HFS Considers Legislation on Federal Framework for AI
Commentary by Vijay Dewan
At a House Financial Services Committee hearing on proposed AI legislation, lawmakers considered whether a unified federal framework was needed to preempt conflicting state laws, and deliberated over proposed legislation to create AI "regulatory sandboxes".
At the hearing titled, "From Principles to Policy: Enabling 21st Century AI Innovation in Financial Services," witnesses from the technology and banking sectors urged clear oversight while highlighting AI’s role in fraud detection and cybersecurity. Panelists assessed AI use cases and the application of existing laws. Committee Chair French Hill likened the current AI landscape to the commercialization of the internet in the 1990s and argued Congress should adapt existing frameworks to support innovation while maintaining risk-based, technology-neutral protections.
Witnesses testified that AI is already embedded in compliance and risk functions. Tal Cohen, President of Nasdaq, stated that AI-specific regulation "should be consistent and harmonized" to avoid a "patchwork of differing state laws". Jeanette Manfra of Google Cloud noted AI assists in "the detection of fraud, money laundering, and other financial crimes". Wendi Whitmore of Palo Alto Networks testified her company uses AI to block "up to 30.9 billion attacks each day" based on real-time awareness of the threat landscape.
Among the legislative proposals under consideration, Mr. Hill and Subcommittee Chair Bryan Steil advocated for the "Unleashing AI Innovation in Financial Services Act," which would authorize federal regulators to establish "sandboxes" for AI testing. Mr. Steil argued these controlled environments would allow firms to experiment under federal oversight without creating a "free-for-all," noting that fraud and unsafe practices would remain prohibited. Ranking Member Maxine Waters and Rep. Stephen Lynch criticized the approach as "reckless," warning it could allow companies to bypass essential safety and soundness regulations or consumer protections.
The American Bankers Association submitted a statement emphasizing that banks operate within existing model risk management guidance and a “three lines of defense” framework. The ABA called for federal preemption of conflicting state requirements while cautioning that broad sandboxes are "generally less suitable for banks” given continuous statutory obligations.
Commentary
At the House Financial Services Committee meeting on AI, members got the diagnosis right but the prescription wrong. Representative William Timmons correctly warned that a "patchwork of state laws" creates a compliance nightmare, raising costs and stifling innovation. However, the proposed solution, federal preemption, requires Congress to occupy the field. Preemption without a substantive federal framework isn't harmonization; it is a free for all. While industry witnesses touted AI’s ability to "mitigate fraud" and block cyberattacks, these success stories mask the difficulty of regulating statistical systems that do not follow traditional logic. AI models have no "intent" to break the law; they reproduce patterns from their data. To replace state laws with a federal standard that works, Congress needs to hear from the technical experts and regulators actively grappling with these systems.