New York’s Frontier AI Law Gets a California Makeover – With Some Key Differences

The United States continues to rely on state initiatives to fill the vacuum left by absent federal AI legislation. New York’s amended Responsible AI Safety and Education (RAISE) Act, signed by Governor Kathy Hochul on March 27, 2026, mirrors California’s Transparency in Frontier Artificial Intelligence Act (TFAIA) in most technical provisions, adopting the same “frontier AI framework” and model‑card style transparency reports. By redefining “frontier model” solely on a 10²⁶‑operation compute threshold and expanding the definition to include fine‑tuning and reinforcement learning, the law captures the most capable foundation models that could pose systemic risk. This convergence creates a de‑facto bi‑state standard for the nation’s two largest economies.

Despite the alignment, New York introduces several divergences that reshape compliance calculus. Monetary penalties are capped at $1 million for a first violation and $3 million for subsequent offenses—higher than California’s flat $1 million ceiling—while the state adds a mandatory ownership‑disclosure filing and associated assessment fee for large frontier developers. Incident‑reporting timelines are tightened, with a 24‑hour window for imminent‑risk events and a 72‑hour baseline for critical safety incidents, compared with California’s 15‑day default. Oversight also moves from the Division of Homeland Security to the Department of Financial Services, granting the agency broad rulemaking authority that could generate additional reporting obligations.

The RAISE Act’s timing—effective January 1, 2027—gives companies a year to adapt after a full year of experience under California’s regime. However, the White House’s push for a national AI policy and its call for congressional preemption of state laws adds uncertainty. Firms should therefore maintain dual‑state compliance programs while monitoring federal developments that could supersede or harmonize existing statutes. Practically, this means integrating catastrophe‑risk assessments, ownership disclosures, and rapid incident‑response protocols into existing governance frameworks, and preparing for possible rulemaking from the DFS Office. A coordinated approach will mitigate regulatory friction and position companies for smoother navigation of an evolving AI regulatory landscape.