Omdia: New AI regulations in the EU and South Korea signal rising compliance costs for telcos

LONDON, October 16, 2025: Analysis from Omdia’s new report Regulating AI in the Telecom Sector – 2025 reveals that telcos need to take account of formal AI regulation issued by two jurisdictions – the EU and South Korea. Both take a risk-based approach, where the highest-risk use cases face the most stringent rules. Unlike the EU AI Act, South Korea’s Basic AI Act only applies to developers or entities offering products and services utilizing AI, rather than AI users.

“The overarching impact of these two regulations on telcos is the creation of more compliance work and costs to meet the new legal requirements for safety standards,” said Sarah McBride, Principal Analyst, Regulation, at Omdia.

Several other jurisdictions have initiated regulatory efforts through public consultations, but it could be some time before many of these are finalized. Regulators around the world are weighing the risks and benefits of AI and are looking to impose regulations that address risks such as biased and unreliable data, liability in case of error, trust, privacy, and security.

AI encompasses a broad variety of concepts and technologies that are embedded in all aspects of a telco’s business. Therefore, they need to adhere to different guidelines depending on where and when AI is used. However, with a constantly evolving regulatory landscape, this can be challenging.

“Telcos must navigate key AI regulatory requirements across multiple policy areas, including high-risk situations, prohibited use, transparency, and enforcement” McBride noted. “They also face AI-specific policies and regulations regarding data and privacy, critical infrastructure security requirements, consumer protection measures, and digital sovereignty considerations.

However, it would be sensible for telcos to proactively implement a risk-management framework within their systems and take the lead in driving ethical and responsible AI technology. “AI offers numerous opportunities for telco innovation, but risks must be assessed thoroughly before implementation, and standards for data quality, accuracy, robustness, and non-discrimination must be adhered to,” explained McBride.

Figure 1: Potential risks and challenges for telcos of adopting AI