AI in International Corporations – Opportunities, Risks, and Compliance Challenges between the EU and China

International companies benefit from centrally developed AI systems, for example in:

• Automating support, HR, or marketing
• Scalable generative models for content or translation
• Increasing efficiency through data analytics and forecasting tools

Hyperscaler models (e.g., GPT- or Gemini-based APIs) in particular enable rapid market launches with relatively low internal compliance effort. In the EU, the use of such models is regulated but still permitted, as long as transparency, intellectual property rights, and risk prevention are ensured.

China, on the other hand, offers enormous market potential for AI products, provided they are locally adapted, correctly labeled, and politically compliant.

The regulatory differences between the EU and China are profound:

• The EU relies on the AI Act, which categorizes AI systems by risk. High-risk systems (e.g., for biometric identification or credit scoring) require conformity assessments, documentation, and human oversight. Data protection is based on the European General Data Protection Regulation (GDPR).
• China regulates AI through a variety of individual measures. As of September 1, 2025, a mandatory labeling requirement applies to all AI-generated content. This content must be politically unobjectionable and comply with state regulations. Companies must register their models with the Cyberspace Administration of China (CAC).

Many companies underestimate the effort required to localize AI systems:

• Uniform models are rarely legally compliant: Strict rules apply in both the EU and China. The GDPR and China’s Personal Information Protection Law (PIPL) allow international data transfers only with considerable effort. Shared data pools or centrally trained models are therefore heavily restricted. An AI chatbot allowed in Europe could be illegal in China due to content that touches on forbidden topics.
• Labeling requirements are not interchangeable: While the EU mandates labeling only for specific deepfakes or generative content, China requires comprehensive, visible, and machine-readable labeling of all AI-generated content.
• Technical separation is often necessary: Companies frequently need to maintain two separate models, one for Europe and one for China, each with its own hosting, logging, and governance frameworks.
• Platform dependency in China: Without their own infrastructure, German companies rely on local partners (e.g., Alibaba, Tencent), and thus must adhere to their specifications, certifications, and political requirements.

AI in the context of international corporations is more than just a technical issue, it’s a legal balancing act. The diverging requirements in Europe and China demand a conscious decision: centralized efficiency or localized compliance?

Only through clear responsibilities, local adaptation, and ongoing regulatory monitoring can AI be deployed globally in a legally compliant and future-proof manner.