By the LexTalk World Editorial Team | May 2026 | Legal Leadership, Operations
A multinational company would engage local counsel in each market, build a compliance matrix that mapped key obligations by jurisdiction, and run annual updates as laws changed. It was not simple work, but it was architecturable. The variables were finite. The frameworks were relatively stable.
That architecture is collapsing in 2026, and general counsel around the world are feeling it in their bones.
Three regulatory forces are converging simultaneously for the firstc time: AI-specific legislation emerging at the state and national level, ESG disclosure requirements fragmenting across more than 30 jurisdictions with different standards, and data privacy frameworks multiplying faster than any compliance team ccan map. Each of these alone would be a significant challenge. Together, they are creating a cross-border compliance environment that is genuinely unprecedented in scope and speed.
The general counsel who will navigate it well are not the ones waiting for the frameworks to stabilise. They are the ones building organisations capable of operating in a world where the rules are always changing.
Why This Year Is Different
Every year brings regulatory change. The argument that 2026 is qualitatively different from previous cycles requires some examination, because legal leaders hear about unprecedented complexity so often that the word has nearly lost its meaning.
But the data supports the argument this time.
Bloomberg Law describes 2026 as the year to “operationalise” the realities of AI integration and evolving data privacy frameworks under heightened scrutiny, noting that as legislation struggles to keep pace with innovation, the stakes will continue to climb.
The seventh annual General Counsel Report from FTI Consulting and Relativity, released in February 2026 and based on 224 general counsel and CLOs at organisations with revenues above $100 million, found that 87% of legal leaders report accelerating risk and demand, while 97% saw increased work volume over the prior year.
Those numbers describe a profession under structural pressure, not a temporary spike. The work is increasing. The complexity is compounding. And the tools for managing it have not kept pace with the rate of change.
Caption for stats callout graphic:87% of general counsel report accelerating risk and demand in 2026. Source: FTI Consulting and Relativity General Counsel Report, February 2026.
The ESG Fragmentation Problem
Start with ESG disclosure, because it is the most tangible illustration of what regulatory fragmentation looks like when it arrives at scale.
More than 30 jurisdictions are deploying or planning to roll out IFRS sustainability disclosure standards in 2026, often with local modifications. This includes first ISSB-based disclosures expected in Hong Kong SAR and Singapore in 2026, sustainability reporting in mainland China expected early in the year, and European rules requiring businesses to navigate the CSRD.
In North America, where ESG adoption sits at 79%, organisations are navigating a particularly fragmented environment. Federal SEC climate disclosure rules remain stayed, while California’s SB 253 requires Scope 1 and 2 reporting beginning in 2026 and Scope 3 from 2027. Canadian organisations are increasingly aligning with ISSB Standards through voluntary adoption while awaiting mandatory regulatory action.
The challenge this creates for a general counsel at a company with operations in Europe, North America, and Asia is not simply one of tracking multiple frameworks. It is the challenge of building reporting infrastructure, governance processes, and disclosure language that satisfies conceptually different legal requirements simultaneously.
Europe’s CSRD operates on double materiality, requiring businesses to measure both financial risk to the company and the company’s outward impact on society and climate. The US framework, where it exists at all, operates on single materiality. These are not minor technical differences in disclosure format. They represent fundamentally different legal theories of what a company owes its stakeholders.
A general counsel advising their board on ESG disclosure strategy in 2026 is not answering a single question. They are managing a portfolio of partially contradictory obligations across jurisdictions that do not share a common regulatory philosophy.
The AI Governance Patchwork
The ESG fragmentation story is several years old. The AI governance fragmentation story is being written right now, in real time, and it is moving faster.
Nithya Das, general manager of governance at Diligent, describes 2026 as a decisive moment for AI governance, stating: “In 2026, we anticipate that the pace of AI regulation will remain unpredictable and increasingly stringent.” Rather than expecting clarity or simplification, she points to mounting pressure driven by new and emerging laws, predicting a structural shift at the top of organisations and that boards and executive teams will be institutionalising AI governance as a core competency.
The legal profession faces a new category of risk that is accelerating faster than previous technology-mediated legal obligations: the use of AI for legal work. When courts sanction lawyers for AI hallucinations, they hold counsel responsible regardless of which department selected the tool or how sophisticated the vendor’s claims were. The central procurement question will shift from “Can this tool increase efficiency?” to “Can this tool withstand scrutiny if challenged?”
For a global general counsel, the AI governance challenge has a cross-border dimension that is not yet widely discussed. The EU AI Act creates a tiered risk framework that applies to AI systems used in high-stakes decisions. US state-level AI laws, including the Colorado Artificial Intelligence Act, create separate obligations for AI systems that materially impact consumers. Singapore and several Gulf Cooperation Council states are developing their own frameworks, each with different definitions of what counts as a covered AI system.
A company deploying a single AI-assisted contract review or compliance monitoring tool across multiple jurisdictions may be operating under three or four separate regulatory regimes simultaneously. The general counsel who has delegated AI governance to IT or legal operations is, as several commentators have noted, in exactly the wrong position. These decisions require legal judgment at the most senior level, because the accountability for their consequences sits with the lawyer.
AI systems are already embedded in business operations, touching sensitive data, making decisions, and interacting with third parties, often without the governance, containment, or audit infrastructure that regulators and courts will soon expect. For legal departments, this is not a future issue. It is a present one. Legal sits at the intersection of contracts, regulation, litigation, and board oversight.
Data Privacy: The Framework That Will Not Stop Multiplying
The third arm of this regulatory convergence is data privacy, where the pattern of fragmentation is now mature but the pace of change has not slowed.
The EU’s GDPR set a global baseline, but the frameworks that followed it did not converge on a single model. California’s CCPA and CPRA, the UK GDPR post-Brexit, Canada’s PIPEDA modernisation, Brazil’s LGPD, India’s Digital Personal Data Protection Act, and an expanding set of state-level US frameworks each operate with their own definitions of consent, data subject rights, legitimate interests, and breach notification timelines.
In 2026, data regulation continues to fragment across jurisdictions. Organisations must navigate conflicting requirements around data residency, access, and transfer, often while adopting cloud platforms and global operating models. General counsel are increasingly expected to advise on data strategy alongside technology and security leaders. While deep technical expertise is not required, GCs must understand enough to assess the risks and must be able to engage meaningfully in discussions about data architecture, vendor selection, and cross-border data movement.
The practical consequence of this fragmentation for a general counsel is that data privacy is no longer a compliance programme with a defined scope. It is an ongoing operational risk management function that requires continuous monitoring of regulatory developments across multiple jurisdictions, real-time assessment of how those developments affect existing data processing activities, and the ability to communicate complex technical risk trade-offs to a board that increasingly wants straight answers rather than nuanced qualifications.
What Good Cross-Border Strategy Actually Looks Like
The general counsel who are navigating this environment most effectively have a few things in common, and none of them involve waiting for regulatory clarity that may never arrive.
Build for Divergence, Not Convergence
The instinct of many compliance programmes is to find the highest common denominator across frameworks and build to that standard. Apply GDPR-level consent protocols everywhere, apply CSRD-level ESG disclosure everywhere, and hope that satisfying the most demanding standard means you are covered under the less demanding ones.
This approach has logic behind it, but it has costs. It can be operationally burdensome, diplomatically complex, and sometimes legally counterproductive in jurisdictions where following a foreign standard creates its own complications.
The most effective organisations are moving toward unified compliance strategies that standardise internal policies while remaining flexible enough to adapt to local regulations. One of the biggest challenges in cross-border compliance is the lack of regulatory harmonisation across countries, with each jurisdiction having its own frameworks for data protection, taxation, labour laws, and cybersecurity, often creating conflicting requirements for global organisations.
The distinction between “unified strategy” and “single standard applied uniformly” is important. A unified strategy has consistent principles, clear governance, and a shared decision-making framework. It does not necessarily have identical implementation in every market.
Invest in Local Intelligence, Not Just Local Counsel
No global compliance programme succeeds in isolation from local expertise. Companies should cultivate relationships with in-country legal counsel, tax advisors, and industry specialists who understand not just the letter of the law but how regulators actually enforce it. By treating local experts as co-designers rather than last-mile implementers, organisations gain early visibility into issues, avoid cultural blind spots, and build a programme that is both globally coherent and locally credible.
The distinction between knowing the law and understanding how it is enforced is often the difference between a compliance programme that is technically correct and one that is operationally effective. Enforcement patterns, regulatory relationships, and the practical tolerance of local regulators are things that cannot be learned from reading the statute.
Create Regulatory Horizon Scanning as a Legal Function
The general counsel who are ahead of this environment are not managing regulatory change reactively. They have built or acquired horizon scanning capability that identifies emerging regulatory developments before they become compliance obligations.
This is easier said than done. The volume of regulatory activity across AI, ESG, data privacy, labour law, and corporate governance is now too high for any individual or small team to monitor comprehensively without structured support. Legal technology tools, specialist advisory relationships, and peer intelligence from other general counsel navigating the same landscape are all components of an effective horizon scanning function.
Which is, not incidentally, one of the primary reasons that senior legal leaders attend global conferences. The peer intelligence value of a room full of general counsel who are all tracking the same regulatory developments from different jurisdictional vantage points is a form of horizon scanning that no tool replicates.
The Skills Gap the Fragmentation Crisis Is Revealing
The cross-border compliance challenge is also surfacing a skills gap that was present before 2026 but is becoming more visible under pressure.
In 2026, the general counsel is no longer defined by legal expertise alone. These roles now require knowledge that spans regulation, technology, risk, and corporate strategy. Boards and CEOs increasingly rely on GCs not just to interpret the law, but to help businesses operate safely, credibly, and competitively in complex regulatory environments.
The GC of a global company who built their expertise in one jurisdiction, one practice area, or one regulatory framework is increasingly being asked to advise on questions that their original training did not address. AI governance and data architecture are not traditional legal subjects. ESG double materiality is not covered in most law school curricula. Geopolitical risk analysis is not standard GC training.
This is not a criticism of any individual lawyer. It is a description of a job that has changed faster than the profession’s training structures have adapted.
The response from the most effective general counsel is not to become experts in every new discipline. It is to build the judgment to ask the right questions, the network to find people who have the answers, and the organisational design to bring those capabilities into the legal function in a structured way.
Why Cross-Border Expertise Is a Competitive Advantage
There is a final point worth making, and it is an optimistic one.
The regulatory fragmentation that is creating complexity for global companies is also creating differentiation. The general counsel whose organisation navigates cross-border compliance with genuine sophistication, not just minimum compliance, is building a form of institutional capability that competitors cannot easily replicate.
A company that understands how to operate in Dubai, Singapore, New York, and Mumbai simultaneously with genuine fluency in each market’s regulatory environment has an operational advantage that is real and durable.
The legal function that has built the cross-border intelligence, relationships, and processes to make that possible is not a cost centre managing risk. It is a strategic asset.
The defining challenge is balancing speed, commerciality, and innovation with robust legal and risk governance. To navigate these pressures, general counsel need a fundamental shift in approach: positioning the legal function as a core enabler of the business rather than a back-office function that just says no. That means building crisis playbooks for regulatory investigations, data breaches, and workplace incidents before they happen, regular scenario testing, and turning compliance from a checkbox exercise into a strategic advantage.
The general counsel who will define the next decade of global legal leadership are the ones building that kind of function right now.
The Conversation Is Happening Right Now
The cross-border compliance challenge is not one that any individual general counsel should be navigating in isolation. The regulatory developments are moving too fast, spanning too many jurisdictions, and touching too many functional areas for even the best-resourced legal department to track without peer intelligence.
At LexTalk World’s upcoming conferences and executive roundtables, senior general counsel, CLOs, compliance leaders, and legal innovators from across the world are working through exactly these questions in real time: how to build governance frameworks that hold up across jurisdictions, how to manage the convergence of AI, ESG, and data privacy obligations simultaneously, and how to make the case to their boards for the legal function these challenges actually require.
Register as a delegate for LexTalk World New York 2026 (July 23 and 24), where cross-border compliance, AI governance, and regulatory risk will feature prominently across both days of programming. Delegates from the United States, Latin America, Europe, the Middle East, and Asia will bring the jurisdictional perspective your team needs.
You can also explore the upcoming executive roundtable series through E-Meet, check eligibility for the Legal Honor Global Awards, or view the full schedule of upcoming legal conferences for 2026, including the Dubai conference in September.
The frameworks are fragmenting. The conversation about how to navigate that is already underway. The question is whether you are in the room.
LexTalk World is a global legal conference platform connecting senior in-house counsel, general counsel, CLOs, and legal innovators worldwide through conferences in New York, Dubai, Bangalore, San Francisco, and Mumbai.
