The Digital Services Act (DSA) sets out a comprehensive accountability and transparency regime for digital services and platforms operating in the European Union (EU), including very large online platforms (VLOPs) and search engines (VLOSEs) with over 45 million monthly active users. A key provision of the DSA is independent auditing, which mandates VLOPs and VLOSEs to commission external auditors to test and validate their compliance efforts annually. The European Commission released a Delegated Regulation in May 2023 to provide procedural guidance on conducting these audits, which include risk assessments, opt-outs from personalized recommendations, algorithm transparency, data access for researchers, and audit reports. Holistic AI provides services to conduct these independent audits.

New York City Mayor Eric Adams and Chief Technology Officer Matthew Fraser have released an AI Action Plan for responsible AI in city government, which defines AI as an umbrella term for a range of technologies that make predictions, inferences, recommendations, rankings, or other decisions with data. The plan sets out seven key initiatives, including designing a governance framework, educating and empowering the public, and supporting AI implementation within city agencies while ensuring due diligence in procurement. The publication of the plan follows previous efforts in the city to manage the risks of AI, such as developing a framework for identifying algorithmic tools and enforcing independent bias audits of automated employment decision tools.

Colorado has passed a law prohibiting unfair discrimination in insurance practices, targeting external customer information sources, algorithms, and predictive models. The law prohibits discrimination based on race, color, national or ethnic origin, religion, sex, sexual orientation, disability, gender identity, or gender expression. The Colorado Commissioner of Insurance is tasked with developing specific requirements for different types of insurance and insurance practices. Life insurers must carry out quantitative testing using cumulative data collected up until 31 December of the previous year and all years prior to determine whether there is a statistically different disapproval rate or difference in premium rate per $1000 face value amount of policies for Hispanic, Black, and Asian Pacific Islanders compared to White insureds. Noncompliance with the regulation can result in sanctions.

The EU AI Act is expected to pass European legislative procedures by the end of 2023, with a grace period of two to three years before it comes into force. The Act is focused on consumer protection rather than product safety legislation and relies heavily on standards and implementing acts. While there have been agreements made on some provisions of the Act, controversial elements such as definitions remain uncertain. The EU and the US have adopted different approaches to AI regulation, and the world's first comprehensive AI regulation is still being discussed. The uncertainty surrounding the Act has created industry interest in risk assessment, compliance tools, and protective measures.

Policymakers around the world are looking to regulate the use of AI in critical applications such as healthcare to address the potential risks and implications for patient care and wellbeing. The EU AI Act establishes a risk-based approach, categorizing systems based on their level of risk, and outlining specific obligations to be met. In the US, there are horizontal pieces of legislation, such as the Algorithmic Accountability Act and DC's Stop Discrimination by Algorithms Act, which address issues such as bias and discrimination. However, experts argue that given the unique risks and needs in healthcare, specific regulation for AI in healthcare is necessary to prevent harm while allowing appropriate considerations for patient demographics.