The AI Compliance Crunch Is Here. What Companies Must Act on Before June.

A confluence of AI regulatory deadlines is converging on the next eight weeks in a way that legal teams have been dreading since late 2024. Colorado's AI Act — the first comprehensive state AI law in the U.S. — takes effect in June. New state-level requirements are now live in Illinois, Texas, and California. The EU's implementation schedule for key AI Act obligations remains in flux. And legal departments that were advisory functions six months ago are now being asked to run AI governance operations directly.

Eversheds Sutherland's April 2026 global AI regulatory bulletin documents the scope of what is landing simultaneously — and the structural challenge it poses for companies operating across multiple jurisdictions with incompatible requirements.

What Is Going Live in June

Colorado's AI Act is the headline deadline. The law imposes obligations on developers and deployers of high-risk AI systems — a category that covers AI used in consequential decisions about employment, credit, housing, education access, and healthcare. Key requirements include:

• Impact assessments documenting how high-risk AI systems are developed and what bias mitigation measures are in place
• Consumer notification when an AI system is used to make a consequential decision affecting them
• Adverse action disclosures explaining AI-based decisions and providing appeal mechanisms

Colorado is calibrated toward consumer-facing AI deployments, but its definition of "consequential decision" is broad enough to capture a wide range of B2B applications where the downstream consumer impact is indirect but real.

New York's amended RAISE Act has shifted its approach. The original proposal targeted AI developers with broad liability frameworks. The amended version moves toward a transparency-and-reporting framework — companies must document and report their AI systems rather than carry strict liability for AI-caused harms. This is a significant narrowing in scope, but the reporting requirements are not trivial.

Beyond Colorado and New York, Illinois, Texas, and California each have active AI requirements that have moved from future obligation to current compliance. Illinois has expanded its AI hiring disclosure requirements. Texas has requirements for government use of AI in decision-making. California's AI transparency rules — layered on top of existing CCPA obligations — create disclosure requirements for a range of AI deployments.

The EU Wrinkle

For multinationals, the EU AI Act is the dominant long-term compliance framework — but its near-term schedule has become uncertain. According to the Eversheds Sutherland bulletin, EU institutions are reconsidering pushing key implementation obligations from the originally planned 2025-2026 timeline to 2027-2028. This is not relief — it is a delay that allows the requirements to grow more detailed and the compliance bar to rise before the formal deadline arrives.

Companies that have been running parallel U.S. state compliance and EU AI Act preparation programs are now managing an asymmetric timeline: U.S. state obligations are live or imminent; EU obligations are deferred but still coming. The risk in that asymmetry is scope creep — using the EU delay to deprioritize foundational AI governance work that will be needed regardless of which jurisdiction's requirements arrive first.

The Structural Shift in Legal Departments

The Eversheds Sutherland analysis identifies a pattern that multiple law firms and consulting firms are observing simultaneously: legal teams are increasingly being asked to operate AI governance programs rather than advise on them. This is a meaningful functional shift.

Advising means reviewing AI deployments, identifying legal risks, and recommending practices. Operating means maintaining AI inventories, running impact assessments, managing vendor relationships for AI governance tools, and owning the compliance calendar. These are fundamentally different scopes of work — different headcount, different skills, different accountability structures.

The shift is being driven by a practical reality: the CEO and board cannot run AI governance, product and engineering teams do not want to own compliance exposure, and the corporate AI governance function (where it exists) is often too new and too small to carry operational accountability. Legal ends up holding it by default.

The Fragmentation Problem Companies Are Actually Trying to Solve

The most consistent challenge legal teams report is not the complexity of any individual state's AI requirements — it is the incompatibility of requirements across jurisdictions. An AI impact assessment process designed to satisfy Colorado's requirements does not automatically satisfy Illinois's hiring disclosure requirements or California's transparency rules. Vendor contracts that address AI governance for one jurisdiction may need renegotiation to satisfy another.

Companies with AI deployments across multiple states are building compliance matrices — systematic mappings of which systems trigger which requirements in which jurisdictions — that resemble the multi-state tax compliance operations that large companies have run for decades. The difference is that tax compliance frameworks matured over fifty years. AI compliance frameworks are being built in real time while the requirements themselves are still evolving.

What to Watch

June is the Colorado deadline, but the meaningful signal to watch is how enforcement actually works once Colorado's law is live. Colorado has an enforcement mechanism, but regulators have signaled a preference for guidance over immediate penalty enforcement in the first months — a grace period that reduces immediate risk but does not eliminate it. The first enforcement actions, whenever they come, will define what "compliance" actually means in practice and will drive the next wave of corporate investment in AI governance infrastructure.

Watch also for whether New York's RAISE Act continues to narrow in scope or stabilizes — the bill has shifted significantly through its legislative history, and further amendment before final passage remains possible.

By Hector Herrera