AI Compliance

Colorado SB26-189: Why the AI Law Got Narrower but Evidence Duties Remain

Colorado SB26-189 replaces the state’s original high-risk AI framework with ADMT rules focused on consequential decisions, documentation, notice, records, and review.

💡

TL;DR:
Colorado SB26-189 narrows the state’s original AI law, but it does not end AI compliance work. The new ADMT framework shifts attention toward documentation, notice, records, human review, and reconsideration.

What you need to know

The change: Colorado replaced its 2024 high-risk AI framework with new requirements for automated decision-making technology used in consequential decisions. (Colorado General Assembly)
Who is affected: Developers and deployers of covered ADMT used to materially influence decisions involving education, employment, housing, financial or lending services, insurance, health-care services, and essential government services and public benefits. (Colorado General Assembly)
Why it matters: The law no longer carries the same broad governance architecture as SB24-205, but it still requires documentation, notice, records, explanation, correction, human review, and reconsideration workflows. (Colorado General Assembly)
What to do first: Separate enterprise-wide AI governance requirements from decision-event evidence requirements.
Key date or trigger: The core ADMT obligations described in SB26-189 begin January 1, 2027. (Colorado General Assembly)

The signal is public. The implications are not.

Members receive deeper analysis and early warnings inside the PolicyEdge AI Intelligence Terminal.

Upgrade to Founding Member

AI asset defensibility visual with routed signal lines, layered grids, and controlled access paths

AI Asset Defensibility: CrowdStrike’s Technology Threat Signal

CrowdStrike says China-nexus adversaries targeted technology more than any other sector, but the deeper signal is evidence: can organizations prove how sensitive assets are controlled?

EEO reporting visual with signal paths, grid panels, and evidence layers in a secure compliance review space

EEO Reporting Is Under Review: What Employers Should Watch

The EEOC’s EEO reporting proposal is under OIRA review, but current obligations have not changed. Here’s what employers should monitor now.

Siri AI EU delay visualized as paused data flows between structured regulatory zones

Siri AI EU Delay: What Apple’s DMA Dispute Means for AI Product Launches

Apple’s Siri AI delay in the EU turns a product rollout into a compliance-design dispute over DMA obligations, user data, app control, and platform access.

AI evaluation gap visual with test signals staying aligned while deployment paths split across a dark grid

AI Evaluation Gap: Why AI Controls Need Deployment Evidence

The International AI Safety Report’s evaluation-gap findings raise a business-crime assurance question: whether test performance is enough evidence for real-world control confidence.