AI agent regulation is moving across multiple jurisdictions on different timelines. The EU has proposed a delay; most other regimes have not. The European Commission's Digital Omnibus would push the high-risk obligations in Annex III from August 2026 to December 2027 if adopted. What the Omnibus does not touch: the prohibitions in Article 5, the transparency obligations in Article 50, and the GPAI obligations in Articles 53 and 55 remain on the original schedule. Outside the EU, the Colorado AI Act, the Korean AI Basic Act, Japan's AI Promotion Act, Singapore's AI Verify framework, and China's CAC measures are all advancing on their own timelines, unchanged. An organisation deploying agents across borders in 2026 is not waiting for clarity. It is accruing obligations under multiple regimes simultaneously. This publication tracks each one, in its own terms, and in relation to the others. For a full breakdown of the Omnibus, see the Omnibus Master Brief on agentliability.eu.
Filter, sort, and search AI regulation across the EU, US states, UK, Singapore, Korea, China, Council of Europe, and more. Activation dates, penalty exposure, and extraterritorial reach in one interactive table.
The fragmentation is not only geographic. It is temporal. Each jurisdiction activates on its own schedule, and the duties accrue even when enforcement is delayed. The EU Digital Omnibus may shift the high-risk activation date; what stays fixed on 2 August 2026 is unchanged. The below is not exhaustive. It is the subset that binds cross-border agent deployers first.
First comprehensive US state AI statute creating a duty of care for developers and deployers of high-risk AI systems.
Council and Parliament meet in trilogue on the Digital Omnibus, which proposes to move the Annex III high-risk activation to 2 December 2027. Article 5, Article 50, and GPAI obligations are not on the table.
European supervisor publishes first positions on underwriting agentic AI. Read globally as reference for insurer exposure.
Prohibitions under Article 5 and transparency obligations under Article 50 enter application. GPAI obligations under Articles 53 and 55 also apply from this date. These are not affected by the Omnibus. The Annex III high-risk operator provisions under Article 26 may shift to 2 Dec 2027 if the Omnibus is formally adopted.
Enhanced testing toolkit and Model AI Governance Framework revisions for generative and agentic systems.
Record keeping, human oversight, and incident reporting under Article 26 must be operational and auditable. Date conditional on Omnibus adoption; original deadline is 9 December 2026 until the Omnibus is published in the Official Journal.
Long-form analysis of the statutes, frameworks, and standards shaping how the world will hold operators of autonomous AI agents accountable.
India's DPDPA 2023, sector guidance from RBI and SEBI, and the National AI Mission create a distinct operator landscape. A structured guide to what applies now and how to position for India's accelerating regulatory trajectory.
ISO/IEC 42001:2023 is the first certifiable international AI management system standard. It provides a governance structure that satisfies the EU AI Act's Article 17 QMS requirement, earns a Colorado SB 24-205 safe harbour, and directly reduces AI liability insurance premiums. A jurisdiction-by-jurisdiction operator's guide.
South Korea's AI Basic Act applies from August 2026. High-impact AI in employment, healthcare, finance, and criminal justice faces transparency, oversight, and documentation obligations parallel to the EU regime. A structured guide for cross-border operators.
Japan enacted a principles-based AI framework in May 2024. It does not mirror the EU AI Act's risk tiers or enforcement architecture. This guide maps what the Act, METI sector guidelines, Japan AISI, and the APPI framework require for operators with Japanese market exposure.
Brazil's Senate-approved AI framework establishes three risk tiers with significant operator obligations and applies extraterritorially. What European and global operators with Brazilian market exposure need to know.
The UK has no horizontal AI Act. It assigns AI oversight to existing sector regulators through five cross-sectoral principles. This analysis maps what the FCA, ICO, CMA, and AISI each require, and how the UK framework diverges from the EU AI Act in practice.
Article 2 of Regulation (EU) 2024/1689 draws non-EU operators into the regime through five routes, including the widely misunderstood output-used-in-the-Union trigger. What US and UK companies must assess before August 2026.
A reading of SB 24-205 as it enters force on 1 February 2026. The duty of care, the algorithmic discrimination standard, the risk management programme, and the comparison with the EU AI Act.
Why a voluntary federal framework is becoming the benchmark courts, regulators, and contracts use to define whether an operator acted reasonably when deploying an autonomous agent.
A structured comparison of how the three largest regulatory spheres are allocating responsibility across the AI supply chain. Horizontal statute, revised products regime, and sectoral regulator leadership.
Singapore's AI Verify, Japan's AI Promotion Act, Korea's AI Basic Act, and why the region's softer-law approach is setting de facto standards many US and EU deployers will follow.
Govern, map, measure, and manage. The four functions are a distillation of what it means to act reasonably when deploying AI that affects people and institutions.NIST Artificial Intelligence Risk Management Framework 1.0 · National Institute of Standards and Technology
Three structural features organise our coverage. First, AI agent liability is accruing before any single regime is mature. Operators deploying systems today face duties that will only be litigated later. The task is not to choose a legal standard. It is to reach the highest one that applies.
Second, the texts converge more than they diverge. Governance, risk management, transparency to affected parties, human oversight, logging, and incident response appear in almost every serious draft. A deployer that builds to the EU AI Act will be largely compliant with the Colorado AI Act, the Singapore Model Governance Framework, and the expectations of UK sectoral regulators. Frameworks differ at the edges, not the centre.
Third, the insurance market is following the regulation, not leading it. Specialty AI coverage exists. It is fragmented, expensive, and underwritten against the same operator duties the statutes describe. The rational posture is to harden the deployment and insure the residual.
The table below is a reduced view of ten jurisdictions and the instrument that carries the primary obligation for AI agent deployers. The column "standard" indicates whether the regime imposes a rule (statutory duty), a framework (voluntary but influential), or a sectoral approach (existing law applied by existing regulators).
| Jurisdiction | Primary Instrument | Standard | Activation |
|---|---|---|---|
| European Union | Regulation (EU) 2024/1689 · AI Act | Horizontal rule | 2 Aug 2026 (transparency + GPAI) · 2 Dec 2027 (high-risk, if Omnibus passes)* |
| United States · Colorado | SB 24-205 · Colorado AI Act | Statute | 1 February 2026 |
| United States · Federal | NIST AI RMF 1.0 · EO on AI | Framework | Continuous |
| United Kingdom | White Paper 2023 · Regulator guidance | Sectoral | Rolling |
| Singapore | Model AI Governance Framework · AI Verify | Framework | Continuous |
| Japan | AI Promotion Act 2024 · METI guidelines | Framework | 2025 rolling |
| Korea | AI Basic Act 2024 | Statute | January 2026 |
| Canada | AIDA (Bill C-27, reframed 2025) | Statute pending | Expected 2026-2027 |
| Brazil | PL 2338/2023 · Marco Legal da IA | Statute pending | Under deliberation |
| China | Interim Measures for Generative AI · CAC rules | Regulation | In force |
Read the full country-by-country review on the jurisdictions page. Each entry links to the primary instrument and the most recent guidance.
* The European Commission's Digital Omnibus proposes to move the Annex III high-risk obligations from 2 August 2026 to 2 December 2027. The Council and Parliament have converged on the new dates; trilogue is scheduled for 28 April 2026. Until formally adopted and published in the Official Journal, the original dates remain legally binding. Article 5 prohibitions, Article 50 transparency obligations, and GPAI obligations under Articles 53 and 55 are not affected. Full Omnibus analysis.
Agent Liability sits inside a network of five sister publications covering the regulatory, certification, and insurance dimensions of autonomous AI agent deployment. This is the global desk. Agent Liability EU carries the European regulatory analysis.
A published framework from Future Proof Intelligence for assessing autonomous AI agent deployments. Seven dimensions. Independent. Continuously maintained.
Read the framework