Colorado AI Act (SB 24-205, repealed 2026)
The Colorado AI Act (SB 24-205), the first broad U.S. state AI law, was repealed in May 2026 and replaced by Colorado SB 26-189, which takes effect 1 January 2027 with a narrower focus on automated decision-making technology.
Originally signed in May 2024 and scheduled to take effect 30 June 2026, the Colorado AI Act (SB 24-205) was the first broad U.S. state law placing duty-of-care obligations on developers and deployers of high-risk AI systems. It introduced annual impact assessments and a rebuttable presumption of reasonable care for organizations aligning their governance with NIST AI RMF or ISO 42001, effectively turning voluntary standards into a legal safe harbor. The law was repealed via Senate Bill 26-189 in May 2026 following legal challenges and industry pushback over the breadth of the original "high-risk AI system" framing. The replacement regime, also numbered SB 26-189, takes effect 1 January 2027 with a narrower focus on automated decision-making technology (ADMT) in employment, lending, housing, education, and healthcare contexts. The rebuttable-presumption mechanism in the original act remains an influential structural model now reflected in other state-level AI regulation.
A Colorado-based insurance company that had been preparing its first annual impact assessment under SB 24-205 reassessed its compliance approach after the repeal. The team mapped its in-scope systems to the new SB 26-189 ADMT triggers, narrowed the scope to consequential-decision use cases, and rebuilt its evidence base against the new deployer impact assessment and consumer notice requirements ahead of January 2027.
“What used to take weeks of manual reviews and policy work is now structured and auditable in Enzai within minutes. It’s the first time AI governance has felt operational, not theoretical.”
Ready to get started
with your AI governance program?
Enzai provides an AI governance and enablement platform that will help your organisation maximise AI adoption, while minimising AI risk.
Hear back in 24 hours
Customer Support Ticket Classification
Draft Use Case
5 requested AI solutions
Requested on: 7 Nov 2026
Requested by: Enzai
Reviewers:
Automated Contract Risk Review
Draft Use Case
5 requested AI solutions
Requested on: 7 July 2026
Requested by: Enzai
Reviewers:
Sales Forecasting & Demand Prediction
Draft Use Case
5 requested AI solutions
Requested on: 18 August 2026
Requested by: Enzai
Reviewers:
Employee Resume Screening Assistant
Draft Use Case
5 requested AI solutions
Requested on: 19 June 2026
Requested by: Enzai
Reviewers:
We help you find answers
What problem does Enzai solve?
Enzai provides enterprise-grade infrastructure to manage AI risk and compliance. It creates a centralized system of record where AI systems, models, datasets, and governance decisions are documented, assessed, and auditable.
Who is Enzai built for?
How is Enzai different from other governance tools?
Can we start if we have no existing AI governance process?
Does AI governance slow down innovation?
How does Enzai stay aligned with evolving AI regulations?
Research, insights, and updates
Empower your organization to adopt, govern, and monitor AI with enterprise-grade confidence. Built for regulated organizations operating at scale.