On 17 June 2026, the Irish government approved publication of the Regulation of Artificial Intelligence Bill 2026, the law that gives the EU AI Act (Regulation (EU) 2024/1689) teeth in Irish jurisdiction. The Bill establishes Oifig IS na hÉireann — the AI Office of Ireland — as an independent statutory body and central coordinating authority, and it empowers roughly 15 existing sectoral regulators to act as Market Surveillance Authorities (MSAs) in their own domains. The AI Office must be operational by 1 August 2026, just ahead of the 2 August date on which the bulk of the AI Act becomes applicable across the Union (DETE; European Commission).
The headline choice is structural. Ireland could have built a single, monolithic AI regulator. It chose instead a distributed model: the Central Bank supervises AI in financial services, the Data Protection Commission handles biometric and personal-data dimensions, Coimisiún na Meán covers audiovisual media, the Health and Safety Authority covers workplaces, and so on across the 15 competent authorities Dublin designated in two tranches during 2025 (DETE, Sept 2025). The AI Office sits above them as the single point of contact to Brussels, a shared pool of technical expertise, and the operator of a national regulatory sandbox.
The strongest case for the distributed model
The argument for Ireland's approach is genuinely good, and worth stating plainly before any critique. AI is not a discrete product category like pharmaceuticals or aviation — it is a general-purpose technology that surfaces inside lending decisions, medical triage, hiring tools, and broadcast content. The regulators already supervising those sectors hold the domain knowledge to judge whether a given system is dangerous in context. A credit-scoring model and a diagnostic imaging tool fail in completely different ways; asking one central AI agency to master both, plus a dozen other verticals, risks a regulator that is expert in nothing. As law firm Matheson notes, the model "leverages existing institutional expertise and sector-specific knowledge rather than building new bureaucratic structures" (Matheson). For businesses, it also means dealing with a regulator they already know.
That is the proportionate instinct, and it deserves credit. Where we part company is on whether the coordination layer is strong enough to stop the model's predictable failure mode.
The fragmentation risk is real, and the AI Office is the load-bearing wall
The weakness of any distributed scheme is divergent interpretation. Fifteen authorities, each with its own institutional culture, can reach 15 different views on whether a particular system is "high-risk," what documentation is adequate, or when an unannounced inspection is warranted. A company operating across, say, fintech and health could face overlapping supervision from several MSAs at once — each with a different supervisory temperament. Matheson flags exactly this: "potential interpretation divergences across 15 entities" and "compliance complexity for cross-sector organisations."
The entire model therefore rests on the AI Office being able to harmonise. The Bill gives it the coordinating mandate, but a coordinating body without real convergence power becomes a letterbox to Brussels rather than a referee at home. The pro-innovation test for Ireland over the next 18 months is concrete: can the AI Office publish binding cross-sector guidance fast enough that a startup gets one answer, not 15? If it can, the distributed model is a feature. If it cannot, businesses will route around the ambiguity — or around Ireland.
Proportionate enforcement, and the stakes
To its credit, the Bill structures enforcement as an escalating ladder rather than a cliff: cooperative compliance notices first, then coercive measures such as prohibition and seizure, and only finally formal sanctions, with independent adjudication and court oversight throughout. That graduated design is the right one — it gives operators a chance to fix problems before penalties bite. And the penalties are not trivial. Under Article 99 of the AI Act, prohibited AI practices can draw fines of up to €35 million or 7% of worldwide annual turnover, whichever is higher (EU AI Act, Art. 99). High-risk non-compliance reaches €15 million or 3%.
Those numbers explain why predictability matters so much. A 7%-of-turnover exposure is survivable only if firms can know in advance which conduct triggers it — and that knowledge depends on the 15 MSAs not contradicting one another. Until the Bill is enacted, Ireland's designated authorities largely lack the power to impose any penalty at all, an enforcement gap the legislation is meant to close before the August deadline.
What to watch
Ireland has timed this carefully: the AI Office operational by 1 August, the substance of the Act applicable from 2 August. The country hosts a disproportionate share of Europe's large AI and platform operators, so its enforcement posture will be felt far beyond Dublin. The right outcome is one where the distributed model delivers expert, context-sensitive supervision without dissolving into 15 incompatible rulebooks. That depends almost entirely on whether the AI Office is resourced and empowered to act as a genuine harmoniser — not merely a coordinator on paper. On the evidence of the Bill, the architecture is sensible and the instinct proportionate. The execution risk is real, and it is concentrated in one office.