New York Amends RAISE Act, Aligns with California

Last December, New York passed the Responsible AI Safety and Education (RAISE) Act. The law is designed to regulate “frontier AI” models and mitigate any “catastrophic risks” posed by their development and operation. California’s Transparency in Frontier Artificial Intelligence Act (TFAIA) serves a similar purpose. Recent amendments to the RAISE Act bring many of the law’s substantive and scoping provisions into alignment with TFAIA, creating a more cohesive regulatory landscape for frontier developers. A recent Cooley memo summarizes the high-level changes to the RAISE Act:

“The amended RAISE Act replaces the original law’s requirement to publish and maintain a ‘safety and security protocol,’ with a new obligation to publish a ‘frontier AI framework’ – the same term used in the TFAIA. Under the original RAISE Act, the safety and security protocol had to specify protections to reduce the risk of ‘critical harm,’ describe cybersecurity measures, detail testing procedures, and designate senior compliance personnel. The amended law instead requires large frontier developers to publish a frontier AI framework describing how the developer handles ‘catastrophic risk’ thresholds, mitigations, third-party evaluations, cybersecurity practices, critical safety incidents, and internal governance. These framework requirements, including the defined term “catastrophic risk,” are copied from the TFAIA.”

The memo notes that the RAISE Act amendments also include a new transparency report requirement mirroring California law. While the amendments align the laws on several key points, there are still some substantive differences in the legislation. These include higher penalties under the New York law, along with fewer whistleblower protections, shorter incident reporting timelines, and unique disclosure requirements for “large frontier developers.” The RAISE Act is now set to take effect on January 1, 2027.