Contact us
AI regulation is moving fast. Are you?
Our dedicated experts, located around the world, are here to help.
AI
AI agents
AI Regulation
Artificial Intelligence
EU
Singapore
Legal responsibility for agentic AI across Singapore’s AI value chain
Agentic AI has moved from demo to deployment. Enterprises are wiring agents into procurement, customer service, and internal operations; consumer assistants are booking, buying, and negotiating on behalf of users; and the tooling that strings these systems together is being shipped by a long and growing list of vendors. The legal question that has not kept pace is the simplest one: when an agent acts autonomously and something goes wrong, who is on the hook?
Singapore’s Infocomm Media Development Authority (IMDA) is among the first regulators to attempt a serious answer. Its recent discussion paper, Legal Responsibility for AI Agents, does not propose new legislation. Instead, it takes the doctrines that already exist in private law and tests whether they can carry the weight of an agentic value chain. The result is a clear-eyed audit of where the law holds, where it strains, and where it is likely to break.
Singapore’s doctrinal stocktake
The paper focuses on civil liability under Singapore’s private law and examines how they apply to agentic AI systems:
- Contract: aneffective mechanism for allocating risk within the AI value chain, but one that offers little recourse to harmed third parties.
- Negligence: doctrinally applicable, but proving responsibility across multiple actors is often difficult.
- Product liability: potentially useful for end users, but Singapore’s current regime is focused on physical goods rather than AI systems.
- Agency law: of limited application,as AI agents are not legal persons.
- Technology-neutral statutes: already govern conduct involving AI agents, but do not resolve the underlying private-law liability issues.
To stress-test these doctrines, the paper introduces a hypothetical: a personal assistant agent (such as OpenClaw), tasked with signing a user up for a class at midnight, finds its usual route blocked and proceeds to break into a cloud provider’s servers. How would negligence law assign liability across that chain?
The paper’s conclusion is measured but pointed: existing private law doctrines may address many situations, but claimants will face serious practical obstacles in proving what went wrong, who was responsible, and whether the harm was foreseeable.
The paper also maps the AI value chain:[1]
- Model developers (e.g., providing LLMs for agents)
- Tooling providers (e.g., supplying Model Context Protocol servers or APIs that enable agentic capabilities)
- Platform providers (e.g., platforms to build agents)
- Orchestration layer providers (e.g., frameworks that handle complex multi-step workflows beyond simple Q&A)[2]
- Orchestration layer operators (e.g., managed services that configure and run orchestration on behalf of clients)[3]
- System providers (e.g., vendors that build agents on a platform and sell them to enterprises as a SaaS solution)
- Deployers (e.g., enterprises that deploy an agent internally)
- End users (e.g.,individuals who use the agent for their work)
- Impacted third parties
That nine-actor map is the analytical spine of the paper. Each of the pressure points that follow can be traced back to the difficulty of running a single liability rule across so many hands.
Four pressure points the existing law cannot absorb
Behind the legal and technical terminology, the underlying concerns are straightforward. The paper sets out four issues for further study, without committing to a timeline.
Attribution – who does the claimant sue?
| When a conventional product causes harm, the claimant typically sues the manufacturer. An AI agent, however, is rarely the output of a single maker. It may combine a language model from one vendor, browser-automation tooling from another, an application built by a third, and instructions set by the user. Where the agent causes harm, it may be technically impossible, or prohibitively expensive, for the injured party to determine which contributors caused the loss. |
Unforeseeability – who actually directed the conduct?
| Unlike a car that breaks a traffic law because a driver commands it to, AI agents can take unexpected actions that nobody instructed. As the OpenClaw hypothetical illustrates, an agent may break into a server while ostensibly executing a benign booking task. Under standard negligence law, you can be liable for harms that were reasonably foreseeable. Where an agent takes a genuinely surprising action, the foreseeability requirement can make it difficult to fix responsibility. |
Cascading responsibility – who ultimately bears the risk?
| Many AI products come with terms of service that disclaim responsibility for unexpected behaviour. For a sophisticated enterprise buyer, those terms are the product of negotiation. For an ordinary consumer, they are an unread click-through. The paper observes that better-resourced actors may push liability downstream, leaving smaller parties, including end users, to absorb disproportionate risk with limited ability to control it. Existing law offers only limited protection against this dynamic. |
Explainability – what actually happened?
| Even where a claimant can identify a likely defendant, succeeding in court requires evidence of what the agent did and why. AI agents can provide natural language explanations of their reasoning, i.e. so-called chain-of-thought outputs, but these are not reliable records of the agent’s actual decision process. They may be plausible reconstructions rather than accurate descriptions of causation or intent. The evidentiary implication is significant: the best available explanation of why an AI acted as it did may not be legally reliable. |
Although exploratory, the paper signals the issues that Singapore’s policymakers are tracking: how responsibility should be allocated across the AI value chain, whether additional safeguards are warranted in consumer contexts, how the law should address unforeseeable agent behaviour, and what role transparency and disclosure should play in assessing responsibility and standards of care.
The international landscape: similar efforts elsewhere
Singapore is not alone in grappling with these questions, though it has moved further and faster on the doctrinal analysis than most.
- In the United Kingdom, the Competition and Markets Authority published Agentic AI and Consumers in March 2026, setting out how existing consumer-protection law applies to businesses deploying agentic AI systems.[4]
- In the United States, there is no standalone federal AI statute. The FTC instead applies existing consumer protection law – including Section 5 of the FTC Act, which prohibits unfair or deceptive practices – to AI systems.[5]
- In the European Union, the revised Product Liability Directive (EU 2024/2853) applies to AI-enabled products placed on the EU market from 9 December 2026.[6]
Singapore vs. the EU Product Liability Directive
The revised Directive is among the first major legislative instruments to address liability arising from software and AI-enabled products expressly. It introduces strict liability for AI-enabled products placed on the EU market and treats software, including AI, as a “product” for liability purposes.
Both initiatives focus liability on vendors within the AI ecosystem, with a shared aim of protecting users. The Singapore paper, however, takes the view that the legal foundations are more fragile than they appear, and counsels caution before locking in a regulatory framework.
| Revised EU Product Liability Directive | Singapore Discussion Paper |
|---|---|
| Addresses post-deployment and evolving AI behaviour within the product liability framework | Highlights uncertainty over liability for unforeseeable or emergent AI behaviour |
| Strengthens claimants’ ability to obtain evidence through disclosure obligations and evidentiary presumptions | Expresses caution regarding the legal reliability and evidential value of AI-generated explanations and related documentation |
Key insights for companies
- Tooling, platform and system providers that have not historically considered themselves in the liability chain should review that position. Singapore’s value-chain analysis suggests they are squarely in scope.
- Companies operating across multiple layers of the AI value chain should map liability layer by layer for legal clarity.
- Broad disclaimer strategies are likely to attract regulatory and judicial scrutiny. Treat disclosure of known limitations as a legal input, not just a reputational one.
B2C agentic deployments are likely to draw the earliest regulatory attention. Firms in consumer-facing markets should prioritise governance, documentation, and redress mechanisms accordingly.
Singapore’s IMDA discussion paper suggests that companies involved in the agentic AI ecosystem are inevitably operating in a blurry legal zone that neither contracts nor negligence law fully covers. For businesses, the paper’s value lies more in its framework, providing a structured way to think about where your organisation sits in the chain, what you control, and where your exposure lies. When more formal regulatory measures arrive, the businesses best positioned will be those that mapped their exposure early, built transparency into their systems, and treated liability responsibly.
[1] Note: The list is not exhaustive and does not represent the final position. See the paper’s Annex.
[2] Note: This stakeholder is not included in the main text of the paper, but appears in the Annex.
[3] Note: This stakeholder is not included in the main text of the paper, but appears in the Annex.
[4] https://www.gov.uk/government/publications/agentic-ai-and-consumers/agentic-ai-and-consumers
[5] https://www.federalreserve.gov/boarddocs/supmanual/cch/ftca.pdf
Share
