Italy becomes the first EU country to pass a domestic artificial intelligence (AI) law aligned to the EU AI Act.
The law sets a human-centric framework for AI use, mandating stricter oversight, transparency, and accountability in high-impact sectors such as healthcare, education, justice, and public administration.
It aims to balance “innovation, cybersecurity and privacy protections” with “human-centric and safe AI use”, said Prime Minister Giorgia Meloni.
Under the framework, illegal spreading of AI-generated content intended to cause harm can land between one to five years in prison.
For more serious crimes like fraud and identity theft, there will be much harsher penalties.
Alessio Butti, the undersecretary for digital transformation, said the law “brings innovation back within the perimeter of the public interest, steering AI toward growth, rights and full protection of citizens”.
Law No. 132/2025 was approved by Parliament on 17 September 2025 and comes into force on 10 October 2025.
Summary of Italy’s AI framework
At its heart, the law insists on one clear principle: AI must support people, not replace them. In practice, this means:
- Stricter transparency rules for AI in regulated sectors, ensuring humans retain ultimate decision-making power. Transparency rules make sure patients, employees, and citizens know when AI is in use.
- Parental consent is required for children under 14 to access AI systems.
- New criminal penalties: unlawful dissemination of harmful AI-generated content can lead to 1–5 years’ imprisonment, with harsher sentences where AI is used for serious crimes like fraud or identity theft.
- Copyright and innovation balance: Works assisted by AI remain eligible for copyright, but only if genuine human creativity is involved. Text and data mining (TDM) for AI training is permitted, provided copyright owners opt-outs are respected.
- Institutional oversight: national bodies AgID (Digital Agency) and ACN (Cybersecurity Agency) will coordinate enforcement, supported by sectoral regulators, alongside a €1bn fund for AI, cybersecurity, and telecoms innovation.
Addressing the theme of AI in March last year, Meloni said: “There can and must be an Italian way when it comes to artificial intelligence, an Italian way to develop artificial intelligence and an Italian way to govern artificial intelligence.”
She considers AI to be “the greatest revolution of our time” but said it could only achieve its full potential “if it is developed within a framework of ethical rules that focus on people and their rights and needs”.
What this means for firms
By passing its own national AI law, Italy has shown that EU member states won’t simply wait around and are willing to create local rules to reflect their own priorities.
This adds a new layer of complexity for businesses: compliance will no longer mean just following the EU AI Act but also keeping track of country-by-country add-ons.
While the UK has so far preferred a “pro-innovation” and lighter-touch approach, Italy’s sector-specific rules and criminal sanctions may put pressure on others to follow suit, especially when it comes to protecting children, criminalising deepfakes, and clarifying copyright for AI-assisted works.
If more EU countries adopt similar measures, firms operating in the UK, US, EU and APAC will need to comply with varying standards across borders.
How FinregE can help
Italy could just be the first domino and other EU member states could fall soon. This means AI regulation is fragmenting.
It’s the beginning of a patchwork of national add-ons, sector-specific duties, and new criminal sanctions.
To succeed, organisations need compliance strategies that are adaptable, evidence-driven, and capable of bridging multiple frameworks
Our AI-driven regulatory compliance is designed to take the uncertainty out of complex regulatory environments.
Our large language models (LLMs) and regulatory mapping solutions focus on mapping obligations across multiple jurisdictions. You see where you comply, where gaps exist, and who owns the fix.
We also continuously monitor new laws and updates, whether it’s Italy, Ireland, or the UK’s next move, and translate them into plain English, role-specific insights for risk, legal, HR, and product teams.
With built-in traceability logs, system inventories, and policy-to-rule mapping, FinregE helps you demonstrate accountability when auditors or regulators come calling.
Find out how we can help your firm comply with evolving AI regulations. Book a demo today.