The Irish Government recently published the Regulation of Artificial Intelligence Bill 2026 (the “Bill”). While the EU Artificial Intelligence Act (the “AI Act”), as an EU Regulation, has direct effect in Ireland, national legislation is necessary to provide competent authorities in Ireland with the powers to supervise and enforce the AI Act. It also establishes Oifig IS na hÉireann or the AI Office of Ireland as an independent statutory body which will act as Ireland’s central coordinating authority for the implementation of the AI Act.
This article provides an overview of the key provisions of the Bill, and considers its implications for organisations, particularly providers and deployers of AI systems and models.
Background
The AI Act came into force in August 2024, and takes effect on a phased basis, with the majority of its provisions coming into force on 2 August 2026, subject to certain exceptions. In particular, the rules for high-risk AI systems are expected to be delayed until 2 December 2027 (for standalone high-risk AI systems under Article 6(2) and Annex III of the AI Act) and 2 August 2028 (for AI systems embedded as safety components and covered by EU sectoral legislation under Article 6(1) and Annex I of the AI Act) (as discussed here). The Bill largely reflects the approach set out in the General Scheme of the Regulation of Artificial Intelligence Bill 2026 (the “General Scheme”) which was published in February 2026 (previously discussed here). The Irish Government has indicated its intention to adopt the Bill as soon as possible to ensure that the AI regulatory framework is fully operational in Ireland.
Overview of the Bill
The Bill is designed to facilitate national supervision and enforcement of the obligations placed on regulated entities by the AI Act. Key features of the Bill include:
- establishment of a national AI Office of Ireland;
- introduction of a distributed model for AI oversight;
- provisions for the cooperation and sharing of information by competent authorities;
- procedures for adjudication and the imposition of administrative sanctions; and
- a framework for the establishment of AI regulatory sandboxes by the AI Office of Ireland and real world testing of high-risk AI systems.
Establishment of the AI Office of Ireland
A key aspect of the Bill is that it will establish the AI Office of Ireland (the “AI Office”) as a central co-ordinating authority. This body, once established, will be responsible for the general oversight of AI regulation in Ireland in line with the AI Act. The Government has indicated that it intends for the AI Office to be established by 2 August 2026 at the latest.
The AI Office will be overseen by seven-member board and Chief Executive Officer appointed by the Minister for Enterprise, Tourism and Employment (the “Minister”).
Key functions
The AI Office will act as the single contact point for engagement with the European Commission, EU AI Office, EU bodies and agencies and other Member States in accordance with Article 70(2) of the AI Act, ensuring a centralised interface for coordination purposes. It will also act as a central coordinating authority for the other market surveillance authorities (“MSAs”) discussed below.
The key functions of the AI Office are set to include, but will not be limited, to:
- coordinate with the various national competent authorities to ensure consistent supervision;
- facilitate co-operation and information sharing between relevant national competent authorities and support joint investigations and enforcement activities;
- promote and foster AI literacy and innovation;
- enhance public awareness in relation to the use of AI and the rights and obligations under the AI Act;
- facilitate access by national competent authorities to technical, legal and regulatory expertise in the field of AI; and
- provide advice to the Minister on any matter related to its functions.
The Minister will be empowered to confer additional functions on the AI Office through secondary legislation. This ensures that the AI Office can adapt to evolving regulatory demands and technological developments. The functions of the AI Office, as set out in the Bill, do not currently extend to it acting as an MSA. However, the Minister has stated that the AI Office will be designated as an MSA at a later date (and prior to 2 August 2026) by way of secondary legislation.
Maintenance of AI Register
In addition to these broad functions, the Bill requires the AI Office to establish and maintain a new national AI Register. This will support transparency and coordination in the supervision of AI. The AI Register will record:
- all incidences of prohibited AI practices under Article 5 of the AI Act;
- all serious incidents of high-risk AI system in Ireland reported under Article 73 of the AI Act;
- details of high-risk AI systems intended to be used as safety components in the management and operation of critical digital infrastructure, road traffic, or in the supply of water, gas, heating or electricity in accordance with Article 49(5) of the AI Act; and
- any other AI-related incidents or notifications that are required to be reported under the AI Act.
AI Office strategy statement
As part of the AI Office’s role in shaping Ireland’s AI strategy, the AI Office will as soon as practicable after its establishment, and not later than 6 months before each third anniversary of the day on which it is established, prepare and submit to the Minister a strategy statement for the following three years. The strategy statement will address the key objectives and priorities of the AI Office, as well as its use resources. The AI Office will also submit annual reports on the performance of its functions to the Minister, which will ultimately be published on the AI Office’s website.
Distributed model for AI oversight
The Bill also provides a statutory framework for the distributed model of AI oversight in Ireland. A number of national bodies were previously designated by the Irish Government as MSAs and notifying authorities (collectively “Competent Authorities”) via Statutory Instrument No. 366/2025 (previously discussed here).
The distributed model of AI oversight established by the Bill and the statutory instrument allows existing sectoral authorities to oversee the regulation of AI within their own domains, with the AI Office playing an important role in ensuring consistent and uniform supervision and enforcement across all sectors. It expands the regulatory framework to include authorities responsible for protecting fundamental rights, ensuring their integration into the supervision of high-risk AI systems.
The Competent Authorities include, for example:
- the Data Protection Commission which has been tasked with supervising the protection of fundamental rights relating to personal data;
- the Central Bank of Ireland which will oversee regulated entities providing financial services; and
- Coimisiún na Meán which will oversee the regulation of AI in audiovisual media services.
Powers of Access
The Bill provides MSAs with the power to seek access from providers of AI systems to documentation, as well as to training, validation and testing data sets. In addition, MSAs may make a reasoned request seeking access to the source code of a high-risk AI system. The source code of the high-risk AI system may only be requested in certain conditions in accordance with Article 74(13) of the AI Act, including where other means of verifying conformity of high-risk AI systems with the requirements set out in the AI Act have been insufficient. This highlights the need for providers of AI systems to ensure all proper technical documentation is maintained. It is imperative that organisations grant access to requested documents as refusing to do so constitutes an offence, which may result in a fine, imprisonment, or both on summary conviction.
Complaints concerning AI Act infringements
The Bill enables a person to make a complaint to an MSA or the AI Office alleging a breach of the AI Act. The AI Office or MSA must carry out an initial assessment and may transmit, dismiss or otherwise act on the complaint, including referring it to the EU AI Office where appropriate. Frivolous, vexatious or trivial complaints may be dismissed, or no further action may be taken. Complaints may also be transferred to another MSA where necessary.
Interestingly, the funding mechanism for the various Competent Authorities by way of levy on the entities which they regulate which was included in Part 7 of the General Scheme is not included in the Bill, as initiated. This means that Competent Authorities may need to rely on existing funding to fulfil their supervisory role under the Bill. The Government’s intention for the Competent Authorities to be funded through their existing budgetary arrangements was confirmed by the Minister when presenting the Bill to Seanad Éireann.
Co-operation agreement of Competent Authorities
The Bill permits Competent Authorities to enter into formal cooperation agreements with each other and specified bodies. It facilitates information sharing, coordinated enforcement and allocation of responsibilities, while requiring transparency through notification to Ministers and publication of agreements.
Supervision and enforcement
Part 5 of the Bill grants MSAs with extensive enforcement and supervisory powers. The Bill provides that MSAs may appoint authorised officers to enforce the Bill and the AI Act. In particular, the Bill provides authorised officers with the following powers:
- investigative powers including entry, inspection, seizure, and access to data systems (as well as safeguards such as warrants and offences for obstruction or non-compliance);
- issuing contravention notices where they reasonably suspect a breach of the AI Act;
- issuing of prohibition notices where there is a suspected breach of Article 5 of the AI Act or a risk to health, safety, fundamental rights, or public interests;
- seizure and disposal of unsafe AI products;
- applying to the District Court for a forfeiture order where a relevant AI product endangers health or safety; and
- issuing of notices requiring removal of content referring to an AI product where there are no other ways to eliminate a serious risk. This may include removal of online content or restricting access through information society service providers.
As well as the enforcement powers listed above, there is an adjudication process provided for in the Bill which may lead to administrative fines being imposed on those in breach of the AI Act (discussed further below).
Adjudication procedure and administrative sanctions
Part 6 of the Bill provides for a general administrative sanctions regime to be utilised by applicable MSAs. It also contains specific provisions relating to the Central Bank of Ireland and the Competition and Consumer Protection Commission, allowing those authorities to apply their existing administrative sanctions procedures when fulfilling their roles under the Bill.
Procedure preliminary to referral for adjudication
Prior to a referral for adjudication, a notice of suspected non-compliance with the AI Act will be issued by an authorised officer informing the person of the suspected infringement. The Bill details procedural safeguards, requiring disclosure of the grounds on which the infringement is suspected and supporting material, while also affording the notified person a clear opportunity to make submissions.
The authorised officer may serve a supplemental notice addressing any additional information or material which have come to light. Where the authorised officer has served a notice of suspected non-compliance, and no longer suspects the person is infringing the AI Act, they shall inform the person of this fact by notice. The applicable MSA may also publish the notice of suspected non-compliance on a website they maintain subject to exclusions and redactions as necessary.
Referral to adjudication
Following this notice, the authorised officer may, with the consent of the applicable competent authority, refer the matter for adjudication having considered any submissions made by the notified party. Relevant materials will be shared with the adjudicator including a description as to the facts, details of the suspected infringement, copies of any notices issued, a summary of submissions made by the notified party, and any other relevant material. An oral hearing may be held only where it is necessary to resolve the issue, in line with procedures set out in Schedule 1 of the Bill. These hearings may involve witness evidence. The hearing may be held otherwise than in public where there are special circumstances requiring this.
An independent adjudicator will be assigned by the AI Office using the method outlined in Schedule 2 of the Bill. A register of authorised adjudicators will also be maintained by the AI Office, and they will be selected based on numerical order except where an adjudicator is already assigned in relation to another matter, or is unable otherwise to carry out the role for a given matter. The Bill provides the AI Office with discretion to make rules on the conduct of adjudication proceedings. Each party is required to bear their own costs for these adjudication proceedings, with no mechanism for an adjudicator to award costs.
Findings of the adjudicator
At the end of the proceedings, the adjudicator will make a finding on the balance of probabilities considering all materials available to them. The finding shall involve a written record of:
- the reasons for the finding;
- a summary of any matter relevant to the finding;
- information regarding potential appeals;
- the nature of the infringement; and
- any other relevant material.
In circumstances where the adjudicator finds a breach of the AI Act, this will include a finding as to the amount of the administrative fine that should be imposed and the date by which it must be paid.
Following the finding of a breach of the AI Act, the applicable MSA may adopt or refuse to adopt the finding in question. Following the adoption of a finding, it may be published on the MSA’s website subject to such exclusions or redactions as appropriate.
Administrative fines
The administrative fines that may be imposed are prescribed by the AI Act itself. The administrative fines are as follows:
- for non-compliance with prohibited AI practices under Article 5, fines of up to €35 million, or 7% of the business’ total worldwide annual turnover for the preceding year, whichever is higher;
- for non-compliance with any provisions related to operators or notified bodies (other than those laid down in Article 5 of the AI Act), fines of up to €15 million, or 3% of the business’ total worldwide annual turnover for the preceding year, whichever is higher;
- for providing incorrect, incomplete or misleading information to notified bodies or national competent authorities in reply to a request, fines of up to €7.5 million, or 1% of the business’ total worldwide annual turnover for the preceding year, whichever is higher; and
- in cases of public-sector bodies, fines of up to €1 million.
Before determining the amount of the administrative fine, the adjudicator shall invite the MSA and the adjudication subject to make submissions on the amount of the fine within a specified period and will have regard to any submissions validly received.
Appeals
All decisions of adjudicators may be appealed to the High Court within 28 days of receipt of notice of the decision, with the potential for a further appeal of the High Court’s decision to the Court of Appeal where the decision involves a point of law of exceptional public importance.
Where an adjudicator’s decision is not appealed within the statutory timeframe, the MSA must apply to High Court to confirm the decision, thereby providing a level of judicial oversight to the adjudication process. The High Court will confirm the adjudicator’s findings, unless the adjudication contains a fundamental error of law, or the administrative fine is manifestly disproportionate, in excess of the fine required to be dissuasive, or in excess of the fine required to be effective.
Regulatory sandbox and real world testing
Aside from the market supervision regime established by the Bill, there are also provisions designed to support the safe development and deployment of AI systems within Ireland. A mechanism is included in the Bill for the establishment of one or more national AI regulatory sandboxes by the AI Office. The national AI sandbox(es) are designed to encourage innovation by providing businesses, especially SMEs and start-ups, with a controlled environment to test innovative AI systems under regulatory supervision before full market deployment.
The Bill also provides that personal data lawfully collected for other purposes may be processed within a sandbox environment solely for the purpose of developing, training and testing AI systems in accordance with Article 59 of the AI Act. Where the sandbox involves the processing of personal data, or otherwise falls within the supervisory remit of the Data Protection Commission (“DPC”), the AI Office must ensure, in accordance with Article 57(10) of the AI Act, that the Data Protection Commission is involved in the supervision of the sandbox.
Moreover, the Bill provides for applications to be made to the relevant MSA to conduct testing of high-risk AI systems in real world conditions outside AI regulatory sandboxes, in accordance with Article 60 of the AI Act. This should assist organisations developing AI systems to gather vital testing data in a safe manner.
Looking forward
Although the Bill was just published by the Irish Government on 17 June 2026, it swiftly completed the five stages before Dáil Éireann on 30 June 2026, and the second stage before Seanad Éireann on 1 July 2026. It is currently at the Committee Stage before Seanad Éireann. The Bill may therefore be subject to further change prior to being signed into law by the President of Ireland. When presenting the Bill to Seanad Éireann, the Minister noted that any amendments to the Bill, which are required following the formal adoption of the AI Digital Omnibus Regulation, can be addressed in a second piece of primary legislation in the Autumn of 2026.
Once the Bill is enacted and the AI Office is established and operational, Irish organisations, as well as any other companies with European headquarters situated in Ireland should anticipate engagement with both the AI Office, and the other Competent Authorities responsible for regulation of AI systems.
Contact us
If you have any questions on anything contained in this article or on the AI Act, please contact any member of our Technology and Innovation Group or your usual Matheson contact.
