There’s no AI pass for legal accountability. The DOJ’s updated compliance guidance and the EU AI Act are both explicit: there is no AI exception to compliance standards. Any bar humans are held to, AI is too. That principle is now being tested in courts.
In Germany, one case has set a significant precedent. In a landmark ruling this June, the Regional Court of Munich decided that Google is directly liable for the content of its AI search overviews. The company will be considered responsible for misinformation in its AI-generated results, regardless of where the underlying false information originated.
The court specified that Google’s AI overviews constitute new content, and are distinct from traditional search results, which list sources with direct quotes. In this case, Google’s AI had confidently stated “Yes, [company] is known for dubious business practices” and made claims unsupported by any of the linked sources. The court found Google liable, and did not accept the company’s argument that it tells users to fact-check the results themselves.
The ruling points toward a much wider phenomenon. Research by Oumi in April of this year found that even when correct, 56% of Google AI overview answers couldn’t be substantiated by the sources cited (tested with Gemini 3 model). The AI may be right but untraceable, and therefore uncitable. This is credibility theatre — general-use AI tools answer with confidence and credibility, but ultimately can’t demonstrate either.
This matters acutely in regulated environments. Fabricated information, missing risks, and negligent allegations can carry real consequences including personal liability for designated persons, regulatory censure, and legal action. Xapien was purpose-built for exactly this environment: a due diligence platform, designed and informed by professionals who have faced these pressures themselves. The information in Xapien reports is fully-sourced, and the platform is designed by people who understand compliance and the law. Our architecture is built using over 50 algorithms, each with documented logic — so compliance teams can explain not just what Xapien found, but how.



