Skip to main content

02 Adopting Disruptive Tech & AI

Ten Key Regulatory Challenges of 2026

Columns

Federal and state regulatory adaptation of existing risk frameworks and policies respond to complexities in evolving AI innovation, with increasing private sector participation.

Ten Key Regulatory Challenges of 2026

“Embracing AI in banking levels the playing field and provides unparalleled opportunity to enhance efficiency and optimization. Innovation and regulatory guidance must align to maintain compliance and consumer trust. By doing so, we foster a future of compliance and growth that benefits everyone.” 

Adam Levy
Principal
Advisory


“As regulations across the US continue to evolve and take shape in 2026, we expect a key focus area for organizations will be ensuring they have mechanisms in place to classify and validate that AI systems and guardrails are functioning as intended and are aligned with the regulations. As a result, we expect to see an uptick in the number of organizations conducting AI risk assessments, system testing, and other AI assurance activities in 2026.” 

Bryan McGowan
Principal
Advisory

Model Risk Management

02 Adopting Disruptive Tech & AI

Federal banking regulators continue to reiterate that existing guidance and risk frameworks (e.g., SR 11-7 and OCC 2011-12) remain fit for purpose in supervising AI applications, but recent statements suggest some revisions may be needed as AI applications continue to evolve and are deployed across financial organizations.

Examples

What to Watch

  • Interagency belief that existing statutory authorities are generally sufficient to supervise AI use (e.g., GAO Report)
  • If AI is a model, the current approach to model risk management needs to be revamped/revised (e.g., OCC Statement (Gould))
  • Need to review/update existing standards (e.g., FRB Statement (Barr))
  • Potential revisions to existing model guidance for AI-specific use cases
  • Potential need for enhancements to non-model risk frameworks to address transverse risks, including cybersecurity and operational risks, related to GenAI
  • Increasing numbers of bank/fintech relationships; heightened attention to TPRM
  • Growing acceptance that not all AI is a model
  • Consideration of new approaches for AI that is not a model

Complexity & Divergence

02 Adopting Disruptive Tech & AI

Divergent actions at the federal and state levels create risk and compliance challenges:

  • Executive directives promote national security and innovation and the removal of regulatory barriers that may hinder it.
  • Proliferation of state level laws and regulations, including broad frameworks aimed at developers and/or deployers and narrowly targeted safety and/or privacy laws (e.g., consumer protection, child protection, deepfakes, automated decision-making tools).

Examples

What to Watch

  • Federal actions, including:
    • Policy recommendations for accelerating AI innovation, infrastructure, and security (e.g., AI Action Plan, EOs for data centers and “full-stack” AI exports)
    • Identification of AI technologies constrained due to Federal statues, regulations, or policies (e.g., OSTP RFI)
  • State actions (more than 1,000 bills introduced across 50 states in 20251), including:
    • “Safety” laws focused on large developers (e.g., CA, NY)
    • “Comprehensive” laws for “high risk systems” (e.g., TX)
    • Targeted laws (e.g., NY re: child protection)
  • Introduction of new laws and regulations, as appropriate, to facilitate recommendations in the AI Action Plan
  • Potential revision and/or recission of federal rules identified as inhibiting AI innovation, infrastructure
  • Ongoing introduction of laws and regulations with varying scope and scale across all 50 states; overlaps with cyber, data privacy, and energy infrastructure laws
  • Continued calls for federal preemption or moratoriums on enforcement of certain state AI laws
  • Potential for increased risks from inaction in the absence or reduction of proactive federal regulatory activity

 1Derived from Multistate.ai 

Public Private Partnership

02 Adopting Disruptive Tech & AI

Executive policy to create conditions for private sector-led innovation to flourish and enable AI adoption.

Examples

What to Watch

  • Promotion (e.g., AI Action Plan) of private sector through access to resources (e.g., models, data), testing facilities (e.g., “regulatory sandboxes”), and industry-specific standards
  • Initiatives and projects to facilitate U.S. AI leadership (e.g., EO 14318 re: data centers)
  • Private sector-driven innovation for AI applications in payments (e.g., FRB Statement (Waller))
  • Potential changes to regulatory processes, including supervision and rules identified by private industry as inhibiting AI innovation, to better facilitate development and deployment
  • Availability of regulatory sandboxes across different agencies
  • Streamlined permitting for data center and energy infrastructure along with other incentives at the federal and state levels
  • Federal Reserve stakeholder engagement on a "payment account" for fintechs 

02 Adopting Disruptive Tech & AI:

Read the document

Download the Section

Dive into our thinking:

Ten Key Regulatory Challenges of 2026

Balancing the Regulatory Stack

Download PDF

Explore more

Points of View

Points of View

Insights and analyses of emerging regulatory issues and their impact.

Read more
Regulatory Insights View

Regulatory Insights View

Series covering regulatory trends and emerging topics

Read more

Regulatory Alerts

Quick hitting summaries of specific regulatory developments and their impact.

Read more

Get the latest from KPMG Regulatory Insights

KPMG Regulatory Insights is the thought leader hub for timely insight on risk and regulatory developments.

Subscribe

Meet our team

Image of Laura Byerly
Laura Byerly
Managing Director, Clients & Markets, Regulatory Insights, KPMG LLP
Read bio
Image of Adam Levy
Adam Levy
Principal, Modeling & Valuation, KPMG LLP
Read bio
Image of Bryan McGowan
Bryan McGowan
Global and US Trusted AI Leader, KPMG US
Read bio
Image of Laura Byerly
Laura Byerly
Managing Director, Clients & Markets, Regulatory Insights, KPMG LLP
Read bio
Image of Adam Levy
Adam Levy
Principal, Modeling & Valuation, KPMG LLP
Read bio
Image of Bryan McGowan
Bryan McGowan
Global and US Trusted AI Leader, KPMG US
Read bio

Thank you

Thank you for signing up to receive Regulatory Insights thought leadership content. You will receive our next issue when we publish.

Get the latest from KPMG Regulatory Insights

KPMG Regulatory Insights is the thought leader hub for timely insight on risk and regulatory developments. Get the latest perspectives on evolving supervisory, regulatory, and enforcement trends. 

To receive ongoing KPMG Regulatory Insights, please submit your information below:
(*required field)
All fields with an asterisk (*) are required.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's . Privacy Statement

An error occurred. Please contact customer support.

KPMG. Make the Difference.


Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates or related entities.

The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation. KPMG LLP does not provide legal services.

The information contained herein is not intended to be “written advice concerning one or more Federal tax matters” subject to the requirements of section 10.37(a)(2) of Treasury Department Circular 230.

© 2026 KPMG LLP, a Delaware limited liability partnership, and its subsidiaries are part of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the KPMG global organization please visit https://home.kpmg/governance.

Thank you!

Thank you for contacting KPMG. We will respond to you as soon as possible.

Contact KPMG

Use this form to submit general inquiries to KPMG. We will respond to you as soon as possible.
All fields with an asterisk (*) are required.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's . Privacy Statement

An error occurred. Please contact customer support.

Job seekers

Visit our careers section or search our jobs database.

Search now!

Submit RFP

Use the RFP submission form to detail the services KPMG can help assist you with.

Submit

Office locations

View locations

International hotline

You can confidentially report concerns to the KPMG International hotline

Learn more

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.

Contact

Headline