Regulator Watch
Regulator Watch
What are the world’s AI regulators actually doing? Not just what laws exist, but who’s enforcing them, what guidance they’re issuing, and where the enforcement actions are landing.
This section tracks the regulators themselves — their mandates, their activity, and their signals about what comes next. We monitor them so you don’t have to.
Why Watch Regulators
Laws tell you what’s illegal. Regulators tell you what they’re actually going to enforce. The gap between the two is where businesses get surprised.
Regulatory signals include:
- Guidance documents — “This is how we interpret the law”
- Enforcement actions — “We fined this company for doing this”
- Consultations — “We’re thinking about new rules on this”
- Speeches and statements — “This is what we’re worried about next”
If you’re deploying AI, advising on AI, or building AI products, this is your early warning system.
EU Regulators
The EU has the most developed AI regulatory architecture in the world.
| Regulator | Jurisdiction | Focus | What to Watch |
|---|---|---|---|
| EU AI Office | EU | AI Act implementation | Guidance, codes of practice, GPAI rules |
| EDPB | EU | Data protection coordination | AI + GDPR guidance, cross-border enforcement |
| ENISA | EU | Cybersecurity | AI security standards, threat assessments |
| National DPAs | Per member state | Data protection + AI | Enforcement actions, national AI Act implementation |
See EU Country Codes & Authorities for the full list of national authorities.
Key EU Activity to Track
- AI Act implementation timeline (phased rollout 2024-2027)
- GPAI model classification and codes of practice
- First enforcement actions under the AI Act (expected 2025-2026)
- National designation of AI Act supervisory authorities
US Regulators
The US takes a sectoral approach — different agencies regulate AI in their domain.
| Regulator | Focus | What to Watch |
|---|---|---|
| NIST | Standards, frameworks | AI Risk Management Framework updates, evaluation methods |
| FTC | Consumer protection, competition | AI deception enforcement, algorithmic fairness actions |
| FDA | Healthcare | AI/ML medical device approvals, clinical AI guidance |
| SEC | Financial markets | AI in trading, robo-advisory regulation |
| EEOC | Employment | AI in hiring, algorithmic bias in employment |
| White House / OSTP | Policy coordination | Executive orders, national AI strategy |
Key US Activity to Track
- Federal AI legislation (multiple bills proposed, none comprehensive yet)
- State-level AI laws (California, Colorado, Illinois leading)
- FTC enforcement actions on AI deception and bias
- NIST AI RMF adoption and tooling
UK Regulators
The UK is taking a “pro-innovation” sector-specific approach.
| Regulator | Focus | What to Watch |
|---|---|---|
| AI Safety Institute (AISI) | Frontier model evaluation | Safety testing, capability assessments |
| ICO | Data protection | AI guidance, GDPR enforcement involving AI |
| Ofcom | Online safety | AI-generated content, deepfakes, platform responsibility |
| FCA | Financial services | AI in finance, algorithmic trading |
| CMA | Competition | AI market power, foundation model competition |
Key UK Activity to Track
- AI Safety Institute evaluations of frontier models
- Whether the UK passes comprehensive AI legislation (currently relying on existing regulators)
- ICO enforcement actions involving AI and personal data
International Bodies
| Body | Focus | What to Watch |
|---|---|---|
| OECD | AI principles, policy coordination | OECD AI Principles updates, country comparisons |
| United Nations | Global governance | UN AI Advisory Body recommendations, General Assembly resolutions |
| G7 | Hiroshima AI Process | Voluntary codes of conduct for AI developers |
| Council of Europe | Human rights | AI and Human Rights Convention (first binding international treaty on AI) |
| ISO/IEC | Standards | ISO 42001, ISO 23894 (AI risk management) |
How We Track This
Source Registry
We monitor these primary sources:
| Source | URL | Update Frequency |
|---|---|---|
| EU AI Office | digital-strategy.ec.europa.eu | Weekly |
| EDPB | edpb.europa.eu | Monthly |
| CNIL (France) | cnil.fr | Monthly |
| ICO (UK) | ico.org.uk | Monthly |
| NIST AI | nist.gov/artificial-intelligence | Monthly |
| FTC | ftc.gov | Weekly |
| AI Safety Institute (UK) | aisi.gov.uk | Monthly |
| OECD AI Policy Observatory | oecd.ai | Monthly |
| Stanford AI Index | aiindex.stanford.edu | Annually |
How to Use This Section
Businesses: Check your relevant jurisdictions quarterly. Enforcement priorities shift. Guidance documents often preview enforcement.
Regulators: See what peer jurisdictions are doing. The regulatory race is producing different approaches — comparing them helps everyone.
AI Enthusiasts: Understand who governs what and why. The regulatory landscape shapes what gets built.
Go Deeper
- Legal & Compliance — The full regulatory landscape
- Court Rulings — Where regulation meets case law
- EU AI Act — The most comprehensive AI law
- EU Country Codes & Authorities — National regulatory authorities
- GDPR & AI — Data protection and AI
- AI Security — The threats regulators are responding to
- AI Safety & Ethics — The broader safety context
- AI Intelligence Hub — Back to the hub home
Sources
- OECD AI Policy Observatory — Cross-country AI policy comparison
- Stanford HAI — AI Index — Annual state-of-AI report
- AI Act Explorer — Interactive AI Act guide
- EUR-Lex — EU legislative database
- Federal Register (US) — US regulatory actions