Recap of AI regulation in 2024

Key Regulatory Developments in 2024

1. U.S. Federal Agency Enforcement

The FTC and DOJ introduced strict AI oversight and enforcement measures in 2024.

The FTC issued fines against companies that misrepresented their AI capabilities. Key cases included companies claiming to have AI lawyers and others using AI to generate fake customer testimonials. These actions established clear consequences for deceptive AI marketing practices.

The DOJ now treats AI oversight with the same importance as financial compliance. Companies must maintain detailed documentation of their AI systems, including development processes, testing methods, and clear incident response plans. Leadership must assign specific roles for AI oversight and accountability.

2. European Union AI Act

The EU created the first comprehensive AI regulation framework, setting specific requirements for AI development and use.

Companies using AI for important decisions (healthcare, hiring, financial services) must now prove their systems are fair through testing and independent verification. This includes regular assessments of accuracy and potential bias.

The framework makes executives personally liable for AI system failures. This requires leadership to directly oversee AI development and risk management, rather than delegating these responsibilities.

3. U.S. Executive Order on AI

The executive order created the first concrete AI requirements for U.S. companies.

Companies developing AI models must document and report their training methods and safety testing to government agencies. This creates a record of development practices and safety measures.

Companies using AI in critical systems (banking, transportation) must monitor their AI continuously and conduct quarterly security checks. This includes documenting AI components from third-party providers.

4. Global AI Safety Summit Agreement

28 nations agreed on common AI safety standards and testing requirements.

The agreement means AI systems must pass the same safety tests across all participating countries, simplifying compliance for international operations while maintaining consistent standards.

The countries established a shared system for reporting AI incidents, similar to existing frameworks for banking and cybersecurity. This creates standard procedures for addressing AI problems across borders.

Implementation Requirements

Organizations using AI must implement several key practices:

• Document AI development, testing, and deployment
• Create clear plans for handling AI incidents
• Monitor AI systems continuously
• Conduct regular safety assessments
• Get independent audits for high-risk AI applications

These requirements fundamentally change how organizations approach AI development. Documentation isn't just about keeping records—it creates accountability and helps prevent issues before they occur. Incident response plans must detail specific steps, responsibilities, and communication protocols. Monitoring and assessment requirements mean organizations need dedicated resources for AI oversight, not just development.

Looking Ahead

Organizations should prepare for ongoing changes in AI regulation by:

• Tracking new requirements as they emerge
• Building strong compliance processes
• Investing in necessary technical infrastructure
• Developing internal expertise in AI governance

The regulatory landscape will likely become more complex as governments refine their approach to AI oversight. Organizations that build strong compliance foundations now will be better positioned to adapt to new requirements. More importantly, these measures help ensure AI systems are reliable and trustworthy, which ultimately benefits both organizations and their users.