AI is not the risk.
AI without oversight is.
Practical, board-ready AI legal advice for UK businesses.
RMOK Legal advises businesses across the UK and internationally on AI governance, EU AI Act compliance and AI contract law. Every engagement is led by an SCL-accredited IT lawyer who sits on the SCL AI Committee. SRA-regulated. City of London.
RMOK Legal advises businesses across the UK and internationally on AI governance, EU AI Act compliance, AI contract law and the intersection of AI with data protection regulation. The firm is led by Rory O'Keeffe, a solicitor regulated by the Solicitors Regulation Authority, SCL-accredited IT lawyer, AI Committee member of the Society for Computers and Law, and author of AI Advantage (2025). Every engagement is delivered at partner level with a defined scope and a fixed fee confirmed before work begins.
Who this service is for
AI governance is not a single engagement. The right scope depends on whether you are building AI, deploying it, procuring it, or being asked by customers and regulators to account for how you use it.
Businesses developing AI products
If you are building an AI-powered product or embedding AI into an existing platform, you face obligations as a provider under the EU AI Act. Technical documentation, conformity assessments, transparency obligations and AI-specific contractual protections in your customer agreements.
AI Governance Advisory →Businesses using AI from third-party vendors
If your business uses AI for hiring, credit assessment, fraud detection, customer service or internal workflow, you face obligations as a deployer. You need to understand how the AI is classified, what your vendor's obligations are, and what you need in place contractually and operationally.
AI Governance Advisory →Senior leadership teams that need AI risk explained clearly
Your board has been asked about AI risk. You need a briefing that translates regulatory complexity into commercial language, covers your exposure, and provides actions. Not a 50-page report. A one-hour session with slides and a written summary your board can act on.
Board Briefing, from £500 +VAT →GCs and compliance leads who need a specialist AI law partner
Your team is handling AI queries from the business but AI governance sits outside your current expertise. You need specialist support that integrates with your existing function, not an external firm generating a separate workstream.
Fractional GC with AI specialism →What we advise on
EU AI Act compliance
Risk classification of AI use cases, gap analysis against Act requirements, technical documentation, and practical compliance roadmaps calibrated to enforcement deadlines.
AI governance framework design
Policies, procedures, oversight mechanisms and accountability structures that satisfy regulatory expectations and give the board confidence in how AI is being used.
AI contract drafting and review
Training data ownership, model output rights, liability for AI hallucinations, audit rights, data protection obligations, and compliance warranties tied to applicable regulation.
AI procurement advice
Pre-procurement due diligence and vendor agreement review: system classification, provider obligations, and what you need to secure contractually as a deployer.
Data protection and AI
Data minimisation in training datasets, legitimate basis for AI-driven decision-making, automated decision-making restrictions, and the UK GDPR and EU AI Act intersection.
Regulatory landscape advisory
DORA, NIS2, the Digital Markets Act, the Digital Services Act, and UK sector-specific AI guidance from the ICO, FCA, CMA and Ofcom.
How an AI governance engagement works
Four steps from first contact to a governance framework your board can stand behind. Every engagement has a fixed fee confirmed before work begins.
Discovery call
30 minutes, no charge. We review your AI landscape, your regulatory exposure, and your priorities. If RMOK Legal is not the right fit, we will tell you. If a different engagement model would serve you better, we will point you there.
Written scope and fixed fee confirmed
You receive a written scope document before any work begins. It sets out exactly what you receive, what is excluded, and what happens if additional work is needed. The fee is fixed. You sign off before we start. No hourly rates and no retrospective charges.
Engagement delivered
Every engagement is led personally by Rory O'Keeffe. Work is delivered via shared document exchange and advisory calls within the agreed timeline. Where additional specialist capacity is required, RMOK Legal draws on a vetted network of senior lawyers. You always know who is working on your matter.
Action plan and clear next steps
Every engagement closes with a written action plan: prioritised steps, named owners, and deadlines you can hold people to. For businesses with ongoing AI regulatory obligations, the monthly advisory retainer is available as a natural continuation.
AI governance engagement options
Every engagement is led by Rory O'Keeffe, SCL-accredited IT lawyer, SCL AI Committee member, author of AI Advantage (2025), and former Director of Legal at Accenture. Fixed fee. Defined scope. No hourly billing.
AI Governance Advisory
For businesses that need practical AI governance advice, a compliance roadmap, and their AI contracts reviewed by someone who understands both the regulation and the commercial reality.
Scoped to your AI landscape · Fixed fee confirmed in writing before work begins
- AI governance framework tailored to your business, your AI use cases, your oversight requirements and your accountability structure
- EU AI Act compliance advisory covering your obligations as a provider, deployer or both, with a clear statement of what applies and what needs to happen
- AI contract review of your vendor agreements covering training data ownership, model output rights, liability allocation, audit rights and compliance warranties
- Customer-facing AI terms: review or drafting of your AI-specific terms of service and acceptable use policy
- Written compliance action plan with prioritised steps, deadlines and named owners within your business
- Board or investor briefing: a one-hour presentation with slides and written summary suitable for board reporting or audit committee review
The EU AI Act is the most significant technology regulation since GDPR. Fines for non-compliance with high-risk system requirements reach €35 million or 7% of worldwide annual turnover. The cost of an AI governance engagement is a fraction of the cost of a single regulatory inquiry, and a fraction of the commercial damage caused by an AI contract that does not protect your position.
Full enforcement begins December 2027. Compliance programmes begun in 2026 have time to be embedded properly. Those begun in 2027 are remediation exercises.
Board or Investor Briefing
One-hour presentation to your board, investors or audit committee on AI legal risk and EU AI Act obligations. Slides and written briefing included.
Book a discovery call →Ongoing Regulatory Monitoring
Monthly written briefing on AI and digital regulatory developments relevant to your business. One 30-minute advisory call per month. Minimum 3 months.
Book a discovery call →Bespoke Legal Advice
A defined, finite piece of advisory work scoped to a specific AI governance or compliance question. Written advice with clear conclusions and recommended next steps.
Book a discovery call →Trusted by businesses navigating AI with confidence
"Rory O'Keeffe goes the extra mile and is always focused and pragmatic."Legal 500 UK, Information Technology 2023
"A safe pair of hands on our most complex commercial deals."Fortune 500 Technology Client
Why RMOK Legal for AI governance
AI governance is a specialism, not a bolt-on.
Most law firms offer AI advice as an extension of their technology or data protection practice. At RMOK Legal, AI governance is a core specialism. Rory O'Keeffe is an SCL-accredited IT lawyer, AI Committee member of the Society for Computers and Law, and author of AI Advantage (2025). He speaks at the SCL Data Conference, the Eyes-Off Data Summit and the AI Law Summit. AI governance is a defined area of expertise built over years, not a service added to a generalist practice because the market moved.
Practical, not theoretical.
Governance frameworks come with named owners and deadlines. Compliance action plans are prioritised by risk and mapped to enforcement dates. Board briefings are in commercial language, not regulatory jargon. Advice they can act on, not lengthy opinions that stop short of telling you what to do.
Commercial law depth underneath the AI specialism.
AI governance does not exist in isolation from your commercial contracts. RMOK Legal has closed over 150 major commercial transactions and managed over £2bn in annual contract value. The AI advisory is grounded in real-world contracting experience, not just regulatory theory.
Both sides of the table.
Rory has sat on both sides: as Partner at Matheson advising international clients on complex transactions, and as Director of Legal at Accenture managing £2bn+ in annual contract value. That breadth shapes advice that is commercially grounded and practically deliverable.
SRA-regulated with professional indemnity cover.
Rory O'Keeffe is a solicitor regulated by the Solicitors Regulation Authority. For enterprise customers, investors and acquirers asking questions about your legal arrangements, the regulatory distinction matters.
Common questions about AI governance
Looking for something different?
Fractional General Counsel
Ongoing senior legal support on a monthly retainer. Commercial contracts, AI governance, regulatory compliance and strategic legal risk.
Commercial Contract Review
Transaction-specific contract review, negotiation and deal support. SaaS, technology, outsourcing, licensing and M&A.
Startup Legal Packages
Fixed-price packages for startups and scale-ups. Defined deliverables. From £1,500 +VAT.
EU AI Act Compliance Guide
Comprehensive free guide. What the Act requires, when it applies, what UK businesses need to do.
AI governance advice that is practical, commercial and board-ready.
Book a free 30-minute discovery call with Rory O'Keeffe. No obligation, no pitch. A direct conversation about your AI landscape, your regulatory exposure, and what you need.
Book a discovery call →Reviewed by Rory O'Keeffe, SRA-regulated solicitor (No. 8008227), SCL-accredited IT lawyer (June 2026).

