AI governance regulations: what companies say vs what they do

AI governance regulations are legal frameworks, policy standards, and institutional rules that determine how AI systems can be developed, deployed, and audited. The EU AI Act is the most comprehensive binding framework to date. BrokenCtrl documents how companies respond — and fail to respond — to these requirements in practice.

An ethical AI review assesses an AI tool across documented dimensions: transparency, privacy practices, safety controls, data governance, corporate conduct, and real-world harm evidence. BrokenCtrl scores every tool on these six dimensions using publicly verifiable sources, not marketing claims.

Every claim is labelled Verified (confirmed by primary sources), Probable (supported by credible reporting), or Unverified (contested or unconfirmed). This three-tier system is applied to all case studies and reviews. Read the full methodology →

Yes — and we label it. Every piece of content carries one of three authorship labels: HGC (Human Written), HAC (Human + AI Collaboration), or AGC (AI Generated, Human Reviewed). An ethics publication that hides its own AI use would contradict everything it covers. See the full authorship policy →

Practitioners in risk, compliance, governance, journalism, and policy who need sourced, documented analysis of AI conduct — not commentary. Also useful for anyone evaluating AI tools for organisational use who needs an honest assessment beyond vendor marketing.