Colorado Senate Bill 24-205, the Colorado Artificial Intelligence Act (the "AI Act"), entered into force on 1 February 2026 pursuant to its statutory effective date following enactment by Governor Jared Polis on 17 May 2024. The law requires developers and deployers of high-risk artificial intelligence systems to use reasonable care to protect consumers from known or reasonably foreseeable risks of algorithmic discrimination. The Colorado Attorney General stated in a court filing that the Office will postpone active enforcement until rulemaking under the AI Act is completed, and that it will not enforce the law against conduct that precedes the completion of such rulemaking.
The controlling statute is Colorado SB24-205 (codified as Chapter 198, Session Laws of Colorado 2024), signed 17 May 2024, effective 1 February 2026. The Act applies to developers of high-risk AI systems, defined as AI systems that make or are a substantial factor in making consequential decisions affecting Colorado consumers in areas including education, employment, financial services, healthcare, housing, and legal services. Under Section 6-1-1703 of the Colorado Revised Statutes, a developer must use reasonable care to protect consumers from algorithmic discrimination, make available to deployers specified disclosures about each high-risk system, and notify the Attorney General and known deployers within 90 days of discovering any known or reasonably foreseeable risk. Section 6-1-1704 imposes analogous obligations on deployers, including implementation of a risk management program and an annual review of each high-risk system. A violation constitutes a deceptive trade practice under the Colorado Consumer Protection Act, enforced exclusively by the Attorney General.
Developers and deployers subject to the AI Act must take immediate steps: document each high-risk AI system and its intended uses, implement a risk management program, complete impact assessments, and post public summaries of deployed systems. Consumer-facing obligations include notifying consumers of consequential decisions, providing opportunities to correct personal data used in such decisions, and offering human review of adverse decisions where technically feasible. The enforcement delay announced by the Attorney General means that, until rulemaking closes, formal enforcement actions are unlikely; but private litigation is not precluded, and market participants that choose to rely on the delay do so at their own risk.
The AI Act provides safe harbors and carve-outs: insurers subject to applicable state insurance regulatory guidance are deemed compliant, and banks subject to federal prudential regulator examination under published AI guidance satisfying the Act's criteria are also fully compliant. The Attorney General holds exclusive enforcement authority and exclusive rulemaking authority to implement the Act. Compliance with a nationally or internationally recognized AI risk management framework and good-faith remediation efforts constitute an affirmative defense.
Our team advises AI developers, deployers, and technology companies on compliance with US state AI laws, including the Colorado AI Act, and can assist with risk management program design, impact assessments, and public-facing disclosures. We maintain a dedicated partner network for AI regulatory affairs across US and international jurisdictions. Contact us to assess your exposure under Colorado law. Types of work we handle or can assign to a partner include: AI Act compliance gap analysis, high-risk system documentation, algorithmic discrimination risk management, AI impact assessment drafting, and AI-related consumer dispute resolution.
Source: Colorado SB24-205, "Consumer Protections for Artificial Intelligence," signed 17 May 2024, effective 1 February 2026, Chapter 198, Session Laws of Colorado 2024. Colorado General Assembly official text: https://leg.colorado.gov/bills/sb24-205. Confirmed 29 April 2026.
The information provided is not legal, tax, investment, or accounting advice and should not be used as such. It is for discussion purposes only. Seek guidance from your own legal counsel and advisors on any matters. The views presented are those of the author and not any other individual or organization. Some parts of the text may be automatically generated. The author of this material makes no guarantees or warranties about the accuracy or completeness of the information.