AI liability and operator duties in the United States: 2026 guide.

The federal vacuum: what exists and what does not

The United States federal government has not enacted a comprehensive AI statute. The policy instruments that exist at the federal level apply primarily to federal agencies and to a narrow class of AI developers working on the most powerful models, not to the broad population of businesses deploying AI agents in commercial contexts.

Executive Order 14110, Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence, was signed by President Biden on 30 October 2023. It directed federal agencies to develop guidance and conduct risk assessments, required developers of frontier AI models above defined compute thresholds to report safety test results to the federal government under the Defense Production Act, and established an interagency AI governance structure. It did not create enforceable obligations on private-sector AI operators outside the federal contracting context.

OMB Memorandum M-24-10, Advancing Governance, Innovation, and Risk Management for Agency Use of Artificial Intelligence (26 March 2024), set requirements for federal agency AI governance. It required agencies to designate Chief AI Officers, to publish inventories of their AI use cases, and to apply minimum risk management practices including human oversight for rights-impacting and safety-impacting AI systems. Again, the obligations bind federal agencies, not private operators.

The AI Act discussions in Congress have not produced an enacted statute as of June 2026. Multiple bills have been introduced across both chambers, including proposals modelled loosely on risk-based frameworks analogous to the EU Act, but none have advanced to enactment. The federal baseline for private-sector AI operators therefore remains the pre-existing statutory landscape: the FTC Act, sector-specific statutes, and state law.

The Colorado AI Act: the first comprehensive US state statute

Colorado's Senate Bill 24-205, the Consumer Protections for Artificial Intelligence Act, was signed by Governor Polis on 17 May 2024 and entered force on 30 June 2026 (postponed from the original 1 February 2026 date by SB 25B-004). It is the first US state statute to impose a comprehensive, risk-based set of obligations on AI developers and deployers. Operators doing business in Colorado whose AI systems meet the high-risk definition must comply.

Who the statute covers

The Act applies to developers and deployers of high-risk AI systems. A developer is a person doing business in Colorado that develops, or substantially modifies, a high-risk AI system. A deployer is a person doing business in Colorado that deploys a high-risk AI system. The doing business in Colorado standard follows the Colorado Consumer Protection Act's established interpretation and reaches out-of-state operators whose systems have effects on Colorado consumers.

A high-risk AI system under CRS section 6-1-1701 is an AI system that makes, or is a substantial factor in making, a consequential decision about a consumer. Consequential decisions are decisions that have a material legal or similarly significant effect on a consumer's access to, or the cost or terms of, services or opportunities in these domains: education enrolment and opportunity, employment or employment opportunity, a financial or lending service, an essential government service, a healthcare service, housing or a housing opportunity, an insurance underwriting or claim assessment, a legal service, a service of important public interest, or any other domain that the Colorado Attorney General designates by rule.

Small businesses are not fully exempt. A deployer that employs fewer than 50 full-time equivalents receives a limited accommodation regarding impact assessments: it may rely on the developer's impact assessment rather than conducting its own. The core duty of care, the consumer notice obligation, and the incident reporting requirement apply regardless of size.

Core obligations for deployers

The Act imposes four primary obligations on deployers. First, the duty of care: deployers must use reasonable care to protect consumers from known or reasonably foreseeable risks of algorithmic discrimination. Algorithmic discrimination means any condition in which the use of an AI system results in an unlawful differential treatment or impact that disfavours an individual or group of individuals on the basis of a protected class characteristic under Colorado law, including race, color, national origin, sex, disability, age, religion, or sexual orientation.

Second, the risk management programme: deployers must implement and maintain a risk management programme for each high-risk AI system. CRS section 6-1-1703(2)(b) specifies that adopting a risk management framework that substantially implements the NIST AI Risk Management Framework 1.0, ISO/IEC 42001, or another nationally or internationally recognised framework creates a rebuttable presumption that the deployer used reasonable care. This is a material safe harbour provision: operators who can demonstrate documented framework alignment have a defence to algorithmic discrimination claims.

Third, the impact assessment: deployers must complete an impact assessment for each high-risk AI system before deployment and at least annually thereafter. The impact assessment must include a description of the AI system and its intended purpose, the categories of personal data processed, the reasonably foreseeable risks of algorithmic discrimination, and the mitigations in place. Impact assessments must be retained for at least three years.

Fourth, consumer notice and correction: before or at the time of a consequential decision, deployers must provide the affected consumer with a notice disclosing that a high-risk AI system was used, a description of the type of AI system, the categories of data it processed, and instructions for requesting a human review of the decision or correcting inaccurate personal data that the system relied on. A consumer must be able to exercise the correction right without unreasonable burden.

Incident reporting: if a deployer discovers that its high-risk AI system has caused algorithmic discrimination, it must report that fact to the Colorado Attorney General within ninety days. Enforcement of the Act is through the Attorney General under the Colorado Consumer Protection Act; there is no private right of action under the statute itself, though common law claims remain available.

Enforcement and penalties

The Colorado Attorney General enforces the AI Act through the same mechanisms as the Colorado Consumer Protection Act. Violations constitute unfair or deceptive trade practices. Civil penalties of up to USD 20,000 per violation are available. The Attorney General may also seek injunctive relief and may require corrective action. The statute does not create a private right of action, though it does not displace common law claims in tort or under other consumer protection statutes.

Federal sector regulators: the primary operative layer

For most US operators, the binding AI governance obligations they encounter in practice come from sector regulators rather than from a horizontal AI statute. The sector framework is comprehensive in regulated industries and largely absent in unregulated ones.

Financial services: OCC, Federal Reserve, and CFPB

Banks and other federally regulated financial institutions are subject to model risk management guidance issued jointly by the Office of the Comptroller of the Currency (OCC Bulletin 2011-12) and the Federal Reserve (Supervisory Letter SR 11-7). While issued before the current generation of AI systems, both agencies have confirmed through examination guidance and supervisory letters that the model risk management framework applies to AI models used in credit decisions, fraud detection, anti-money laundering screening, and market risk. The framework requires model validation, ongoing monitoring, documentation of model logic and assumptions, and senior management accountability for model risk. Banks failing to maintain adequate model governance face supervisory action including Matters Requiring Attention and formal enforcement orders.

The Consumer Financial Protection Bureau enforces the Equal Credit Opportunity Act and the Fair Credit Reporting Act. Under ECOA, lenders must provide adverse action notices stating the specific reasons for an adverse credit decision. The CFPB has confirmed in examination guidance and a 2022 circular that when an AI model makes or informs a credit decision, the lender must be able to identify and disclose the specific model factors that drove the adverse outcome. A lender that cannot explain why its AI model denied a consumer's application faces ECOA exposure. The CFPB has also confirmed in a 2023 circular that the Fair Credit Reporting Act's accuracy and dispute obligations apply when consumer report information is used in AI-driven decisions.

Employment: EEOC and ADA

The Equal Employment Opportunity Commission issued technical assistance guidance on AI and algorithmic hiring tools in May 2022, confirming that Title VII of the Civil Rights Act and the Americans with Disabilities Act apply to AI-assisted hiring, promotion, and performance management decisions. An employer that uses an AI screening tool that produces a statistically significant disparate impact on a protected class faces Title VII disparate impact liability regardless of whether the tool was designed to discriminate. The ADA obligation to provide reasonable accommodation applies to AI tools that screen out individuals with disabilities: an employer cannot avoid accommodation obligations by pointing to an AI system's output.

The EEOC has not published a comprehensive AI liability regulation as of June 2026, but its technical assistance and enforcement actions confirm that the statutory framework fully applies. Operators using AI tools in HR decisions must conduct pre-deployment disparate impact analysis, document the business necessity of any practice with identified disparate impact, and maintain records sufficient to respond to an EEOC investigation.

Healthcare: FDA and AI/ML software

The Food and Drug Administration regulates AI-based software as a medical device under 21 U.S.C. 321(h) when the software is intended to diagnose, cure, mitigate, treat, or prevent a disease or condition, or when it significantly affects the structure or function of the body. The FDA's 2021 AI/ML-Based Software as a Medical Device Action Plan established a lifecycle approach to AI regulation, requiring pre-market authorisation or clearance for Class II and Class III devices (510(k) or PMA pathway), post-market performance monitoring, real world performance reporting, and the proposed Predetermined Change Control Plan framework that allows approved modification pathways without full re-authorisation.

An operator that deploys an AI system for clinical decision support that crosses the SaMD boundary, including AI diagnostic tools, AI-assisted image interpretation, and AI-driven treatment recommendation systems, is subject to FDA regulation as a medical device manufacturer or distributor. Unauthorised commercial distribution of an uncleared or unapproved AI medical device is a prohibited act under 21 U.S.C. 331.

FTC Act Section 5: the horizontal backstop

Section 5 of the Federal Trade Commission Act prohibits unfair or deceptive acts or practices in or affecting commerce. The Federal Trade Commission has confirmed through enforcement actions, policy statements, and guidance that Section 5 applies to AI-generated outputs deployed in commercial contexts.

Deception under Section 5 covers any representation, omission, or practice that is likely to mislead consumers acting reasonably under the circumstances, in a way that is material to the consumer. An AI agent that makes false or misleading factual statements to consumers, fails to disclose material information such as its non-human identity when that fact is material, or generates outputs that could reasonably be understood as factual representations when they are not, creates Section 5 exposure for the operator that deploys it.

Unfairness under Section 5 covers acts or practices that cause or are likely to cause substantial injury to consumers that is not reasonably avoidable and not outweighed by countervailing benefits to consumers or competition. Biased automated decisions that systematically disadvantage a class of consumers, AI systems that facilitate fraud at scale, and outputs that cause irreversible financial harm through erroneous recommendations have each been addressed by the FTC in the generative AI context in its 2023 AI and consumer protection report.

The FTC does not require pre-deployment registration. Its enforcement model is post-harm and conduct-based. Consent decrees and civil penalty actions by the FTC in adjacent technology-deception cases provide guidance on the expected standard: operators must have a reasonable basis for any factual claim their AI system makes, must disclose AI identity when material, and must have in place reasonable procedures to detect and correct AI outputs that are false or misleading.

The EU AI Act and US operators: extraterritorial reach

US operators with European market exposure face EU AI Act obligations that are independent of US federal and state law. Article 2(1)(c) of Regulation (EU) 2024/1689 brings within scope providers established outside the EU where the output of their AI system is used in the EU, and deployers established outside the EU where the affected persons are located in the EU.

The practical effect: a US company whose AI agent is accessible to EU users, whose AI system outputs decisions about EU residents, or which is deployed in the supply chain of an EU-based business, is within the EU AI Act's scope for the EU-facing portion of its operation. The applicable obligations are those of a deployer under Article 26 of the Regulation for high-risk systems, and the transparency obligations of Article 50 for AI systems that interact with natural persons, in force from 2 August 2026 and not deferred by the Digital Omnibus.

The Digital Omnibus on AI, which reached provisional political agreement on 7 May 2026, proposes to move the high-risk Annex III compliance deadline from 2 August 2026 to 2 December 2027. This proposal is not yet formally adopted or published in the Official Journal: the original 2 August 2026 date remains the legally binding deadline. US operators assessing their EU exposure must plan against the original date while monitoring the formal adoption process.

For a full analysis of EU AI Act deployer duties see the Article 26 deployer obligations guide on agentliability.eu. For the EU transparency obligations applicable from 2 August 2026 see the Article 50 guide.

The state patchwork: beyond Colorado

Colorado is the most comprehensive example, but it is not alone. The US state AI regulation landscape in 2026 is an emerging patchwork of narrower targeted statutes, with meaningful implications for operators doing business nationally.

Illinois enacted the Artificial Intelligence Video Interview Act (P.A. 101-0260) in 2020, requiring employers using AI to analyse video interviews to disclose AI use to candidates before the interview, obtain consent, provide candidates with a summary of the AI features assessed, and destroy video and analysis data within thirty days of request. The Act applies to any employer that solicits applications from Illinois residents, regardless of where the employer is incorporated.

Texas enacted the Responsible AI Governance Act (H.B. 149) in 2025. The Act applies to companies with at least USD 25 million in annual revenue that develop or deploy AI systems in Texas. Covered entities must implement a risk management programme, conduct bias testing, provide transparency disclosures, and establish a formal AI governance officer role. The Texas framework is notably narrower than Colorado's in some respects, particularly its revenue threshold, but is broader in others, including its coverage of AI systems outside the specific consequential-decision categories in the Colorado statute.

California's SB 1047 (signed 2024) applies to developers of the largest foundation models and imposes safety evaluation, incident reporting, and kill-switch obligations on developers, not deployers. California has also enacted AB 2013 requiring training data transparency for generative AI systems offered in California, and AB 2885 establishing statutory definitions of AI relevant to future California legislation. A dense set of additional California AI bills progressed through the 2025-2026 legislative session.

Virginia, Connecticut, Indiana, and a number of other states have advanced or enacted AI governance bills covering automated decision-making in employment, consumer finance, and healthcare, with varying scope, thresholds, and definitions. Operators doing business nationally must maintain a monitoring process for state AI legislation that could affect their operations in each state where they have substantial customer bases.

Common law liability: what case law already confirms

US courts have not applied any AI-specific statute to a claim for AI agent error as of June 2026. They have, however, applied existing common law and professional liability frameworks to AI-related conduct in ways that define the operative standard of care for operators.

In Mata v. Avianca, Inc. (S.D.N.Y. 2023), a federal district court imposed Rule 11 sanctions on attorneys who submitted court filings citing cases fabricated by an AI system. The court found that the duty to verify the accuracy of factual representations before filing on behalf of a client applied with full force to AI-generated content. The attorney's reliance on an AI system's output without independent verification was not a mitigating factor; it was the conduct sanctioned. The implications for operators who deploy AI systems in legal or advisory contexts are direct: professional obligations of care are not suspended by the presence of an AI intermediary.

In Moffatt v. Air Canada (BC Civil Resolution Tribunal, 2024), the tribunal held Air Canada liable for its customer service chatbot's materially incorrect representation about the airline's bereavement fare policy. Air Canada argued that the chatbot was a separate entity and that the airline was not bound by its statements. The tribunal rejected this argument: a business operating an AI agent is responsible for the statements that agent makes to consumers, on the same basis as it is responsible for statements made by human employees. The case is a Canadian decision, but its negligent misrepresentation reasoning is directly applicable under analogous US state law frameworks, and it has been cited in US academic and practitioner analysis as the controlling analogy for AI chatbot liability.

The negligence frame that emerges from these and analogous cases is consistent: an operator that deploys an AI agent in a context where its outputs could cause foreseeable harm to a consumer, a contracting party, or a professional obligation owes a duty of care. Failure to implement reasonable verification, oversight, or correction mechanisms is a breach of that duty. Damages recoverable include economic loss, the cost of corrective action, and in appropriate cases professional discipline or sanctions.

AI insurance for US operators

The United States is the most developed market for AI-specific liability insurance. Unlike the EU, where purpose-built AI agent insurance is nascent, US operators can access both standard policy adaptations and standalone AI products.

Technology errors and omissions policies are the baseline coverage vehicle for most technology companies deploying AI systems. Standard technology E and O policies cover claims arising from errors, omissions, or failures in technology services, which can include AI agent errors depending on policy wording. Operators must review whether their policy's definition of technology services covers AI-generated outputs and whether any AI exclusion endorsements have been added. ISO CG 40 47 endorsements on commercial general liability policies can expressly exclude AI-triggered losses from standard CGL coverage: the exclusion is material and is being added to renewals.

HSB (Hartford Steam Boiler, Munich Re group) launched standalone AI liability coverage for small and medium US businesses in March 2026 [VERIFY current product scope]. The product is the first standalone SMB AI liability policy in the US market and is designed to cover claims arising from AI model errors, biased outputs, and AI-facilitated data loss. Limits and exclusions should be verified with the carrier directly as product terms evolve.

Armilla operates as a Lloyd's coverholder and offers AI liability and performance cover in the US market, with reported available limits up to approximately USD 25 million [VERIFY current limit and coverage conditions]. Armilla's underwriting model incorporates an AI governance evaluation: operators seeking coverage must demonstrate risk management practices that Armilla's assessment team can evaluate against the NIST AI RMF or ISO/IEC 42001.

Munich Re's aiSure product offers parametric AI insurance that settles on measurable AI system performance data rather than requiring a fault finding. This structure is particularly relevant for operators in sectors where quantifying AI output accuracy is feasible, such as financial services AI systems with measurable prediction accuracy requirements.

The ElevenLabs AIUC-1 policy, announced in February 2026 in partnership with an insurer linked to Munich Re, represents the leading edge of AI agent-specific insurance structured around the AIUC-1 certification standard. The AIUC-1 framework assesses agents across data and privacy, safety, security, reliability, accountability, and societal impact dimensions through adversarial simulation. US operators deploying voice or text AI agents may find this product line relevant as the market matures. For an analysis of the European market for AI insurance see agentinsured.eu.

The contrast with the EU deployer model

The structural difference between US and EU AI governance is the deployment framework it creates for operators. The EU AI Act's Article 26 is a single statutory provision that applies to all deployers of high-risk AI systems across all sectors, regardless of whether a sector-specific regulation also applies. It creates a unified compliance obligation: document the system, implement human oversight, conduct a fundamental rights impact assessment in certain public contexts, report serious incidents to the national supervisory authority, register the system in the EU database where required, and cooperate with market surveillance. National competent authorities can impose penalties up to EUR 15 million or 3 percent of global annual turnover for deployer violations.

No equivalent unified instrument exists in the United States. A US financial services company deploying an AI credit-scoring system must comply with the OCC's model risk management expectations (a supervisory examination standard), the CFPB's ECOA adverse action notice requirements (a statutory obligation), the Colorado AI Act if it serves Colorado consumers (a state statute), and FTC Act Section 5 (a federal enforcement standard). These four frameworks overlap in coverage but differ in their procedural requirements, documentation expectations, and penalty mechanisms. A single compliance document does not satisfy all four. The transaction cost of US AI compliance is therefore higher in structural complexity, even if the formal penalty ceiling for any single framework is lower than under the EU Act.

For global operators operating in both the US and EU markets, the EU AI Act's requirements are generally the more demanding procedural baseline. An operator that has built a compliance programme to meet EU AI Act Article 26 will typically exceed the specific documentation and oversight requirements of Colorado SB 24-205 and will have established the audit trail and impact assessment processes required for OCC model risk management. The reverse is not true: a US compliance programme designed only for the domestic market will not satisfy the EU Act's requirements.

What operators should do now

The practical compliance priorities for a business deploying AI agents in the United States in 2026 are the following.

First, determine whether your AI system is a high-risk AI system under the Colorado AI Act. If it makes or substantially contributes to consequential decisions for Colorado consumers in any of the ten covered domains, the obligations under CRS section 6-1-1703 apply from 30 June 2026 (postponed from the original 1 February 2026 date by SB 25B-004). Conduct an impact assessment, document your risk management programme against NIST AI RMF 1.0 or ISO/IEC 42001, and implement the required consumer notice and correction mechanism. If you have not done so, assess whether the Colorado Attorney General's ninety-day algorithmic discrimination incident reporting obligation has been triggered.

Second, identify your federal sector regulator and its AI governance expectations. For banks and credit unions: confirm model validation and documentation consistent with OCC Bulletin 2011-12 and SR 11-7. For consumer lenders: confirm adverse action notice capability under ECOA, including the ability to explain AI-driven adverse decisions in specific factor terms. For employers using AI hiring tools: conduct a disparate impact analysis and document business necessity. For healthcare AI: confirm FDA SaMD classification and obtain any required clearance or authorisation before commercial deployment.

Third, review your current insurance policies for AI-related exclusions and assess whether standalone AI liability coverage is appropriate. Review your technology E and O, cyber, and CGL policies. If any ISO CG 40 47 or equivalent AI exclusion endorsements have been added at renewal, model the uncovered exposure and assess supplemental products from HSB, Armilla, or Munich Re aiSure as applicable to your sector and scale.

Fourth, monitor the state legislative pipeline. Colorado is not the last state to enact a comprehensive AI statute. Texas's Responsible AI Governance Act is in force. California's cluster of AI bills will produce additional obligations for California-facing operations. If you operate nationally, assign a tracking responsibility for state AI legislation and integrate it into your existing legal compliance calendar.

Fifth, if you have any EU market exposure, assess your EU AI Act obligations independently of your US compliance programme. Article 50 transparency obligations apply to any AI system that interacts with EU natural persons from 2 August 2026. High-risk system obligations under Article 26 apply from the same date under the current legally binding deadline (the proposed deferral to 2 December 2027 is not yet adopted). Treat the EU programme as a parallel workstream, not a derivative of your US compliance posture.

Frequently asked questions