Home » AI is Not Only Transforming Industries, But Also Pushing Regulatory Boundaries

AI is Not Only Transforming Industries, But Also Pushing Regulatory Boundaries

by delta
Artificial Intelligence Ai Technology

As artificial intelligence (AI) continues to reshape industries, the U.S. Securities and Exchange Commission (SEC) is poised to regulate the future of business in unprecedented ways.

In 2024, the SEC entered a new era of oversight that reflects how AI is not only transforming industries, but also pushing regulatory boundaries. With a handful of AI-related cases already in the books and clear warnings from top officials, the SEC has signaled that AI will be a key area of enforcement going forward.

From startup pitches to corporate shareholder meetings, the regulatory implications of AI are expanding fast.

The SEC’s AI Evolution: March 2024 and Beyond

March 2024 marked the beginning of a significant shift for the SEC as it started to focus on the enforcement challenges posed by AI. The agency has initiated several enforcement cases centered on AI. However, the big question remains whether this is just the start of selective enforcement or the beginning of a broader regulatory push.

Gary Gensler, the SEC Chairman, has been vocal about AI risks. Similarly, Gurbir Grewal, the agency’s former head of enforcement, had warned of an impending storm: “While perhaps not yet a perfect storm, there’s certainly one brewing around AI. And it is incumbent on each of us to make sure it does not come to pass and that investors are not harmed by noncompliance with securities laws when it comes to this new technology.”

The SEC’s Examination Division has already listed AI as one of its top priorities for 2025, setting the stage for increased scrutiny. As AI becomes more entrenched in business operations, the question isn’t whether AI will disrupt regulation—it already has. The real challenge lies in determining how regulators will keep up.


Learn more about Future Jobs & Manager Programs: DELTA Data Protection & Compliance Academy


AI in Business: Public Disclosure and SEC Filings

Public companies that either offer AI products or use AI within their operations are already on notice. The SEC is expected to demand detailed disclosures on how companies are incorporating AI into their businesses. These disclosures could be required in annual reports, risk factors, or management discussions and analysis (MD&A) sections of filings.

Companies should prepare to address questions such as:

  • How is AI being utilized in their operations?
  • What risks does AI pose to investors?
  • How will companies navigate the potential pitfalls of AI, including failures or ethical concerns?
  • Will AI regulations (whether from the U.S. or international bodies) impact their business models?

This need for transparency has already led to AI-themed shareholder proposals in some of the largest companies in the U.S. In 2024, shareholders at Disney, Apple, and Paramount pushed for reports on AI’s ethical use and board oversight. The SEC has made it clear that these proposals cannot be excluded from shareholder votes, underscoring the importance of AI governance in corporate America.

Public companies offering AI products and services or that use AI in their business operations, should prepare to make public disclosures about AI in their SEC filings. Disclosures could be made in annual and other periodic reports, including in the business description, risk factors, or the management’s discussion and analysis (MD&A). The following discussion suggests topics to consider:

  • Existing laws: Even without formal AI regulations in place, the SEC has demonstrated its willingness to apply existing laws to AI-related cases. One early SEC case involved what enforcement officials dubbed “an old-school fraud using new-school buzzwords.” This case highlighted that even without specific AI legislation, companies touting AI in their business models could face significant scrutiny if their claims don’t align with reality. Do not discount the SEC’s or other federal agencies’ ability to invoke existing authorities in the AI space. In one early Grewal said the case was about “an old school fraud using new school buzzwords.”
  • Venture funding: Companies seeking funding for business ventures should be cautious about their sales pitches during early funding rounds. In a parallel criminal case to an SEC AI action, the U.S. Attorney for the Southern District of New York noted his office’s plans to focus on startup funding rounds. 
  • SEC examination priorities: The SEC Examination Division’s 2024 priorities include AI among the several risks it is monitoring. “The Division remains focused on certain services, including automated investment tools, artificial intelligence, and trading algorithms or platforms, and the risks associated with the use of emerging technologies and alternative sources of data,” according to its, which also recalled that the division created specialized teams within its examination programs to address emerging risk, including AI.
  • Investor alerts: Regulators are urging investors to verify facts before making investment decisions and to be wary of firms using AI as a marketing tool without concrete results to back it up. A January 2024 joint investor alert issued by the SEC’s Office of Investor Education and Advocacy, the North American Securities Administrators Association (NASAA), and the Financial Industry Regulatory Authority (FINRA) urged investors to, among other things, beware of registered and unregistered firms making claims about using proprietary AI to boost investment returns and to conduct due diligence by verifying facts and contact information in SEC filings. Two other alerts also emphasized IPO pitches on emerging technologies and AI and scams using “AI-related buzzwords” that promise outsized returns or claim that bots can find good investments. AI-related scams, often involving buzzwords like “machine learning” or “predictive analytics,” have become a common tactic for fraudsters. These scams promise exaggerated returns or claim that AI bots can make better investment decisions than humans. 
  • Broker-dealers: FINRA has issued guidance on the use of generative AI (genAI) by broker-dealers. Regulatory Notice 24-09, for example, reiterated that FINRA’s rulebook is technology-neutral, that SEC regulations for broker-dealers continue to apply to AI and that FINRA rules apply to AI developed in-house by broker-dealers and to AI that is provided to broker-dealers by third-parties. The guidance also reminds broker-dealers of their obligations under FINRA Rule 3110 (supervisory duties) and FINRA Rule 2210 (communications).
  • SEC filings: Companies should decide what must be disclosed about AI in their SEC filings. Many companies using AI will talk about AI in the business, risk factors and MD&A portions of their Forms 10-K. Typical business section disclosures may indicate a company’s status as a technology pioneer, the existence of strategic partnerships or discuss competitors. Risk factors can vary widely but often mention that AI products or services may fail or may fail to gain consumer acceptance. Some companies note that foreign, state and local AI regulations may increase enforcement action risks. Companies that train AI models may disclose lawsuits against them for copyright infringement. Filings also may include forward-looking statements that mention AI. Forms 8-K may disclose AI-themed mergers or detail votes on shareholders’ AI proposals.
  • Shareholder proposals: Shareholders are asking companies to take actions regarding AI at annual shareholder meetings. During the most recently completed proxy season, SEC staff told Disney, Apple and Paramount that the staff could not concur in the companies’ requests to exclude proposals seeking transparency reports on the companies’ use of AI (and in some instances, also seeking information about board oversight of AI and the companies’ ethical guidelines for using AI). In the staffs’ view, under Exchange Act Rule 14a-8(i)(7), “the Proposal[s] transcend … ordinary business matters and do … not seek to micromanage the Company.”
  • Biden Administration and Congress: At the federal level, AI regulation is rapidly evolving. In 2023, the Biden Administration issued an executive order aimed at guiding the safe use of AI across industries, but most independent agencies were merely encouraged to use existing powers to do the same. The Treasury Department issued a request for information seeking public comment on AI issues affecting financial institutions regarding explainability and bias, illicit finance, data privacy and data protection and risk management.

Learn more about Future Jobs & Manager Programs: DELTA Data Protection & Compliance Academy


  • NIST guidance: The National Institute of Standards and Technology (NIST) has published an AI governance framework that is a starting point for U.S. companies seeking to adopt policies and procedures to guide their use of AI. In June 2024, partly in response to the Biden Administration’s issuance of an executive order, NIST issued additional AI guidance.
  • State AI laws: Several states have enacted AI laws and companies may need to disclose the impact of these laws in their SEC filings. Most state and local AI laws focus on discrete topics, such as automated employment decision tools, but states have sought to enact broad-based AI laws. Colorado’s Consumer Protections In Interactions With Artificial Intelligence legislation, for example, has similarities to the EU AI Act, especially its focus on regulating the highest risk AI systems. California’s Safe and Secure Innovation for Frontier Artificial Intelligence Models Act, would have applied to the largest and riskiest AI systems, though that measure was vetoed by Gov. Gavin Newsom.
  • EU AI Act: The regulatory environment is not just a U.S. phenomenon. The European Union in June 2024 adopted the EU AI Act. The act applies to providers located in the EU and to those outside the EU who place AI systems on the EU market, providers whose AI system outputs are used in the EU, or whose AI products affect persons located in the EU. U.S.-based companies, especially those with business in or affecting the EU, may need to disclose in their SEC filings how they are impacted by the EU AI Act. At the PLI SEC Speaks event in Washington, D.C. in April 2024, an SEC official who spoke during the Division of Corporation Finance Workshop observed that some companies had already begun to make disclosures about the impact of the then-forthcoming EU AI Act but that future disclosures about the EU AI Act should be more specific.

AI and the SEC

The SEC appears to be in the early stages of ramping up its enforcement of AI-related activities across public companies and investment funds. While formal U.S. AI regulations may be lagging compared to international counterparts, that does not mean enforcement is taking a backseat. Companies using AI in any capacity need to be well-versed in SEC staff positions on AI issues, be proactive about what to disclose in their SEC filings, and remain alert to the evolving AI regulatory landscape in states, other countries, and at the federal level.

Companies that embrace transparency and regulatory compliance will be better positioned to succeed. As the SEC prepares to tackle AI’s complexities, businesses and investors alike will need to adapt to this new era of oversight, where AI is not just a technology; it is a regulatory frontier that could define the next decade of business.


DELTA Data Protection & Compliance, Inc. Academy & Consulting – The DELTA NEWS – Visit: delta-compliance.com

You may also like

Delta-Compliance.com is a premier news website that provides in-depth coverage of the latest developments in finance, startups, compliance, business, science, and job markets.

Editors' Picks

Latest Posts

This Website is operated by the Company DELTA Data Protection & Compliance, Inc., located in Lewes, DE 19958, Delaware, USA.
All feedback, comments, notices of copyright infringement claims or requests for technical support, and other communications relating to this website should be directed to: info@delta-compliance.com. The imprint also applies to the social media profiles of DELTA Data Protection & Compliance.

Copyright ©️ 2023  Delta Compliance. All Rights Reserved