WHAT THIS BILL REGULATES · 4 REQUIREMENT TYPES
How Is This Bill Enforced
Verbatim statutory text on the left; plain-language analysis and a per-section checklist on the right. Numbered markers cross-link to the matching checklist row.
This Act may be cited as the ''Financial Artificial IntelligenceArtificial intelligenceIn this Act, the term "artificial intelligence" has the meaning given the term in section 5002 of the National Artificial Intelligence Initiative Act of 2020 (15 U.S.C. 9401).Sec. 2 Risk Reduction Act'' or the ''FAIRR Act''.
Establishes the short title of the bill as the Financial Artificial Intelligence Risk Reduction Act, or the FAIRR Act. No operative obligations are imposed.
In this Act, the term ''artificial intelligenceArtificial intelligenceIn this Act, the term "artificial intelligence" has the meaning given the term in section 5002 of the National Artificial Intelligence Initiative Act of 2020 (15 U.S.C. 9401).Sec. 2'' has the meaning given the term in section 5002 of the National Artificial IntelligenceArtificial intelligenceIn this Act, the term "artificial intelligence" has the meaning given the term in section 5002 of the National Artificial Intelligence Initiative Act of 2020 (15 U.S.C. 9401).Sec. 2 Initiative Act of 2020 (15 U.S.C. 9401).
Defines artificial intelligence by cross-reference to section 5002 of the National Artificial Intelligence Initiative Act of 2020 (15 U.S.C. 9401). This is a purely definitional section that creates no independent obligation.
(a)(1) 1 direct the Office of Financial Research, as appropriate, to conduct research into the uses of artificial intelligenceArtificial intelligenceIn this Act, the term "artificial intelligence" has the meaning given the term in section 5002 of the National Artificial Intelligence Initiative Act of 2020 (15 U.S.C. 9401).Sec. 2 by financial institutions and entities providing services to or performing functions on behalf of financial institutions;
(a)(2) 1 identify threats to the stability of the financial system posed by the use of artificial intelligenceArtificial intelligenceIn this Act, the term "artificial intelligence" has the meaning given the term in section 5002 of the National Artificial Intelligence Initiative Act of 2020 (15 U.S.C. 9401).Sec. 2 tools and technologies, such as— (A) the generation and use of false representations of events or the likeness, speech, or actions of persons by malign actors to manipulate financial markets, institutions, or instruments, or to cause disruption in financial markets and; (B) any other acts or practices associated with the use or assistance of artificial intelligenceArtificial intelligenceIn this Act, the term "artificial intelligence" has the meaning given the term in section 5002 of the National Artificial Intelligence Initiative Act of 2020 (15 U.S.C. 9401).Sec. 2 tools or technologies that threaten the stability of the financial system;
(a)(3) 2 not later than 180 days after the date of enactment of this section, in consultation with the member agencies, financial institutions, securities market participants, and entities providing services to or performing functions on behalf of financial institutions or securities markets participants, submit to the Committee on Banking, Housing, and Urban Affairs of the Senate and the Committee on Financial Services of the House of Representatives a report that— (A) identifies the threats described in paragraph (2); (B) identifies specific gaps in the existing regulations, guidance, and examination standards of the member agencies that prevent effective and comprehensive responses by each of the member agencies to the threats described in paragraph (2); and (C) makes specific recommendations for addressing the gaps identified in subparagraph (B), including, as appropriate, recommendations regarding implementation of the recommendations in the Cybersecurity Information Sheet published by the National Security Agency, Federal Bureau of Investigation, and Cybersecurity and Infrastructure Security Agency on September 12, 2023;
(a)(4) 3 identify, as appropriate, opportunities for the use of artificial intelligenceArtificial intelligenceIn this Act, the term "artificial intelligence" has the meaning given the term in section 5002 of the National Artificial Intelligence Initiative Act of 2020 (15 U.S.C. 9401).Sec. 2 technologies in financial regulation and supervision, specifying that any use of artificial intelligenceArtificial intelligenceIn this Act, the term "artificial intelligence" has the meaning given the term in section 5002 of the National Artificial Intelligence Initiative Act of 2020 (15 U.S.C. 9401).Sec. 2 by the agencies in regulation and supervision should be transparent and disclosed to their regulated entities as appropriate.
This section creates the core mandate of the bill: the Financial Stability Oversight Council must coordinate with its member agencies to address AI-related risks to financial system stability. Operative duties include directing the Office of Financial Research to study AI use by financial institutions and their service providers, identifying specific AI threats (including deepfake market manipulation), and within 180 days of enactment submitting a report to Congress that catalogs those threats, identifies regulatory gaps, and recommends gap-closing measures. The Council must also identify opportunities for AI in financial regulation and supervision, with a transparency requirement that agencies disclose their own AI use to regulated entities.
The 180-day report is a significant one-time deliverable; the threat-identification and research-direction duties appear to be ongoing coordination responsibilities without a defined schedule.
(b) Not later than 30 days after the date on which the relevant congressional committees receive the report required under subsection (a), the committees shall review the report and submit comments and recommendations thereon.
Requires the relevant congressional committees to review the FSOC report within 30 days and submit comments and recommendations. This is a legislative procedural requirement directed at Congress itself, not at a regulated entity.
(c)(1) 4 Upon review of comments and recommendations under subsection (b), the Council shall commence action under the procedures prescribed in section 120 with regard to implementation of the recommendations by each of the member agencies.
Upon congressional review, the FSOC must commence action under existing section 120 procedures to implement its recommendations through each member agency. Section 120 of Dodd-Frank provides a formal process for FSOC to recommend that member agencies apply new or heightened standards and safeguards. This is a procedural implementation obligation on the Council itself.
(d) The provisions of chapter 8 of title 5, United States Code, shall apply as appropriate to rules issued by the member agencies under this section.
Specifies that the Congressional Review Act (5 U.S.C. chapter 8) applies to rules issued by member agencies under this section. This is a procedural safeguard provision ensuring congressional oversight of resulting agency rules, not an independent compliance obligation.
(e)(1)–(2) 5 The Federal and Banking Information Infrastructure Committee sponsored by the President's Working Group on Financial Markets shall, in consultation with private-sector entities and other relevant governmental entities— (1) initiate a series of scenario-based exercises to test the effectiveness of defenses against financial market disruptions associated with the use or assistance of artificial intelligenceArtificial intelligenceIn this Act, the term "artificial intelligence" has the meaning given the term in section 5002 of the National Artificial Intelligence Initiative Act of 2020 (15 U.S.C. 9401).Sec. 2 technologies; and (2) make recommendations for ongoing improvements in detection, prevention, and mitigation of such disruptions.
Directs the Federal and Banking Information Infrastructure Committee (FBIIC), sponsored by the President's Working Group on Financial Markets, to initiate scenario-based exercises testing defenses against AI-related financial market disruptions and to make recommendations for ongoing improvements. This is a government stress-testing and resilience mandate, not a private-sector obligation.
(1)–(3) 6 Section 206A of the Federal Credit Union Act (12 U.S.C. 1786a) is amended— (1) inthe subsection (a)(1), by striking ''that'' and inserting ''an''; (2) in subsection (c)(2), in the matter preceding subparagraph (A), by inserting '', in a manner and method prescribed by the Board,'' after ''Board''; and (3) by striking subsection (f).
Amends Section 206A of the Federal Credit Union Act (12 U.S.C. 1786a) with three technical changes that expand the NCUA Board's authority to examine third-party service providers to credit unions. The amendments (1) broaden the triggering language from "that" to "an," (2) require registration in a manner and method prescribed by the Board, and (3) strike subsection (f), which contained a sunset or limitation provision. While framed as AI-related in the bill title, the operative text is a general expansion of third-party service-provider oversight authority, not limited to AI providers.
(1) 7 such performance shall be subject to regulation and examination by the Director to the same extent as if such activity were being performed by such entity or Office itself on its own premises;
(2) 8 the regulated entity or Office of Finance shall notify the Director of the existence of the service relationship not later than 30 days after the earlier of— (A) making of such service contract; or (B) the performance of the activity by the service provider.
Adds a new section 1329 to the Federal Housing Enterprises Financial Safety and Soundness Act of 1992, granting the FHFA Director examination authority over service providers performing outsourced activities for FHFA-regulated entities (GSEs) or the Office of Finance. Service providers must notify the Director within 30 days of contracting or commencing service. Like Section 4, this is a general third-party oversight provision that applies to AI service providers among others.
(E) 9 The amount of a civil penalty imposed under subparagraph (A)(i) for a violation involving the use of machine-manipulated mediaMachine-manipulated media"Machine-manipulated media" as defined in section 5724 of the Damon Paul Nelson and Matthew Young Pollard Intelligence Authorization Act for Fiscal Years 2018, 2019, and 2020 (50 U.S.C. 3024 note).Sec. 6 (referencing 15 U.S.C. 78u(d)(3)(E)), as defined in section 5724 of the Damon Paul Nelson and Matthew Young Pollard Intelligence Authorization Act for Fiscal Years 2018, 2019, and 2020 (50 U.S.C. 3024 note), shall not exceed 3 times the penalty otherwise determined under clause (i), (ii), or (iii) of subparagraph (B).
Amends Section 21(d)(3) of the Securities Exchange Act of 1934 to impose enhanced civil penalties — up to 3 times the amount otherwise determined — for securities violations involving the use of machine-manipulated media (deepfakes). This is an enforcement enhancement provision that augments existing SEC penalty authority rather than creating a new affirmative compliance obligation on market participants.
(a) 10 Any person who, directly or indirectly, deploys or causes to be deployed, an artificial intelligenceArtificial intelligenceIn this Act, the term "artificial intelligence" has the meaning given the term in section 5002 of the National Artificial Intelligence Initiative Act of 2020 (15 U.S.C. 9401).Sec. 2 model shall be deemed to satisfy the scienter, other state of mind, or negligence requirements of the Federal securities laws with regard to any and all acts, practices or conduct engaged in by such model, and any outcome resulting from the use of such model, and shall be liable to the same extent as if such person had committed such acts, practices or conduct directly, unless such person took reasonable steps to prevent such acts, practices, conduct and outcome, which may include but are not limited to establishing, maintaining and enforcing written policies and procedures reasonably designed to prevent violations of the Federal securities laws.
(b) 11 Civil liability of a developer of an artificial intelligenceArtificial intelligenceIn this Act, the term "artificial intelligence" has the meaning given the term in section 5002 of the National Artificial Intelligence Initiative Act of 2020 (15 U.S.C. 9401).Sec. 2 model for design defects or breaches of implied warranties with respect to such a model out of which arise a violation of the Federal securities laws may not be waived.
Creates two significant liability rules for AI in securities markets. Subsection (a) establishes that any person who deploys an AI model is deemed to satisfy the scienter, state-of-mind, or negligence requirements of federal securities laws with respect to all acts, practices, or conduct of the model and any resulting outcomes — effectively imputing the model's conduct to the deployer. A safe harbor exists for persons who took reasonable steps to prevent violations, including maintaining written compliance policies. Subsection (b) prohibits contractual waiver of a developer's civil liability for design defects or implied warranty breaches arising from securities law violations.
The scienter-imputation rule is notable: it means a deployer cannot defend a securities-fraud claim by arguing they did not intend or know about the AI model's violative conduct. The safe harbor incentivizes written compliance programs but does not guarantee immunity.