Teleosyn AI

← Back to home

Regulatory Pulse

The regulatory clock doesn’t pause while you plan

Dated, concise updates on US state AI legislation, NIST AI RMF guidance, and sector-specific rules, with the EU AI Act included where it’s shaping what US regulators do next. Every entry links to the primary source.

Build your regulatory digest

Choose the topics that affect you and how often you want them. Preview exactly what you’ll get, then subscribe. No newsletters, just the updates in your scope and why they matter.

Topics you care about

Leave all unselected to follow everything.

Preview your next digest

4 updates
  • Colorado AI Act (SB 24-205) requirements take effectUS State Law · June 30, 2026
  • Financial Services AI Risk Management Framework releasedNIST · February 2026
  • High-risk system obligations begin to phase inEU AI Act · August 2, 2026
  • General-purpose AI model obligations enter forceEU AI Act · August 2, 2025

+ 4 more in your topics, oldest trimmed to keep it skimmable.

Reviewed for currency against the EU AI Act, NIST AI RMF, and ISO/IEC 42001 as of June 2026.

  1. US State Law

    June 30, 2026

    Colorado AI Act (SB 24-205) requirements take effect

    Colorado's AI Act, the US state law most closely modeled on the EU AI Act's risk-tiering approach, now requires developers and deployers of high-risk AI systems to use reasonable care against algorithmic discrimination, conduct impact assessments, and disclose AI interactions to consumers. It covers employment, education, financial services, healthcare, housing, and legal decisions. The effective date was pushed back twice from an original February 2025 target while lawmakers worked through amendments, so organizations operating in Colorado or serving Colorado residents should confirm they're working from the enrolled text below rather than an earlier draft.

    Read the enrolled bill text (Colorado General Assembly)

  2. NIST

    February 2026

    Financial Services AI Risk Management Framework released

    The US Treasury and a coalition of more than 100 financial institutions released a Financial Services AI RMF: a sector-specific profile that expands NIST's AI RMF with roughly 230 control objectives tailored to banking and financial services, plus a shared AI lexicon. Firms already mapped to NIST's core GOVERN, MAP, MEASURE, and RESPOND functions have a head start translating those controls into the new profile's more granular requirements.

    Read the NIST AI RMF sector profile guidance

  3. EU AI Act

    August 2, 2026

    High-risk system obligations begin to phase in

    Annex III high-risk system obligations under the EU AI Act, covering conformity assessment, technical documentation, and post-market monitoring, start becoming applicable on a staggered schedule. This matters most directly to organizations with EU-facing operations, but the underlying risk classification approach (prohibited, high-risk, limited, minimal) is the same structure several US state laws have adopted, so it's a useful preview of where US requirements are trending.

    Read the regulation text (EUR-Lex)

  4. EU AI Act

    August 2, 2025

    General-purpose AI model obligations enter force

    Articles 53 to 55 of the EU AI Act, covering transparency, adversarial testing, and incident reporting for providers of general-purpose AI models, became fully applicable. Organizations deploying foundation models (GPT, Claude, Gemini, Llama derivatives, and similar) as part of EU-facing products now need up-to-date technical documentation and a process for cooperating with supervisory requests. Worth tracking even for US-only teams: model documentation expectations like these tend to show up in US procurement and vendor-risk questionnaires within a year or two.

    Read Articles 53 to 55 (EUR-Lex)

  5. EU AI Act

    February 2, 2025

    Prohibited AI practices ban takes effect

    Chapter II of the EU AI Act, prohibiting real-time remote biometric identification in public spaces, social scoring, and certain subliminal manipulation techniques, became enforceable: the first substantive compliance deadline under the Act. Organizations that had already completed a risk-tiering exercise had clarity on which use cases required immediate retirement or redesign, the same discipline US state laws now ask for under a different name.

    Read Chapter II (EUR-Lex)

  6. Sector

    June 5, 2024

    SEC risk alert: AI use by broker-dealers and investment advisers

    The SEC's Division of Examinations published a risk alert reminding registered investment advisers and broker-dealers that existing supervisory and recordkeeping obligations apply when AI tools assist in producing investment advice, portfolio analysis, or client communications. Firms without a documented AI use policy and model inventory face heightened examination risk, and the SEC has separately brought enforcement actions against firms for overstating their AI capabilities to clients (so-called AI washing).

    Read the SEC risk alert (sec.gov)

  7. US State Law

    September 2024

    California SB 1047 (vetoed): lessons for AI governance programs

    California Governor Newsom vetoed SB 1047, which would have required developers of large AI models to implement safety protocols and whistleblower protections. The bill didn't pass, but the legislative debate surfaced requirements, model audits, incident reporting, shutdown mechanisms, that are highly likely to reappear in future state or federal legislation. Organizations with a documented incident response process and model audit trail are better positioned for whatever comes next.

    Read the bill history and veto message (California Legislative Information)

  8. EU AI Act

    August 1, 2024

    EU AI Act enters into force

    The EU AI Act officially entered into force, starting a staggered multi-year timeline for its various obligations. For US organizations without EU-facing operations, the direct impact is limited, but the Act has become the reference point regulators and legislators cite when drafting new US rules, so its risk categories (prohibited, high-risk, limited, minimal) are worth understanding on their own merits.

    Read the regulation text (EUR-Lex)

Stay current without monitoring everything yourself

One email per major milestone. Unsubscribe any time.

See what’s new in the framework itself →