AI Regulations – U.S. vs. EU: The Impact on Organizational Readiness for Global Companies

AI changes are moving rapidly (as expected) and conversations about regulation are abuzz. In this article I compare what’s going on in the U.S. versus the EU and what companies can do to prepare for the fast-moving changes that AI is ushering in. While the US has embraced “a multi-layered model of regulations, including federal executive orders alongside state legislations, there’s no single universal federal law regulating the creation and application of AI in all industries” (NMAAPAC, 2026).

The only standalone federal statute substantively regulating AI systems enacted to date is the “TAKE IT DOWN Act” (signed May 19, 2025), which requires platforms to establish notice-and-removal processes for non-consensual intimate imagery, including AI-generated deepfakes, by May 19, 2026.

President Trump revoked Biden's Executive Order 14110 on January 20, 2025, eliminating prior AI safety requirements and on December 11, 2025, signed a new executive order titled "Ensuring a National Policy Framework for Artificial Intelligence," which proposes to preempt state AI laws deemed inconsistent with federal policy and specifically names the Colorado AI Act (Baker Botts, 2026).

Although the administration asserts broad federal authority in order to establish a 'minimally burdensome national standard' for AI regulation, signaling its intent to use legal challenges to preempt state laws, it remains far from certain that the push will succeed (Webster, S. A, et. al., 2026).

This “patchwork” approach to AI regulation pales in comparison to that of the robust EU AI Act—entered into effect in August of 2024—and is deemed problematic, especially for companies that operate across different states (and countries) and contribute to various industries.

However, in the absence of consistent federal legislation and despite the attempts to impede progress, states have stepped in aggressively. For example, in 2025 alone, all 50 states introduced AI-related legislation and many have already enacted laws. States like Colorado, California, Texas, and Illinois lead the way with rules around AI transparency, bias and discrimination, consumer protections, and high-risk system oversight. For example, The Colorado AI Act (effective June 2026)— which specifically targets high-risk AI systems—looks a bit more similar to the European Union (EU) model, but at the state level.

The EU AI Act was enacted in August 2024 with a phased rollout leading to a critical milestone of August 2, 2026, which is when requirements for high-risk AI systems take effect. The law address “all AI stakeholders who design, develop, deploy, implement, use, or are affected by AI in the EU...[and] promote a trustworthy AI system that is lawful, ethical, and robust (both from a technical and social perspective) in order to avoid causing unintentional harm." To achieve this, the EU AI Act outlines the following seven Key Requirements:

Human Agency and Oversight: Respect for human autonomy and fundamental rights is at the heart of the seven EU ethical guidelines, which prescribe three measures to ensure this requirement is reflected in practice:

• A fundamental rights impact assessment should be undertaken prior to its development.

• The right of end users not to be subject to a decision based solely on automated processing

• There should always be human oversight with the possibility of humans to always be able to ultimately override a decision made by a system.

Technical Robustness and Safety: AI systems and software must be secure, accurate, and reliable and be robust enough to deal with errors or inconsistencies during all life-cycle phases of an AI system. They must be resilient against attacks and have a "fallback" plan in case of malfunction.

Privacy and Data Protection: All AI stakeholders must comply with the General Data Protection Regulation (GDPR) and ensure privacy and personal data are protected when building and running an AI system. Citizens should have full control over their own data, and their data should not be used to harm or discriminate against them.

Transparency: This guideline introduces a number of measures to ensure transparency in. For instance, the data sets and processes used in building AI systems should be documented and traceable and humans need to be aware that they are interacting with an AI system.

Diversity, Non-Discrimination, and Fairness: This guideline focuses on avoiding unfair bias, particularly in the design of algorithms (ex: using inadequate data sets) with relations to marginalized and vulnerable groups.

Societal and Environmental Well-being: AI systems should be used to enhance positive social change and encourage sustainability and environmental responsibility.

Accountability: Mechanisms should be put in place to ensure responsibility and accountability for AI systems and their outcomes. This includes internal and external independent audits, reporting, impact assessment, and accessible redress mechanisms. (European Parliamentary Research Service, 2019)

A critical consideration in the current moment isn’t just compliance, but equally important and something I often talk about—organizational readiness. This resonates with me because, according to a November 2025 article, only about 18% of EU companies feel fully prepared for the August 2026 deadline for high-risk AI system requirements (Allwork Space News Team, 2025).

That data point raises two important questions. Are organizations truly preparing their people for what’s ahead in terms of these requirements? What are they doing to prepare for how rapidly AI has already reshaped the global workforce? I’ve been hearing a lot of rumblings around adopting new technologies—but far less attention given to how people experience these changes—other than the usual fear-based commentary and reports of resistance to AI adoption and downright sabotage.

Providing learning is an obvious expectation for doption. However,  empathy, trust, accountability, clarity, and ongoing consistent communication, are the elements that ultimately determine whether something is truly adopted or silently resisted through subterfuge and/or subversive behaviors. This is where a thoughtful change management approach becomes essential—not as an afterthought—as a core part of the strategy from the very beginning.

Understanding the needs that organizations face and the importance that they “get this right” is what led to the creation of our program, “Human-Centered AI Adoption.” Organizations should be thoughtful and intentional with how they approach AI implementation, resisting the temptation to simply latch onto the next shiny object that AI has to offer.

Rather than jump on the band wagon because everyone else is—regardless of the importance to use AI as a valid strategy—companies ought to take the time to invest in doing a proper analysis of how best to use AI in a way that enhances or improves  business processes and which is aligned with strategic objectives and the company’s mission, vision, and values. In this sense, AI can be a cultural juggernaut, or it could be the nail in the proverbial coffin lying in the middle of the road of good intentions. It’s all in how you approach this massive technology that’s already shown its potential to completely reshape literally EVERYTHING.

Humans belong firmly in the loop of all things AI and therefore we need to help people make sense of AI, trust it, and use it confidently for the better good. This is just one reason why (in my opinion) regulatory legislation is so vitally important. Therefore, organizations that focus on both the technology and the human experience will be the ones to move forward with confidence—and see real value and a return on the investment of getting this right.