Does Trump's AI executive order cancel Colorado's AI Act compliance deadline?

No. Every major law firm analysis published since the executive order — from Clark Hill, Gibson Dunn, White & Case, and King & Spalding — reaches the same conclusion: an executive order cannot independently preempt a state law. Preemption requires either an act of Congress or a successful federal court challenge. The EO directed the Office of Science and Technology Policy to identify state AI laws that may conflict with federal policy, and named Colorado's AI Act (CPAIA) as an example — but identifying a law for potential preemption is not the same as preempting it. Unless a federal court issues an injunction before June 30, 2026, Colorado's compliance deadline stands. Professional services firms treating the EO as a reason to pause compliance preparation are taking on legal risk.

What does Colorado's AI Act (CPAIA) actually require from professional services firms?

Colorado's Consumer Protections for Artificial Intelligence Act requires businesses that develop or deploy 'high-risk AI systems' to (1) use reasonable care to protect consumers from algorithmic discrimination, (2) conduct annual impact assessments for high-risk AI systems, (3) disclose when high-risk AI is being used in consequential decisions affecting Colorado consumers, and (4) provide a means for consumers to appeal AI-driven decisions. For professional services firms, the key question is whether any AI tool you use qualifies as a 'high-risk AI system' under the law — specifically tools used in employment decisions, financial decisions, or healthcare decisions. AI-assisted hiring screening tools and client risk assessment tools are the clearest candidates.

Which professional services firms are most affected by Colorado's AI Act?

Staffing firms and accounting firms with Colorado operations face the most direct exposure. Staffing firms that use AI to screen, rank, or score job candidates for positions in Colorado are almost certainly deploying 'high-risk AI systems' under the law — the employment decision category is explicit. Accounting and consulting firms that use AI in client financial assessments, credit analysis, or risk scoring also need to evaluate their tool stack. Law firms using AI in client intake screening or matter prioritization should review whether those tools meet the high-risk threshold. The law applies to decisions affecting Colorado consumers, which means any firm with Colorado clients or candidates — not just firms headquartered in Colorado.

What should professional services firms do now with four months until the deadline?

Three actions. First, inventory every AI tool your firm currently uses and classify each one by whether it makes or informs decisions affecting clients, candidates, or employees in Colorado. Second, for any tool that qualifies as high-risk, request documentation from the vendor about their compliance status — Colorado-compliant vendors should be able to provide impact assessment summaries and consumer disclosure materials. Third, check whether your engagement letter or service agreement language discloses AI use in consequential decisions. If it doesn't, add it. The disclosure requirement is the easiest to fulfill and the first thing a regulator will look for. Do not wait for federal preemption litigation to resolve — it won't resolve before June 30.

What's the risk of doing nothing until the preemption issue is settled?

The preemption debate will likely take longer than four months to resolve in court, if it ever does. Federal AI preemption requires congressional legislation to be durable — an executive order instructs agencies to act but doesn't change state law. A court challenge could take 12-18 months to reach a decision. Professional services firms that adopt a 'wait and see' approach through June 30 face two risks: enforcement exposure if the law takes effect as scheduled, and the rushed compliance scramble of trying to assess, document, and update workflows in weeks rather than months. The cost of preparation is lower than the cost of emergency compliance.

Colorado AI Act: June 30 Deadline Still On

Published: March 15, 2026 | By: The Crossing Report | 5 min read

Here's what happened: Trump's executive order on AI specifically named Colorado's Consumer Protections for Artificial Intelligence Act as an example of a state law that risks requiring AI systems to "produce false results." Several outlets covered this as a sign that federal preemption would wipe out Colorado's June 30, 2026 compliance deadline.

Here's what didn't happen: the compliance deadline did not go away.

If your firm has been monitoring the preemption story and treating it as a reason to slow-walk your Colorado AI Act preparations, you're making a legal strategy mistake that every major law firm that has analyzed the situation says you should not make.

What the Lawyers Actually Say

Clark Hill, Gibson Dunn, White & Case, and King & Spalding have all published analysis since the executive order. Their consensus is consistent:

An executive order cannot independently preempt a state law.

Federal preemption of a state law requires either an act of Congress — legislation — or a successful federal court challenge that produces an injunction. An executive order instructs federal agencies to take certain actions. It can direct the Office of Science and Technology Policy to identify state AI laws that conflict with federal policy. It can signal an administration's intent to push for preemption. It cannot, on its own, make a state law unenforceable.

What the EO did: directed federal agencies to identify state AI laws that could require AI systems to "produce false results." Colorado's CPAIA was specifically named.

What the EO did not do: preempt, suspend, or void Colorado's law.

The BigLaw consensus is that federal preemption of Colorado's AI Act — if it happens at all — will require either congressional legislation or a court injunction. Both take longer than four months. Colorado CPAIA enforcement is expected to proceed on schedule June 30, 2026.

What Colorado's AI Act Actually Requires

The Consumer Protections for Artificial Intelligence Act (CPAIA) applies to businesses that develop or deploy "high-risk AI systems" — defined as systems that make consequential decisions in categories including employment, financial services, healthcare, and housing.

For professional services firms, the most relevant question is: do any of your AI tools make or meaningfully inform decisions in those categories?

Staffing firms: If you use AI to screen, score, rank, or filter job candidates for positions in Colorado, you are almost certainly deploying a high-risk AI system under the law. The employment decision category is explicit and broad.

Accounting and consulting firms: AI tools used in client financial risk assessment, creditworthiness evaluation, or investment suitability analysis need evaluation. If an AI tool produces an output that directly informs a consequential financial decision about a Colorado client, that's the scope you need to assess.

Law firms: Client intake screening tools, matter prioritization systems, and risk scoring for case acceptance should be reviewed. The threshold is whether the tool informs a consequential decision — not whether a human makes the final call.

The disclosure requirements apply to decisions affecting Colorado consumers — which means any firm with Colorado clients or candidates is in scope, not only firms headquartered in Colorado.

The Three Compliance Actions to Take Now

1. Inventory your AI tools against the high-risk definition.

Write down every AI tool your firm currently uses. For each one, ask: does this tool make or inform decisions about people in categories covered by the law (employment, financial decisions, healthcare, housing)? If yes, you have a high-risk AI system that needs a compliance review.

This exercise usually takes two to four hours for a 10-15 person firm. Most firms will find one to three tools that require attention — not ten.

2. Request compliance documentation from vendors of any high-risk tools.

Colorado-compliant AI vendors should be able to provide: (a) documentation of their impact assessment process, (b) their approach to algorithmic discrimination testing, and (c) materials your firm can use to meet the consumer disclosure requirement. Vendors that can't provide this by April are not going to be ready for your June 30 deadline.

3. Add AI disclosure language to your client and candidate communications.

The disclosure requirement — telling people when AI is being used in consequential decisions about them — is the easiest part of CPAIA to fulfill and the first thing a regulator will look for. If your engagement letters, service agreements, and job application processes don't include AI disclosure language where relevant, add it now.

Template language: "We may use AI-assisted tools in [describe the process — e.g., candidate screening, client risk assessment]. These tools inform our professional judgment; all consequential decisions are reviewed by a qualified professional."

What "Wait and See" Actually Costs

The federal preemption litigation that might eventually overturn Colorado's AI Act — if it happens — will not resolve before June 30, 2026. A federal court challenge takes 12-18 months to reach a decision at the district court level, and longer at the appellate level.

Professional services firms in two scenarios are in good shape:

Firms that started compliance preparation in Q1 2026 and complete it by June 1 — they have a 30-day buffer.
Firms that decide Colorado CPAIA doesn't apply to them after a legitimate tool inventory — no high-risk AI systems, clear and documented rationale.

Professional services firms in one scenario are not in good shape:

Firms that said "we'll wait until the preemption issue resolves" — and are still waiting on July 1.

The law that takes effect is the law you complied with. "We thought the executive order would preempt it" is not a defense to a Colorado enforcement action.

For Issue #12 Readers (April 27 Newsletter)

This post is a preview of what the April 27 Crossing Report will cover in full: the Colorado AI Act deadline, the Illinois HB 3773 compliance requirements already in effect, and what a professional services firm compliance checklist looks like across both laws.

If you're in a state where these deadlines apply, the April 27 issue will include a firm-type breakdown — what the law requires specifically for accounting, law, consulting, staffing, and marketing agencies — and a compliance timeline template.

The best time to start was January. The next best time is now.

Trump's AI Executive Order Names Colorado — But Your June 30 Compliance Deadline Is Still On