Corporate Governance 2026

NETHERLANDS Law and Practice Contributed by: Manon Cremers, Heleen Kersten and Frédérique van der Wegen, Stibbe

Dutch government published a draft AI Act Implemen - tation Act for consultation, opting for a hybrid super - visory model under which existing Dutch regulators supervise AI within their respective domains. The key AI governance developments for 2025 are the practical start of the first phases of the AI Act, the European Commission’s February 2025 guidance on prohibited practices and the August 2025 application of governance rules for general-purpose AI models. A key Dutch development for 2026 is the proposed national supervisory framework, with ten market sur - veillance authorities and coordination by the Dutch Data Protection Authority and Dutch Authority for Digi - tal Infrastructure. Responsibility in practice is spread across several functions. The management board typically owns AI strategy and deployment decisions; legal, privacy, compliance and risk teams assess regu - latory and conduct risks; IT and security address resil - ience and cyber issues; and internal audit or control functions provide assurance. In larger organisations, the audit or risk committee often plays the principal oversight role, even without a dedicated technology or AI committee. 8.3 Liability Exposures Arising From AI Use The main liability exposures for boards and officers arising from AI use in the Netherlands do not stem from a single AI-specific directors’ liability rule. Instead, they arise through existing frameworks, including dis - closure failures, inadequate risk management, privacy and data protection breaches, discriminatory or unfair outcomes, consumer law violations, misuse of intel - lectual property, cybersecurity failures, product or ser - vice defects and misleading market communications. For directors, the core question is whether they have exercised adequate oversight over the company’s use of AI in light of the company’s business, risk profile and applicable regulation. Where AI use is material, boards should be able to show that they identified

the relevant risks, assigned internal ownership, imple - mented appropriate controls, ensured incident escala - tion and documented decision-making. A failure to do so may translate into ordinary Dutch directors’ liability, regulatory exposure and civil claims by affected third parties. Enforcement may come from data protection authori - ties for privacy-related breaches, financial regulators in supervised sectors, consumer authorities for unfair commercial practices, civil courts in tort or contract and potentially shareholders or stakeholders where deficient AI governance feeds into broader misman - agement allegations. Once adopted, the Dutch AI Act Implementation Act is expected to give designated Dutch authorities powers to supervise and enforce compliance with the AI Act. 8.4 Key Disclosure Requirements for AI Use There is currently no general Dutch rule requiring all companies to provide a stand-alone AI report in their annual accounts or management report. However, AI- related disclosure may still be required where AI use is material to the company’s business, risk profile, gov - ernance, financial position or sustainability reporting. For listed companies, the most relevant route is through general disclosure requirements: risk fac - tor disclosure, governance reporting, internal control reporting, market disclosure obligations and, where relevant, prospectus disclosure. Following the 2025 update of the CG Code, boards of Dutch listed com - panies are expected to report more explicitly on the effectiveness of internal risk management and control systems. If AI creates material operational, compli - ance or reporting risks, those risks may need to be reflected. Where AI tools materially affect personal data processing, consumer-facing communications, financial products or sustainability claims, companies may also face indirect disclosure obligations under privacy, consumer, financial or prospectus regimes.

536 CHAMBERS.COM

Powered by