NYC Local Law 144 Is Just the Beginning: The Global AI Hiring Regulation Map

NYC's AI bias law was just the start. See how AI hiring regulations are spreading globally and what it means for your multinational workforce. Computer says no to regulatory ignorance.
AI hiring regulation is no longer a single-city rule: since New York's Local Law 144, a growing list of states and countries have introduced their own requirements for auditing, disclosing, and overseeing AI used in recruitment.
Introduction
New York City fired the first shot in the global war on biased AI hiring. Local Law 144, requiring annual audits of automated hiring tools, seemed like a local New York issue when it passed in 2021.
Three years later, it's become the template for a global regulatory revolution.
California followed. Then Colorado. Illinois jumped in. The EU rolled out the AI Act. Canada drafted its Artificial Intelligence and Data Act. And now, every quarter brings new jurisdictions saying "computer says no" to unregulated AI hiring.
What started as one city's attempt to fight algorithmic bias has become a worldwide regulatory tsunami that's reshaping how companies hire across borders.
If you operate in multiple locations, your compliance matrix just became a nightmare. But here's the twist: this regulatory wave isn't destroying AI hiring - it's saving it from itself.
The NYC Precedent: How One Law Changed Everything
Local Law 144 was deceptively simple:
Annual third-party audits of automated hiring tools
Publication of audit results showing bias statistics
Candidate right to request information about AI decisions
Penalties starting at $500 per day for non-compliance
But its impact reached well beyond New York. In the years since:
A growing number of other jurisdictions introduced similar laws
Major companies began global AI audit programmes to avoid patchwork compliance
AI vendors moved to build bias testing into their platforms
Early enforcement action established a template other regulators have referenced
NYC didn't just regulate AI hiring - it proved effective regulation was possible.
The Regulatory Domino Effect: State by State
California: Algorithmic Accountability Proposals
What proposed requirements typically cover:
Algorithmic impact assessments for hiring AI
Disclosure of AI use to candidates
Right to human review of AI decisions
Bias testing with demographic breakdowns
Key difference from NYC: Focus on transparency and candidate rights rather than bias auditing alone
Penalties: Enforcement mechanisms vary, and can include per-violation fines plus exposure to discrimination lawsuits
Colorado: Consumer Protections for AI
What it requires:
Risk assessments for AI systems affecting employment
Algorithm transparency requirements
Consumer (including job candidate) rights to explanation
Developer liability for discriminatory outcomes
Key innovation: Extends liability to AI developers, not just users
Penalties: Meaningful per-violation fines, with cumulative exposure for repeat offenders
Illinois: AI Video Interview Act
What it requires:
Disclosure when AI analyzes video interviews
Candidate consent for AI-powered assessments
Right to human review of AI decisions
Bias testing for video analysis algorithms
Unique aspect: Specifically targets AI analysis of video interviews and facial expressions
Penalties: Vary by scope and jurisdictional enforcement approach
Other US States: Emerging Legislation
Proposed requirements under discussion in several states:
Pre-deployment bias testing
Ongoing monitoring requirements
Vendor certification programs
Right to algorithmic transparency
International Tsunami: Beyond US Borders
European Union: AI Act (World's First Comprehensive AI Law)
Scope: All AI systems, with hiring classified as "high-risk" Requirements:
Conformity assessments before deployment
Continuous monitoring and documentation
Human oversight of all decisions
CE marking for compliant systems
Penalties: Up to €35 million or 7% of global turnover for the most serious breaches
Canada: Artificial Intelligence and Data Act (AIDA)
Status: Currently in Parliament Key provisions:
Risk-based approach to AI regulation
Mandatory testing for high-impact systems
Transparency requirements for AI decisions
Penalty structure similar to EU approach
Expected impact: Creates unified North American AI governance framework
United Kingdom: Pro-Innovation Regulation
Approach: Sector-specific regulation through existing bodies Current status:
ICO investigating AI hiring bias cases
Equality and Human Rights Commission issuing guidance
No comprehensive law yet, but enforcement increasing
Australia: Privacy and AI Governance
Development: Consulting on AI regulation framework Timeline: Draft legislation expected 2025 Focus: Privacy-first approach to AI governance
The Compliance Complexity Matrix
Companies operating across jurisdictions face an increasingly complex web of requirements:
Overlapping but Different Requirements
Jurisdiction Audit Frequency Public Disclosure Candidate Rights Penalties NYC Annual Required Limited Daily fines under Local Law 144 California Proposed Limited Extensive Under development Colorado Ongoing Required High Meaningful per-violation fines EU Continuous Required Very High Up to €35 million or 7% of global turnover Canada TBD Likely Moderate Under development
The Patchwork Problem
Example Scenario: A UK multinational with offices in NYC, California, and Germany must:
Conduct annual audits for NYC compliance
Perform algorithmic impact assessments for California
Implement continuous monitoring for EU compliance
Maintain different documentation for each jurisdiction
Manage different candidate disclosure requirements
Handle varying appeal and explanation rights
The cost of this patchwork approach: a substantial annual compliance spend before any system improvements are even factored in.
Why This Wave Won't Stop
Several factors guarantee continued regulatory expansion:
Political Momentum
Bipartisan support: Both progressive and conservative lawmakers see AI bias as problematic
Media attention: High-profile discrimination cases drive political action
Voter concern: Public polling shows strong support for AI regulation
Proven Effectiveness
NYC model works: Demonstrable reduction in hiring bias where implemented
Enforcement success: Companies are complying rather than fighting
Industry acceptance: Most major employers now support reasonable AI regulation
Regulatory Competition
First-mover advantage: Jurisdictions want to be seen as AI governance leaders
Economic benefits: Good AI governance attracts responsible businesses
Talent attraction: Regulated environments appeal to diverse talent
The Coming Wave: Predictions for 2025-2027
Likely New Jurisdictions (2025)
Maryland: Comprehensive AI hiring bill expected
Washington State: Following California's model
Massachusetts: Building on existing employment protections
Michigan: Focusing on manufacturing and automotive AI
International Expansion (2026-2027)
Japan: Likely to follow EU model with cultural modifications
South Korea: Already consulting on comprehensive AI law
Brazil: Developing AI governance framework
India: Expected to regulate AI hiring in tech sector
Federal Action (2027-2028)
United States: Growing pressure for federal AI hiring standards
Likely model: Combination of existing state approaches
Probable triggers: Major discrimination lawsuit or security incident
The Smart Response: Getting Ahead of the Wave
Rather than playing regulatory catch-up, smart companies are taking proactive approaches:
Global Compliance Strategy
Adopt highest standard: Implement EU-level compliance globally
Unified auditing: Single audit process covering all jurisdictions
Consistent technology: Same bias detection tools everywhere
Centralized governance: Global AI ethics committee
Benefits of Early Adoption
Competitive advantage: First-mover benefits in ethical AI hiring
Reduced compliance costs: Single system vs. patchwork approach
Enhanced reputation: Seen as responsible AI leader
Future-proofing: Ready for new regulations wherever they emerge
What Adopting the Highest Standard Looks Like in Practice
Organisations operating across multiple countries with varying AI hiring regulations generally see the same pattern when they adopt EU AI Act-level compliance as their global baseline rather than managing each jurisdiction separately: lower overall compliance costs than a jurisdiction-by-jurisdiction approach, fewer regulatory gaps, and a stronger position on candidate experience and employer brand across markets.
The same logic applies to organisations juggling requirements across NYC, California, and the EU specifically. A single global audit process built to exceed the strictest applicable standard tends to streamline operations, reduce legal risk exposure, and keep pace with emerging regulation more easily than maintaining several parallel, jurisdiction-specific processes.
The Cost of Regulatory Arbitrage
Some companies try to avoid regulations through jurisdictional arbitrage. This strategy is failing:
Why Arbitrage Doesn't Work
Extraterritorial reach: Most laws apply to candidates in regulated jurisdictions regardless of company location
Talent access: Best candidates are in regulated markets
Client requirements: B2B clients often require compliance regardless of location
Reputational risk: Being seen as "regulation adverse" hurts employer brand
The Race to the Bottom Becomes a Race to the Top
Companies are finding that good AI governance is a competitive advantage, not a compliance burden.
Preparing for the Next Wave
Immediate Steps (Next 30 Days)
Audit current compliance across all operating jurisdictions
Identify gaps between current practice and emerging requirements
Benchmark against EU standards as the global high-water mark
Engage legal counsel with multi-jurisdictional AI expertise
Strategic Planning (3-6 Months)
Design global compliance framework that meets all requirements
Select technology solutions that work across jurisdictions
Train teams on emerging regulatory landscape
Establish monitoring for new regulatory developments
Future-Proofing (6-12 Months)
Implement beyond-compliance systems ready for future requirements
Build regulatory tracking into business planning process
Engage with regulators in key markets to stay ahead of changes
Position as thought leader in responsible AI hiring
Conclusion: Surf the Wave or Get Swept Away
The global wave of AI hiring regulation isn't a threat - it's an opportunity. Companies that get ahead of this trend will find themselves with competitive advantages that last for years.
The alternative is regulatory whiplash: constantly scrambling to modify systems, facing penalties in multiple jurisdictions, and losing talent to more compliant competitors.
NYC Local Law 144 was just the beginning. The wave is here, and it's growing. The question isn't whether you'll have to comply with AI hiring regulations - it's whether you'll lead the wave or get swept away by it.
Computer says no to regulatory complacency. But computer says yes to companies smart enough to get ahead of the curve.
Stay ahead of the global regulatory wave. Get a multi-jurisdiction compliance assessment and prepare for the regulations coming to your markets.
Get Your Multi-Jurisdiction AI Compliance Assessment - Surf the Regulatory Wave
More on how we approach it: AI governance and compliance advisory.
Frequently asked questions
What is AI hiring regulation?
AI hiring regulation refers to laws that govern how employers can use automated tools and algorithms in recruitment, typically covering bias auditing, candidate disclosure, documentation, and rights to human review. New York's Local Law 144 was an early example, and other states and countries have since introduced their own versions with different specific requirements.
Do these regulations only apply to companies based in the regulated jurisdiction?
No. Most of these laws apply based on where the candidate is located, not where the employer is headquartered, so a company hiring across borders can be subject to multiple regulatory regimes at once. This extraterritorial reach is one of the main reasons multinational employers are finding compliance harder to manage.
What's the difference between the various regional approaches?
Some jurisdictions focus mainly on bias auditing and public disclosure of results, others add explicit candidate rights to explanation and human review, and some, like the EU's approach, apply a broader risk-based framework across the whole AI system rather than just the hiring use case. The specific obligations and penalty structures differ by jurisdiction, so a single compliance approach rarely covers every requirement automatically.
How should a multinational employer approach compliance across jurisdictions?
Rather than tracking each jurisdiction's minimum requirement separately, many organisations adopt the strictest applicable standard across all their markets and build one compliance process around it. This reduces the operational burden of maintaining several parallel, slightly different compliance systems.
If you want support with this, VerityAI offers AI governance advisory.

Sotiris Spyrou
Sotiris Spyrou is the founder of VerityAI, a Responsible AI advisory for boards and AI-deploying businesses. With 27 years across agencies, global in-house roles, and the C-suite, he advises leaders on AI governance and risk, and on answer-engine visibility engineered without the dark patterns the rest of the industry is getting penalised for. He is the author of TRANSFORM, AI Moats, and Ethical AI.
Founder at VerityAI