careful attention should be given to: the inputs and outputs of such an application; the quality of data used; the accuracy and reliability of AI outputs; the explainability of such outputs; transparency of AI's use in decision-making; and accountability for the associated impacts on regulatory design and delivery.

This risk can make it difficult to promote accountability and build trust in governments’ ability to use AI to improve rulemaking. Government AI systems should generally be answerable and auditable, which helps to reinforce the OECD AI principle on accountability. As practicable and appropriate, governments should prioritise making AI systems open and transparent to foster public trust and enable external scrutiny and validation.​ This can include making data public, open-sourcing algorithms and ensuring transparent decision-making processes to boost confidence in AI-assisted decisions. Additionally, clear structures need to be in place to ensure appropriate accountability and oversight mechanisms — considering who is responsible for each element of the AI system’s output and who is accountable to the quality or review of outputs across the AI initiative.

• Inflexible or outdated legal and regulatory environments

• Lack of high-quality data and the ability to share it

• Skills gaps

While AI offers many opportunities for adaptive regulatory governance, frequent changes to regulatory design can disrupt both business and the public. Adjustments based on continuous data analysis may lead to a volatile regulatory environment, making it difficult for businesses to plan long-term strategies and for the public to stay informed about current laws. Further, policymakers and regulators can face challenges in data access, collection and processing — which limits the extent to which AI systems will conduct reliable analysis and valid recommendations. For example, Australia has a Data Availability and Transparency Act that provides a legal basis for sharing of Australian Government data. However, in many instances data-sharing is stifled by a lack of protocols or incompatible systems (Productivity Committee, 2024[45]). Improving data management capabilities is foundational to any use of AI that is assessing and informing the evidence-base for regulatory design or delivery.

As AI in regulatory governance still requires human intervention, a lack of expertise can lead to poor outcomes and misuse of AI. Data collected by the OECD through discussion with its members shows that regulators struggle to match the expertise of technology companies due to the high cost and scarcity of digital skills. To bridge this gap and enhance regulatory effectiveness, governments need to invest in building digital skills and promote collaboration with the technology sector, including through partnerships and public procurement to acquire skills and capacities if they are not already present.

AI in the design and delivery of regulatory governance is still in its early stages compared to commercial applications. However, there is greater scope for AI to be used in regulatory policy—with a number of key themes emerging from case studies that governments can consider—to advance AI maturity in regulatory design and delivery. With regards to regulatory design:

• AI can be further leveraged for the design of regulations, with the extent of its potential application currently under invested. While AI is already being used by governments, many of these applications focus on operational decision-making, compliance measures, general internal processes and delivery of public services or products. Yet these AI applications can be easily adapted to regulatory design. For example, chatbots used in public service delivery or application and grant reviews can be repurposed to gather stakeholder feedback and analyse legislation for regulatory review. AI used for service delivery and tracking market activities can also be used to continuously monitor the impacts of existing regulations, providing real-time feedback and allowing for timely adjustments by regulators.

• Making legislations more digital ready allows broader AI application throughout the policy cycle. AI can be used to simplify legislation, make language tech-neutral and improve design for automated case processing. If legislation can be partially, or fully administered digitally, then AI can be used to support delivery, compliance and ex-post review as well as generating data to better inform regulatory policy design and experimentation.

• Using AI to anticipate future scenarios and risks for more informed regulatory design. AI can offer valuable forecasting insights, offering governments an ability to see emerging trends and shifts in various industries to proactively plan regulatory responses. For example, AI can forecast how technologies or technological applications grow in the healthcare industry, allowing regulators to test existing frameworks or develop new ones to ensure safety and efficacy before widespread adoption. This can help increase trust in government, as governments take a proactive, rather than reactive, role in citizen protections (OECD, 2024[46]).

As for other policy areas to advance the use of AI for regulatory design, governments need to address legal and governance uncertainties. Many governments may not have the appropriate legal structures and frameworks in place to confidently deploy AI for regulatory governance. This may be due to, for example, ambiguities in legal text about compliance and accountability, which require legal judgement. While countries are taking steps to clarify AI use in government, more mature guidance is needed on the use of AI in regulatory design. Stronger AI governance is crucial, not just for regulatory systems but all government applications to ensure responsible and trusted AI deployment.

Public authorities also need to adapt regulatory delivery mechanisms to provide good protection to public goods and citizens effectively in the context of globalisation and technology, harnessing these changes to achieve better results. Steps forward include ensuring that regulators have the necessary mandates, powers, functions and accountability mechanisms to use AI; and providing access to high-quality, accurate and secure data to protect against cyber threats. Three main areas of attention lie ahead when deploying AI for regulatory delivery:

• Empowering regulators with appropriate data collection powers. To effectively gather and make sense of data from a variety of sources, regulators need sound legislation. Regulating data-driven markets requires an appropriate toolbox, so that regulators can request and receive sufficient information in real time and in relevant shape (OECD, 2020[36]). As AI applications often rely on mass data collection, regulators should be legally empowered to collect, process and publish data when appropriate, while upholding principles of privacy and data protection, and ensuring that legal and institutional conditions support data access and sharing in ways that advance the public interest (OECD, 2021[47]). Regulators need to collaborate with national governments and parliaments to ensure the appropriate legal framework that defines their remit and powers.

• Enhancing regulators’ skills and knowledge on AI. To unlock the potential of ML techniques and big data analytics, regulators need to boost their AI expertise by recruiting data scientists and cyber risk experts. Attracting and retaining data talent amidst private sector competition is a challenge for regulators and the broader public administration. Further, there should be investment in capacity building for every policymaker and regulatory to boost policymakers’ confidence in AI applications. These efforts are at both the national level and international level. For example, new fora for international exchange and co-operation can be developed for officials to share their knowledge and experience — such as the International Network for Digital Regulation Co-operation (INDRC) established to foster discussion between regulators (DRCF, 2023[48]).

• Ensuring robust data governance and strategies to underpin AI use. The digital transition offers benefits but also poses new challenges for data governance (see Chapter 4, section on “Creating a strong data foundation”, for a detailed discussion on managing, collecting, providing and using data for AI). Robust strategies are essential to mitigate potential risks. Developing a data strategy is a holistic way to address data governance. A poll among members of the OECD Network of Economic Regulators (NER) in 2024 found that 55% of respondents were in the process of developing a data strategy, while 29% already had one in operation.6 These findings highlight the necessity of robust governance and data strategies to support an effective use of data and AI.