With its wide-ranging scope, you’d be forgiven for overlooking the One Big Beautiful Bill Act’s policy impacts on B2B technology companies, especially those in AI or AI-adjacent fields – i.e., most of them.
In this post we’ll break down how H.R. 1 – signed by President Trump on the 4th of July – will shape B2B compliance for the next several years. We’ll start with a much-discussed ban on state-level AI regulations which did not make it into the final bill.
State-by-State Standards
While the federal government hasn’t yet unveiled its own AI regulations, the topic has been top of mind for multiple administrations. Both Biden and Trump administrations have issued executive orders on AI, signaling the policy directions they were or are likely to take.
State legislatures have moved much faster. California, Utah, Colorado, and Texas are a handful of the states that have already passed bills regulating private sector AI usage. Each state defines and enforces AI standards differently, meaning startups have to demonstrate their compliance with each state’s regulations before doing business there.
A ban on state-level AI regulations would have temporarily halted the patchwork of regulations companies must comply with. The measure was removed from H.R. 1 before it was passed, meaning states will continue developing their own AI laws for the foreseeable future.
Building Federal AI Guardrails
The rumored Congressional ban on state-level AI regulations isn’t about stripping states of their agency; it’s a signal of their intent to tackle AI regulation down the road. However, without specific new guidance, startups are left needing to anticipate future compliance hurdles without any obvious next steps to take. Founders can find some guidance in President Trump’s recent executive order on AI, which we covered on the blog:
Frameworks like the National Institute of Standards and Technology’s Cybersecurity Framework (NIST CSF) will offer AI companies a way to mitigate risk for years to come, particularly among private sector clients. NIST even launched its updated CSF 2.0 in late 2023 to reflect the number of small and medium-sized businesses (read: startups) looking to use the framework to prove they can be trusted by partners and clients alike.
Startups will need to keep an eye on NIST – if not pursue a certification like NIST CSF or NIST 800-171 – while Congress mulls future AI regulations. They’ll need to do this while also juggling a growing patchwork of state-level rules. It’s a guaranteed headache that distracts teams from building products and acquiring new customers.
Koop: A One-Stop-Shop For Contractual Requirements
Keeping up with fast-moving compliance regulations has become a full-time job, especially when those requirements are the key to unlocking enterprise deals.
No matter what comes next in compliance, an all-in-one partner like Koop helps your team stay ready, win deals, and adapt fast. Startups stand to save tens of thousands by consolidating compliance certifications with related GRC priorities like business insurance and security questionnaire support. They need, in other words, One Big Beautiful Partner.
