Anyone who develops, deploys, or uses AI — including solo operators, freelancers, startups, and small businesses using off-the-shelf tools like ChatGPT or Copilot. If AI touches your work, your customers, or decisions about people, you have readiness and regulatory considerations worth understanding. You don’t need a big team to get started — but you do need a clear picture of what you’re using and what’s at stake.

Yes, if your AI system affects people in the EU or if the output of your AI system is used in the EU. This is similar to how GDPR applies to U.S. companies that handle EU residents' data. Many U.S. companies are subject to the EU AI Act without realizing it.

It varies by regulation. The EU AI Act can impose fines up to €35 million or 7% of global annual revenue. U.S. state laws vary — some carry civil penalties, others create private rights of action. The reputational and operational costs of enforcement actions often exceed the fines themselves.

Start with an inventory: what AI tools do you use, what data do they process, and what decisions do they influence? From there, put a basic acceptable use policy in place and identify the regulations that apply to your industry and geography. Our free AI Readiness Assessment above gives you a quick starting point.

Yes, but they can be lightweight. An acceptable use policy and a simple tool inventory puts you ahead of the curve. You don’t need a 50-page governance manual — you need clear expectations about what tools are approved, what data can go into them, and who’s responsible for reviewing AI outputs. Start simple and build from there.

Not yet. AI regulation is fragmented across jurisdictions and sectors. The NIST AI Risk Management Framework is the closest thing to a universal baseline, but it's voluntary. Most people dealing with AI end up touching multiple overlapping frameworks — which is why having a single resource that tracks all of them matters.

AIRegReady is a practical self-service starting point for AI governance documents and readiness work. It helps you understand the landscape, organize internal records, and identify better questions before engaging a consultant or law firm. Consultants and law firms remain valuable for complex situations and legal advice.

Extremely fast. New AI laws, amendments, and enforcement actions are appearing monthly. Over the past year, dozens of U.S. states passed AI-related legislation, the EU AI Act moved into active enforcement, Japan and South Korea adopted comprehensive AI laws, and the federal policy landscape shifted sharply. A December 2025 executive order set up a DOJ AI Litigation Task Force to challenge state AI laws, followed by a White House National Policy Framework in March 2026. Meanwhile, the European Commission’s Digital Omnibus proposal — backed by Parliament committees in March 2026 — would push the EU AI Act’s high-risk compliance deadline from August 2026 out to December 2027. Staying current is a real challenge — and a core reason this resource exists.