Regulatory Compliance

Global AI regulations diverge as enforcement tests industry resilience and cross-border harmony

Wednesday, 10 December 2025 3:05PM UTC

As artificial intelligence rapidly transforms sectors worldwide, differing regulatory philosophies from the EU, US, and China are shaping compliance landscapes and innovation pathways, with enforcement now the definitive challenge for trade and stability.

Artificial intelligence is reshaping sectors from healthcare to finance at speed, and regulators worldwide have moved from principle-setting to concrete rules and implementation. According to the original Finextra white paper, jurisdictions now reveal three distinct regulatory philosophies, binding, risk-based controls led by the European Union; a sectoral, standards-first route in the United States; and rapid, state-directed administrative controls in China, each with different timelines, enforcement mechanisms and economic trade-offs. ^[1]

The European Union has translated its risk-based approach into binding law. The Council of the European Union gave final approval to the AI Act in May 2024, establishing the first global statutory regime that categorises AI by risk and imposes stricter obligations on higher-risk systems. The act aims to harmonise AI rules across member states, emphasise fundamental-rights protections, require transparency and conformity assessments for General Purpose AI, and create fines that can reach into millions of euros or a share of global turnover. According to the original report, obligations for GPAI began phasing in from August 2025 with full operationalisation foreseen over the coming years. ^[1]^[2]

By contrast, the United States continues to rely on a standards-led, sectoral approach anchored in voluntary frameworks and agency action rather than a single federal statute. Industry data shows the National Institute of Standards and Technology’s AI Risk Management Framework (AI RMF 1.0), released in January 2023, has become the primary cross-sector tool for organisations seeking to operationalise trustworthy AI principles. The AI RMF is voluntary, non-sector-specific and designed to be adaptable; a July 2024 companion profile targets the particular risks of generative AI. Federal agencies continue to issue guidance and executive actions while sector regulators such as the FTC and FDA pursue domain-specific rules. ^[1]^[3]^[4]^[5]

China’s regulatory path is characterised by rapid administrative measures and strong content and values controls. The white paper notes that interim measures for generative AI introduced by Chinese authorities in 2023 have been followed by tighter supervision, mandatory approvals in some cases and penalties enforced by state agencies, measures aimed at aligning AI deployment with state priorities including national security and “core socialist values.” This state-led tempo has produced a compliance environment markedly different from Western market-oriented approaches. ^[1]

Smaller advanced economies have adopted pragmatic or hybrid strategies. The UK retains a pro-innovation, principles-based stance with targeted regulation and regulatory sandboxes while contemplating a comprehensive AI Bill; Singapore emphasises pragmatic governance and certification pilots; Canada is building institutions such as the Canadian Artificial Intelligence Safety Institute; and Australia and Japan favour voluntary frameworks with potential future mandates for high-risk use-cases. Timelines and enforcement powers differ, but the collective trend is movement from abstract principles to operational rules, guidance and oversight. ^[1]

For financial services and capital markets the implications are immediate and material. The lead analysis highlights that credit scoring, fraud detection, automated advice, algorithmic trading and post-trade processing will fall under heightened scrutiny: regulators expect explainability, documented audit trails, bias mitigation, human oversight for high-risk algorithmic systems, and resilience testing to prevent correlated model failures. Industry data shows that firms operating across jurisdictions will face divergent compliance regimes, rigorous, prescriptive obligations in the EU; standards-based operationalisation in the US; and content-and-security-focused requirements in China, raising costs, affecting product design and influencing where certain AI capabilities are deployed. ^[1]^[3]

The policy divergence presents both friction and a form of regulatory pluralism that will shape innovation pathways. According to the original report, the EU’s rights-centred, prescriptive model is likely to export its risk-based norms through market access requirements; the US approach seeks to preserve market dynamism through voluntary, interoperable standards; and China prioritises control and alignment with state objectives. The result, industry observers warn, is a low likelihood of a single global AI law and continued challenges around cross-border interoperability, liability for systemic harms and harmonised conformity assessment. ^[1]^[2]^[3]

Implementation is now the critical test. The shift from drafting to enforcement, conformity assessments under the EU AI Act, sectoral rulemaking in the US guided by NIST’s roadmap and profiles, and administrative supervision in China, will determine whether regulatory regimes protect rights and financial stability without unduly constraining beneficial innovation. Government figures, institutional roadmaps and regulatory statements indicate the near-term focus will be on operationalising risk management, transparency and model evaluation for large generative models, while policymakers continue to debate liability, cross-border data flows and the governance of agentic systems. The balance struck in the coming years will shape where and how AI-driven financial services evolve. ^[1]^[2]^[3]^[6]

##Reference Map:

^[1] (Finextra) - Paragraph 1, Paragraph 2, Paragraph 4, Paragraph 5, Paragraph 6, Paragraph 7
^[2] (Council of the European Union press release) - Paragraph 2, Paragraph 7
^[3] (NIST AI RMF overview) - Paragraph 3, Paragraph 6, Paragraph 7
^[4] (NIST AI RMF 1.0 publication) - Paragraph 3
^[5] (NIST Generative AI profile) - Paragraph 3
^[6] (NIST Roadmap for AI RMF) - Paragraph 7

Source: Noah Wire Services

More on this

https://www.finextra.com/blogposting/30336/ai-regulations---a-global-viewpoint?utm_medium=rssfinextra&utm_source=finextrablogs - Please view link - unable to able to access data
https://www.consilium.europa.eu/en/press/press-releases/2024/05/21/artificial-intelligence-ai-act-council-gives-final-green-light-to-the-first-worldwide-rules-on-ai/ - On 21 May 2024, the Council of the European Union approved the Artificial Intelligence (AI) Act, marking the first global regulation on AI. The Act adopts a risk-based approach, imposing stricter rules on higher-risk AI applications. It aims to harmonise AI regulations across the EU, ensuring the development and deployment of safe and trustworthy AI systems while respecting fundamental rights and stimulating innovation. The Act applies to areas within EU law and provides exemptions for systems used exclusively for military, defence, or research purposes.
https://www.nist.gov/itl/ai-risk-management-framework - The National Institute of Standards and Technology (NIST) developed the AI Risk Management Framework (AI RMF) to assist organisations in managing AI-related risks and promoting trustworthy AI systems. Released in January 2023, the AI RMF is a voluntary, non-sector-specific resource designed to be adaptable to various AI applications. It aims to help organisations incorporate trustworthiness considerations into the design, development, use, and evaluation of AI products and services. The framework is intended to be practical and operationalisable by organisations of all sizes and sectors.
https://www.nist.gov/publications/artificial-intelligence-risk-management-framework-ai-rmf-10 - Published on 26 January 2023, the AI RMF 1.0 provides guidance for organisations designing, developing, deploying, or using AI systems to manage associated risks and promote trustworthy AI. Developed under the National Artificial Intelligence Initiative Act of 2020, the framework is voluntary, rights-preserving, and non-sector-specific, offering flexibility to organisations of all sizes and sectors. It aims to be practical and adaptable to the evolving AI landscape, supporting organisations in operationalising the framework to benefit from AI while mitigating potential harms.
https://www.nist.gov/publications/artificial-intelligence-risk-management-framework-generative-artificial-intelligence - Released on 26 July 2024, the AI RMF: Generative Artificial Intelligence Profile is a cross-sectoral resource for managing risks associated with generative AI. It serves as a companion to the AI RMF 1.0, focusing on the unique challenges posed by generative AI systems. The profile provides guidance on incorporating trustworthiness considerations into the design, development, use, and evaluation of generative AI products and services. It is intended to be practical and adaptable, supporting organisations in managing risks specific to generative AI applications.
https://www.nist.gov/itl/ai-risk-management-framework/roadmap-nist-artificial-intelligence-risk-management-framework-ai - The Roadmap for the NIST AI Risk Management Framework (AI RMF 1.0) outlines key activities for advancing the framework. It identifies potential collaborations with private and public sector organisations to enhance the framework's effectiveness. The roadmap aims to support organisations in managing AI risks and promoting trustworthy AI systems by providing guidance on implementing the framework's approaches. It is intended to be flexible and adaptable, accommodating the evolving AI landscape and the diverse needs of organisations across sectors.
https://www.nist.gov/itl/ai-risk-management-framework/ai-risk-management-framework-faqs - The AI Risk Management Framework (AI RMF) FAQs provide answers to common questions about the framework. The AI RMF is designed to help developers, users, and evaluators of AI systems manage associated risks and promote trustworthy AI. It aims to foster the development of innovative approaches to address characteristics of trustworthiness, including validity, reliability, safety, security, resilience, accountability, transparency, explainability, interpretability, privacy, and fairness. The FAQs offer insights into the framework's purpose, applicability, and implementation.

Noah Fact Check Pro

The draft above was created using the information available at the time the story first emerged. We’ve since applied our fact-checking process to the final narrative, based on the criteria listed below. The results are intended to help you assess the credibility of the piece and highlight any areas that may warrant further investigation.

Freshness check

Score: 8

Notes: The narrative was published on 10 December 2025, making it current. The earliest known publication date of similar content is 15 May 2019, indicating that the topic has been discussed for several years. The report references a Finextra white paper, suggesting it may be based on a press release, which typically warrants a high freshness score. However, the report includes updated data, such as the EU AI Act's obligations for General Purpose AI (GPAI) beginning in August 2025, indicating that the content has been refreshed. Nonetheless, the presence of recycled material warrants caution. ([finextra.com](https://www.finextra.com/blogposting/30336/ai-regulations---a-global-viewpoint?utm_source=openai))

Quotes check

Score: 7

Notes: The report includes direct quotes from the Finextra white paper. The earliest known usage of these quotes is from the same report, published on 10 December 2025. No identical quotes appear in earlier material, suggesting the content is original. However, the reliance on a single source raises questions about the exclusivity of the information. ([finextra.com](https://www.finextra.com/blogposting/30336/ai-regulations---a-global-viewpoint?utm_source=openai))

Source reliability

Score: 6

Notes: The narrative originates from Finextra, a reputable organisation known for its coverage of financial technology. However, the report is authored by Anusha Sivaramakrishnan, a Consulting Partner at TCS, which may indicate a potential conflict of interest. The report references a Finextra white paper, suggesting it may be based on a press release. While Finextra is generally reliable, the potential for bias due to the author's affiliation and the reliance on a single source warrants caution. ([finextra.com](https://www.finextra.com/blogposting/30336/ai-regulations---a-global-viewpoint?utm_source=openai))

Plausibility check

Score: 7

Notes: The report provides a comprehensive overview of AI regulations across various jurisdictions, including the EU, US, China, and others. The claims about the EU AI Act's obligations for GPAI beginning in August 2025 and the US's reliance on the NIST AI Risk Management Framework are consistent with other reputable sources. However, the report's reliance on a single source and the potential for bias due to the author's affiliation with TCS raise questions about the exclusivity and objectivity of the information. ([finextra.com](https://www.finextra.com/blogposting/30336/ai-regulations---a-global-viewpoint?utm_source=openai))

Overall assessment

Verdict (FAIL, OPEN, PASS): OPEN

Confidence (LOW, MEDIUM, HIGH): MEDIUM

Summary: The narrative provides current and relevant information on global AI regulations, with updated data and original content. However, the reliance on a single source, potential bias due to the author's affiliation with TCS, and the presence of recycled material warrant caution. Further verification from additional reputable sources is recommended to confirm the accuracy and objectivity of the information.

AI regulation
Regulatory divergence
Financial services
EU AI Act
US standards
China AI controls
AI governance