Ley de IA de Colorado

Why Colorado AI Act is the test case for the US AI federal–state tension The most common framing of the Colorado AI Act describes it as the first comprehensive state AI law in the United States, modeled on the EU…

Resumen ejecutivo

Why Colorado AI Act is the test case for the US AI federal–state tension

The most common framing of the Colorado AI Act describes it as the first comprehensive state AI law in the United States, modeled on the EU AI Act, focused on algorithmic discrimination prevention. The framing is correct and structurally incomplete. The Colorado AI Act has become the test case for whether US states can build EU-style comprehensive AI regulation that survives the political, legal, and federal preemption pressure that emerged after the January 2025 transition in federal AI policy.

The dominant narrative reads the law as a state-level analog to the EU AI Act — risk-based, prescriptive, focused on developers and deployers of high-risk AI systems, with detailed governance obligations. The reading is accurate as far as the statutory text goes. What it misses is that the law has not actually entered into force in operational terms, and may never enter into force in its current shape. Three concurrent processes are reshaping the framework: a five-month statutory delay (SB 25B-004, signed 28 August 2025), a draft replacement framework from the Governor’s working group (the KILO draft, March 2026), and a federal court stay of enforcement (granted 27 April 2026). The statute as enacted is operationally suspended; the statute as it will eventually apply remains under construction.

What the Colorado AI Act actually is, then, is the canary in the coal mine for state-level comprehensive AI regulation in the United States. It tested whether a US state could pass an EU AI Act-style framework. The answer was yes — the law was enacted in May 2024 with bipartisan support, after extensive negotiation, with affirmative defenses for organizations adopting recognized risk management frameworks. It is now testing whether such a framework can survive the political and legal headwinds that comprehensive state AI regulation faces in the post-January 2025 federal environment. The answer is not yet determined.

The political tension is real and structurally specific. The federal Trump EO 14281 (Restoring Equality of Opportunity and Meritocracy, early 2025) directs federal agencies to deemphasize disparate-impact enforcement of civil rights laws. The Colorado AI Act is built around preventing algorithmic discrimination, defined to include disparate impact. The two measures are not directly contradictory — Colorado law continues to bind regardless of federal enforcement priorities — but they create a coherent federal posture that disfavors the law’s underlying theory. The December 2025 Trump EO establishing the AI Litigation Task Force was designed in part to create the litigation infrastructure to challenge laws like the Colorado AI Act. The April 2026 federal court stay is the first fruit of that environment, even if the stay itself was granted on joint motion of the parties rather than on federal preemption grounds.

For organizations operating in Colorado or affecting Colorado consumers, the operational reality is that the Colorado AI Act remains the legal reference for AI governance in the state, but its concrete obligations may be substantially different by the time enforcement actually begins. Compliance work continues during the stay because:

  • The substantive obligations of SB 24-205 are unchanged unless and until KILO or another replacement is enacted
  • The 30 June 2026 effective date stands unless further delayed
  • Building toward the affirmative defense (alignment with NIST AI RMF or ISO/IEC 42001) preserves option value across all three possible outcomes (take effect as-is, amended/replaced, enjoined)
  • The Colorado Attorney General has exclusive enforcement authority, but the Colorado Consumer Protection Act framework persists regardless of SB 24-205 specifics

The rest of this reference treats the law as enacted, with the operational and political context that shapes how it will actually apply.

Subjective and material scope

Who it addresses. The law distinguishes between two categories of regulated entities, with different obligations applying to each.

Developers are persons doing business in Colorado that develop or intentionally and substantially modify an AI system that is or becomes a high-risk AI system. Developers are responsible for the technical documentation that follows the system into deployment.

Deployers are persons doing business in Colorado that use a high-risk AI system to make a consequential decision affecting Colorado consumers. Deployers carry the risk management, impact assessment, and consumer notification obligations.

Organizations may be both developer and deployer for different AI systems — for AI they build internally and deploy themselves, both sets of obligations apply.

Material scope. The law covers high-risk AI systems used to make or substantially influence consequential decisions affecting Colorado consumers. The two definitions interact:

  • A consequential decision affects access to or terms of: employment or employment opportunity, education or educational opportunity, financial or lending services, essential government services, healthcare services, housing, insurance, or legal services.
  • A high-risk AI system is an AI system that, when deployed, makes or is a substantial factor in making a consequential decision.

The combination produces a population of regulated AI systems that overlaps substantially but not identically with the EU AI Act’s high-risk category and with NYC LL144’s automated employment decision tools. Colorado is broader than NYC LL144 (which covers employment only) and narrower than the EU AI Act (which covers a wider range of high-risk uses).

Exemptions. Several categories are excluded from full compliance:

  • Small deployers with fewer than 50 employees that do not use the AI system to train it on the deployer’s data
  • Insurers subject to §10-3-1104.9 of the Colorado Revised Statutes (covered separately under insurance-specific AI rules)
  • Federally regulated banks subject to federal banking regulation
  • AI systems used solely for research not deployed against Colorado consumers
  • AI systems narrowly used for cybersecurity, fraud detection, or anti-spam where they do not make consequential decisions about consumers

The small deployer exemption is particularly significant: it removes a substantial fraction of small businesses from the law’s reach while keeping enterprise deployers fully covered.

Developer obligations

Developers of high-risk AI systems sold or licensed to Colorado deployers have three principal obligations once SB 24-205 enters into effect.

Reasonable care to prevent algorithmic discrimination. Developers must use reasonable care to protect consumers from any known or reasonably foreseeable risks of algorithmic discrimination arising from the intended uses of the high-risk AI system. The standard is care, not strict liability — developers are not strictly liable for any algorithmic discrimination, but for failures to exercise reasonable care.

Documentation provided to deployers. Developers must provide deployers with comprehensive documentation before the deployer puts the system into service, including:

  • A general statement describing the reasonably foreseeable uses and known harmful or inappropriate uses of the high-risk AI system
  • Documentation describing the type of data used to train the system, the limitations of the system, the purpose of the system, and the intended benefits and uses
  • Documentation describing how the high-risk AI system was evaluated for performance and mitigation of algorithmic discrimination, including disclosures of any known data sources
  • Documentation describing the data governance measures used to cover the training datasets and the measures used to examine suitability of data sources, possible biases, and appropriate mitigation
  • Documentation describing the intended outputs of the system
  • Documentation describing the measures the developer has taken to mitigate known or reasonably foreseeable risks of algorithmic discrimination that may arise from the deployment of the high-risk AI system
  • Documentation describing how the high-risk AI system should be used, not be used, and be monitored

The documentation set is substantial and is the developer-side equivalent of the EU AI Act’s technical documentation under Article 11. In practice, the documentation is the model card and dataset card pair that the AI governance ecosystem has been converging toward.

Notification of algorithmic discrimination. Developers must notify the Colorado Attorney General and all known deployers within 90 days of discovering that their AI system has caused or is reasonably likely to cause algorithmic discrimination. This is a substantive incident reporting obligation specific to discrimination harms.

Deployer obligations

Deployers carry the heavier compliance load under the law. Six principal obligations apply:

Risk management policy and program. Deployers must implement and maintain a risk management policy and program covering the deployment of high-risk AI systems. The program must specify and implement the principles, processes, and personnel that will be used to identify and mitigate algorithmic discrimination. The law explicitly recognizes the NIST AI Risk Management Framework and ISO/IEC 42001 as acceptable risk management frameworks; deployer alignment with either creates a rebuttable presumption of compliance.

Impact assessment before deployment. Before deploying a high-risk AI system, deployers must conduct an impact assessment evaluating the purpose of the system, the deployment context, the categories of data processed, the assessment of risks of algorithmic discrimination, the mitigation measures applied, and the post-deployment monitoring plan.

Annual impact assessment. After deployment, deployers must conduct an annual impact assessment, plus an additional impact assessment whenever there is an intentional and substantial modification of the high-risk AI system.

Pre-decision consumer notice. Deployers must notify consumers when a high-risk AI system is used to make a consequential decision about them. The notice must include the purpose of the AI system, the nature of the consequential decision, contact information for the deployer, instructions on how to access plain-language descriptions of how the AI system works, and instructions on how to opt out of the use of the AI system in the consequential decision where opt-out is available.

Adverse decision notice. When a high-risk AI system has been used in a consequential decision adverse to a consumer, the deployer must provide additional disclosures including the principal reason for the adverse decision, instructions on how the consumer may correct any incorrect personal data the AI system used, and instructions on how the consumer may appeal the adverse decision and have a human review the decision where feasible.

Public website disclosure. Deployers must publish on their public website a statement summarizing the types of high-risk AI systems they currently deploy or have deployed, how they manage algorithmic discrimination risk, and the data governance arrangements that apply.

The affirmative defense and the role of NIST AI RMF / ISO/IEC 42001

A structurally important feature of the Colorado AI Act is the affirmative defense available to organizations that proactively identify and remediate violations and that can demonstrate alignment with recognized AI risk management frameworks.

The affirmative defense operates as follows:

  • An organization that discovers a violation through internal review, third-party audit, or other reasonable means
  • And that promptly reports and remediates the violation
  • And whose AI risk management program substantially complies with the NIST AI Risk Management Framework, ISO/IEC 42001, or another nationally or internationally recognized risk management framework

…is presumed to have exercised reasonable care for purposes of the law. The presumption is rebuttable, but the organization that has done the work has shifted the evidentiary burden.

The explicit statutory recognition of NIST AI RMF and ISO/IEC 42001 is the most operationally significant feature of the law for the AI assurance and certification industry. Organizations that have invested in either framework — particularly those that hold accredited ISO/IEC 42001 certification — enter Colorado AI Act compliance from a structurally advantaged position. The same framework that satisfies the EU AI Act, NIST attestation, and Hiroshima Code of Conduct alignment also produces the affirmative defense under Colorado law.

This is the structural reason why ISO/IEC 42001 certification has become commercially material in the United States despite the absence of comprehensive federal AI statute: state AI laws like Colorado’s create concrete legal incentives for the certification.

Enforcement and penalties

Enforcement authority. The Colorado Attorney General has exclusive enforcement authority under SB 24-205. There is no private right of action — consumers cannot directly sue developers or deployers under the Act. They retain whatever rights they have under other Colorado law (consumer protection, civil rights, employment, housing) independent of the Act.

Penalty structure. Violations are treated as unfair trade practices under the Colorado Consumer Protection Act. Penalties can reach $20,000 per violation, with additional penalties for elderly consumer cases. The Attorney General has discretion to seek injunctive relief, disgorgement, and other equitable remedies.

Cure period during transitional phase. During the transitional period (originally 1 July 2025 to 1 February 2026, now extended through 30 June 2026), if the Attorney General or a district attorney determines that a cure is possible, they must issue notice and allow 60 days to cure before initiating enforcement. After the effective date, no statutory cure period is mandated in the enacted law (though the Attorney General retains discretion).

Current stay (April 2026). The federal court stay granted on 27 April 2026 suspends Attorney General enforcement activity and pending litigation pending: (a) the Colorado Attorney General promulgating implementing rules under SB 24-205 or successor legislation, and (b) resolution of the plaintiff’s forthcoming motion for a preliminary injunction. The stay does not invalidate the law; it pauses operational enforcement while legislative and rulemaking processes continue.

The KILO draft and the legislative reconstruction

In March 2026, Governor Polis’s AI Policy Working Group released a draft framework that would repeal and replace much of SB 24-205. The draft (informally referred to as the KILO draft) reflects sustained pressure from over 150 industry representatives during the August 2025 special session and subsequent stakeholder engagement. Its principal proposed changes include:

  • Shift from prescriptive governance to disclosure-and-transparency. Mandatory bias audits, full impact assessments, and detailed risk management programs would be replaced by lighter disclosure obligations, plain-language consumer notices, human review provisions, and recordkeeping requirements
  • Narrower high-risk AI system definition. The draft would tighten the criteria for what qualifies as a covered high-risk system
  • Reduced deployer obligations. Smaller compliance burden, particularly for mid-market deployers
  • Expanded exemptions. Additional categories beyond small deployers, insurers, and federally regulated banks
  • Target effective date 1 January 2027 if enacted by the General Assembly

As of May 2026, the KILO draft has not been formally introduced in the General Assembly. Its passage is uncertain. Three scenarios are now operationally relevant:

  1. Take effect as-is on 30 June 2026 if no further legislative action and the federal court stay is lifted before then.
  2. Amended or replaced by KILO or alternative legislation, with new effective date 1 January 2027 or later.
  3. Enjoined on constitutional or preemption grounds through the federal litigation that produced the April 2026 stay.

For compliance planning, the rational posture is to build toward the substantive obligations of SB 24-205 as enacted while monitoring the legislative and litigation developments closely. Organizations that build NIST AI RMF or ISO/IEC 42001 alignment now satisfy the affirmative defense under SB 24-205 and would also satisfy any reasonably anticipated successor framework, including KILO.

12-month implementation roadmap

For organizations operating in Colorado or affecting Colorado consumers, the rational compliance posture is to build toward SB 24-205 substantive obligations while preserving option value across all three regulatory scenarios (take-effect-as-is, KILO replacement, enjoinment). The roadmap below structures that work across four phases.

🗺️ Phase 1 — Months 0–3 · Foundation and inventory

  • AI system inventory across all business units, identifying systems that make or substantially influence consequential decisions affecting Colorado consumers
  • Developer/deployer mapping for each AI system (organizations are often both for different systems)
  • Gap analysis against NIST AI RMF and ISO/IEC 42001 to scope affirmative defense work
  • Governance baseline — designate accountable AI lead, establish AI policy, document existing risk management practices
  • Vendor documentation review — demand model cards, dataset documentation, and bias mitigation evidence from third-party AI vendors

🗺️ Phase 2 — Months 3–6 · Risk management program

  • Risk management policy and program structured around NIST AI RMF or ISO/IEC 42001
  • Pre-deployment impact assessments for each high-risk AI system in scope
  • Algorithmic discrimination evaluation with documented testing methodology and remediation actions
  • Data governance documentation for training data sources, suitability, biases, and mitigation
  • Human oversight architecture for consequential decisions, with escalation paths and override authority

🗺️ Phase 3 — Months 6–9 · Consumer-facing obligations and disclosure

  • Pre-decision consumer notice templates and delivery workflows
  • Adverse decision notice with principal reason, correction instructions, and human review paths
  • Public website disclosure summarizing high-risk AI systems deployed and discrimination risk management
  • Plain-language descriptions of how each AI system works, accessible from consumer notices
  • Opt-out mechanisms where consequential decisions permit them

🗺️ Phase 4 — Months 9–12 · Certification and continuous compliance

  • Independent audit or pre-certification assessment validating risk management program maturity
  • Accredited ISO/IEC 42001 certification initiation — the strongest affirmative defense positioning
  • Annual impact assessment cadence established with calendar triggers
  • Incident reporting workflow for algorithmic discrimination notification to Colorado AG and known deployers within 90 days
  • Continuous monitoring integrated with management review cycles

🎯 Outcome

By month 12, organizations have built the affirmative defense under SB 24-205 (NIST AI RMF or ISO/IEC 42001 alignment with documented governance), the EU AI Act conformity foundation (substantively overlapping documentation), and a portable management system that scales across other US state AI laws (Utah, Texas, NYC LL144) and international regimes (UK, Canada, EU).

Intersections with other regimes

Five intersections shape how the Colorado AI Act operates within the broader US and international AI regulatory architecture.

US federal AI architecture. The Colorado AI Act operates within the three-layer US AI regime described in our US AI Executive Orders reference page. It coexists with surviving Biden EOs (14141, 14144) and is in active tension with the Trump federal layer, particularly EO 14281 on disparate impact and the December 2025 state preemption EO that established the AI Litigation Task Force. The April 2026 federal court stay reflects this tension materializing in litigation form.

EU AI Act. Colorado borrows structurally from the EU AI Act’s high-risk framework. Organizations subject to both regimes can build compliance programs that satisfy both, with EU AI Act technical documentation requirements largely covering the Colorado developer documentation obligations and EU AI Act fundamental rights impact assessments largely covering Colorado deployer impact assessments.

NIST AI Risk Management Framework. Explicitly recognized in the statute as an acceptable risk management framework supporting the affirmative defense. Colorado treats NIST AI RMF alignment as substantive compliance evidence.

ISO/IEC 42001. Explicitly recognized in the statute alongside NIST AI RMF. Accredited ISO/IEC 42001 certification is the strongest positioning available to organizations subject to the law because it combines management system structure with third-party accredited validation.

Other state AI laws. Colorado is the first comprehensive state AI law but no longer the only one. Utah AI Policy Act, NYC LL144 for AEDTs, Texas AI in healthcare, Tennessee deepfakes, Illinois AI in employment, and others all interact with Colorado for organizations operating across multiple states. The compliance work increasingly converges around NIST AI RMF and ISO/IEC 42001 as the common substantive denominator across state regimes.

## ⚖️ How Zertia operates within the Colorado AI Act regime

Built for Colorado AI Act compliance from day one

Accreditations and memberships: 🎖️ ANAB-accredited (US) · 🎖️ UKAS process (UK) · 🎖️ ENAC process (EU) · 🏛️ IAPP member · 🏛️ INCITS member · 🏛️ UKAI member · 📜 EU AI Pact signatory

Zertia is an ANAB-accredited AI management system certification body, with offices in Boston, Madrid, and London, and ANAB accreditation in the United States. The Colorado AI Act’s explicit recognition of ISO/IEC 42001 and NIST AI RMF as acceptable risk management frameworks supporting the affirmative defense makes accredited certification and standards-based assurance directly material to Colorado compliance strategy.

Certification — ISO/IEC 42001, AIUC-1, ISO/IEC 27001, ISO/IEC 27701, ISO/IEC 22301. Accredited ISO/IEC 42001 certification is the most operationally significant Colorado AI Act compliance asset available. The statute recognizes ISO/IEC 42001 alignment as substantive compliance evidence supporting the affirmative defense; ANAB accreditation (held by Zertia) is the US-recognized accreditation that gives the certification full evidentiary weight in Colorado. AIUC-1 provides agent-level technical assurance for AI vendors deploying agents into Colorado-affected enterprise environments where state AI law and Fortune 1000 procurement standards apply simultaneously.

Regulatory frameworks — EU AI Act Conformity Assessment, NIST AI RMF Attestation, ISO/IEC 23894 Risk Assessment, Algorithmic Impact Assessment, Pre-Certification Assessment. NIST AI RMF Attestation is the second pillar of Colorado affirmative defense positioning (alongside ISO/IEC 42001). Algorithmic Impact Assessments are structured to satisfy the deployer impact assessment obligations under SB 24-205 (initial deployment, annual review, and substantial modification triggers), with documentation that survives scenario shifts (take-effect-as-is, KILO replacement, or enjoinment).

Audit — AI Management System audits, High-Risk AI System audits, AI Model audits, EU AI Act audits, NIST AI risk audits. Independent audits structured around the high-risk AI system definition, with audit evidence that supports developer documentation obligations (model cards, dataset cards) and deployer impact assessment requirements simultaneously.

Training — AI Governance, Data Governance, Privacy Governance through Zertia Academy. Programmes treat the Colorado AI Act explicitly, including the affirmative defense structure, the federal–state tension, the KILO draft scenario, and the practical implications of building compliance programs during the current judicial stay. Particularly relevant for legal, compliance, and risk teams building Colorado-affected AI governance for employers, healthcare providers, financial services firms, insurers, and education organizations.

Zertia operates from Boston, Madrid, and London, with ANAB accreditation in the United States and active accreditation processes with UKAS (United Kingdom) and ENAC (Spain/EU). Member of IAPP, INCITS, and UKAI. Signatory to the EU AI Pact.

🎯 Take action

🔍 Diagnose your gap 📊 Build the defense
Pre-Certification Assessment → ISO/IEC 42001 Certification →
Map your current AI governance against SB 24-205 obligations and NIST AI RMF / ISO/IEC 42001 baselines. Output: gap report and 12-month roadmap. The strongest affirmative defense positioning under the Colorado AI Act. ANAB-accredited certification with international recognition through IAF MLA.

Discuss Colorado AI Act compliance and affirmative defense positioning →

Regulación que entiendes es regulación que puedes convertir en ventaja competitiva.

¿No estás seguro de si este marco aplica a tu organización? Hablemos.