New York RAISE Act
Last reviewed
Jun 7, 2026
Sources
17 citations
Review status
Source-backed
Revision
v1 · 2,258 words
Improve this article
Add missing citations, update stale details, or suggest a clearer explanation.
Suggest edit
CtrlK
Last reviewed
Jun 7, 2026
Sources
17 citations
Review status
Source-backed
Revision
v1 · 2,258 words
Add missing citations, update stale details, or suggest a clearer explanation.
The New York RAISE Act (Responsible AI Safety and Education Act), enacted as bills S6953B and A6453B, is a state law regulating the safety and transparency of the most advanced artificial intelligence systems, known as frontier models. Sponsored by State Senator Andrew Gounardes and Assemblymember Alex Bores, the measure passed the New York State Legislature in mid-June 2025 and was signed by Governor Kathy Hochul on December 19, 2025, making New York the second U.S. state, after California, to impose binding safety obligations on developers of large frontier AI systems. The law applies to a small set of well-resourced companies that train models above a defined compute threshold, and it requires those firms to publish safety and security protocols, withhold models that pose an unreasonable risk of catastrophic harm, report safety incidents to state regulators within 72 hours, and face civil penalties enforced by the state. A package of chapter amendments negotiated as a condition of the governor's signature, passed in the 2026 legislative session and signed on March 27, 2026, narrowed and restructured the law to align it more closely with California's frontier AI transparency statute. The amended law takes effect on January 1, 2027.
The RAISE Act is frequently described as the policy successor to California's Senate Bill 1047, which Governor Gavin Newsom vetoed in September 2024. Its sponsors deliberately stripped out the most contested provisions of that earlier bill, omitting any mandatory shutdown ("kill switch") capability and any required third-party compliance audit. For background on the broader landscape, see AI regulation and AI safety.
The RAISE Act emerged directly from the collapse of California SB 1047, the Safe and Secure Innovation for Frontier Artificial Intelligence Models Act, which the California Legislature passed in 2024 before Governor Newsom vetoed it. Assemblymember Bores, a former software engineer, framed his bill as an effort to preserve the core safety goals of SB 1047 while removing the elements that drew the heaviest industry opposition. Where SB 1047 would have required covered developers to build a full-shutdown mechanism into their models and to retain an independent auditor for an annual compliance review, the RAISE Act includes neither requirement. It also declines to hold companies that fine-tune or post-train an existing model liable for downstream critical harm, and it contains no whistleblower protections for employees, both of which had featured in the California debate.
The intent was to reduce the compliance burden enough to keep frontier AI developers operating in the state. Bores told reporters he was confident there was no economic reason for AI companies to withhold their models from New York under the law. Senator Gounardes argued that the window to put guardrails in place was closing quickly given the pace of model development. The bill targeted the largest developers, including OpenAI, Google, and Anthropic, rather than startups or academic researchers, by tying coverage to very high compute and, later, revenue thresholds.
After New York acted, California enacted its own narrower frontier AI law, Senate Bill 53, the Transparency in Frontier Artificial Intelligence Act (TFAIA), in late 2025. The two statutes share a near-identical compute threshold and similar transparency goals, and the New York chapter amendments were explicitly designed to harmonize the RAISE Act's definitions and thresholds with the California framework. The most significant remaining divergence is reporting speed: New York requires safety incident reports within 72 hours, while California's TFAIA allows roughly 15 days.
The enacted statute imposes obligations only on a defined class of "large" developers of "frontier models." As originally passed and signed, a frontier model was an AI model trained using more than 10^26 computational operations (FLOPs) with a compute cost exceeding $100 million, and a large developer was a company that had trained at least one such model and spent more than $100 million in aggregate compute costs. The 2026 chapter amendments retained the 10^26 FLOP definition of a frontier model but shifted the coverage test for "large frontier developer" to an annual revenue threshold of more than $500 million, mirroring California's approach and excluding firms that train large models but lack that scale of revenue.
Covered developers must write, implement, and publish a safety and security protocol (the amendments use the language of a frontier AI "framework" and a public transparency report) describing how they assess and mitigate severe risks, secure model weights through cybersecurity measures, conduct testing, use third-party evaluators, and govern compliance internally. The protocol must be reviewed at least annually, with material changes published. The original statute also barred a large developer from deploying a frontier model where doing so would create an unreasonable risk of "critical harm." The governor's stated concern that pre-deployment obligations were too broad and insufficiently specific drove the chapter amendments, which reframed the standard around catastrophic risk rather than a hard pre-release prohibition.
The harm threshold that triggers the law's most serious provisions was defined in the enacted bill as the death or serious injury of 100 or more people, or at least $1 billion in damages, caused either by the creation or use of chemical, biological, radiological, or nuclear weapons, or by model conduct that would be a crime if committed by a person and that occurred with no meaningful human intervention. The 2026 amendments lowered the human-harm figure to more than 50 people while keeping the $1 billion property-damage figure, and they renamed the concept "catastrophic risk." Loss of equity or market value is expressly excluded from the definition of harm.
Developers must report a critical safety incident within 72 hours of determining that one has occurred, and must notify law enforcement within 24 hours where an incident poses an imminent risk of death or serious physical injury. The enacted version directed reports to the state, with enforcement by the New York Attorney General; the chapter amendments created a dedicated oversight office inside the New York State Department of Financial Services (DFS) to receive disclosures and incident reports, issue rules, and publish annual reports on AI safety beginning in 2028, funded by pro rata assessments on covered developers. Enforcement remains civil. The bill as passed authorized penalties of up to $10 million for a first violation and up to $30 million for subsequent violations; the chapter amendments reduced these to up to $1 million for a first violation and up to $3 million for any subsequent violation, with an additional penalty of up to $1,000 per day available for disclosure-statement failures. The law creates no private right of action.
| Provision | As passed / signed (S6953B/A6453B) | As amended (signed March 27, 2026) |
|---|---|---|
| Frontier model threshold | >10^26 FLOPs and >$100M compute cost | >10^26 FLOPs (retained) |
| Covered "large" developer | >$100M aggregate compute spend | >$500M annual revenue |
| Harm trigger | 100+ deaths/injuries or $1B+ damage ("critical harm") | 50+ deaths/injuries or $1B+ damage ("catastrophic risk") |
| Safety protocol | Publish and annually review | Publish framework + transparency report |
| Incident reporting | 72 hours to state; 24 hours for imminent harm | 72 hours to DFS; 24 hours to law enforcement |
| Enforcement / oversight | NY Attorney General | New office within NY DFS |
| Civil penalties | Up to $10M first / $30M subsequent | Up to $1M first / $3M subsequent |
| Kill switch / third-party audit | None | None |
| Effective date | (pending amendments) | January 1, 2027 |
The bill was introduced in the Assembly on March 5, 2025 by Bores and in the Senate on March 27, 2025 by Gounardes. The Senate passed S6953B on June 12, 2025, and the Assembly passed the companion measure during the same mid-June period, with the full legislature completing action by June 13, 2025. The bill then sat awaiting executive action for much of the year. Under New York practice, the governor and legislative sponsors negotiated a set of chapter amendments to be enacted in the following session as a condition of the signature.
Governor Hochul signed the RAISE Act on December 19, 2025, while announcing the agreed amendments that would follow. The chapter amendment legislation (carried as Senate Bill 8828, with an Assembly counterpart) advanced in the 2026 session and was signed into law on March 27, 2026, producing the final operative text. The statute takes effect January 1, 2027, giving covered developers a compliance runway.
The chapter amendments were the price of the governor's signature and substantially reshaped the law. The headline changes were: replacing the $100 million aggregate compute-spend coverage test with a $500 million annual-revenue test; lowering the human-harm threshold from 100 to more than 50 people while retaining the $1 billion property figure and the "catastrophic risk" framing; cutting the maximum civil penalties from $10 million and $30 million to $1 million and $3 million; moving administration and oversight from the Attorney General to a new office within the Department of Financial Services; and recasting the disclosure obligations as a published frontier AI framework plus a transparency report. The amendments preserved the 10^26 FLOP definition of a frontier model and the 72-hour incident-reporting clock. Their explicit aim, as described by the governor's office and legal analysts, was to align New York's regime with California's SB 53 TFAIA so that national developers would face a more consistent set of obligations across the two states.
Supporters cast the RAISE Act as the strongest AI transparency law in the country. Bores said it moved beyond California's SB 53 in significant ways, and Gounardes called the signing a win for community safety and the state's economy. Safety-focused researchers and advocates welcomed binding, enforceable disclosure rules for the largest developers at a time when federal standards remained unsettled.
Industry reaction was sharply negative during the legislative phase. Venture firm Andreessen Horowitz and the startup accelerator Y Combinator opposed the bill, with an Andreessen Horowitz partner publicly dismissing it as another harmful state-level AI measure. Anthropic, while supportive of safety regulation in principle, raised concerns that the original drafting could sweep in smaller companies. Trade group Chamber of Progress characterized the bill as a near-copy of the vetoed SB 1047. The chapter amendments, by raising the coverage floor to a $500 million revenue test and trimming penalties, addressed several of these concerns.
The law also landed in the middle of a federal preemption fight. On December 11, 2025, the Trump administration issued an executive order calling for a unified, minimally burdensome national AI framework and directing federal agencies, including the Department of Justice, to challenge state AI laws seen as inconsistent with that goal. Legal commentators flagged the RAISE Act and California's TFAIA as likely targets of such challenges, tying the statute's future to the broader contest over whether states or Washington will set the rules for frontier systems. See also AI executive order.
The RAISE Act is one of the first binding U.S. laws to impose safety, transparency, and incident-reporting duties specifically on developers of frontier large language model systems and other foundation models, rather than regulating narrow downstream uses. By surviving the legislative process that SB 1047 did not, and by deliberately omitting the kill-switch and third-party-audit provisions that sank the California bill, it offered a template for what a politically durable frontier safety law might look like. Together with California's TFAIA, it established a de facto two-state baseline for AI governance of the largest models while Congress and the executive branch continued to debate a national standard. Its ultimate reach depends on how the federal preemption dispute resolves and on how the new DFS oversight office implements the statute ahead of the January 1, 2027 effective date.