Until last week, the closest thing the United States had to federal AI regulation was silence. More than thirty states have been filling that silence themselves, California, Colorado, Texas, and Illinois among them, each passing its own disclosure rules, bias auditing requirements, and restrictions on automated decision-making. For any business operating across state lines, compliance has meant tracking a patchwork of overlapping and sometimes contradictory laws, with no federal authority to arbitrate between them.
That calculus shifted on June 4, when Representatives Jay Obernolte (R-CA) and Lori Trahan (D-MA) released the Great American AI Act, a 269-page bipartisan discussion draft that would be, if passed, the first comprehensive federal AI governance framework in United States history.
What the bill actually proposes
The most immediately consequential provision isn't about AI safety. It's about preemption. The draft would freeze state AI legislation for three years. States could still regulate how AI systems are used within their borders, but they would lose the authority to set requirements on how those systems are built. For businesses currently navigating California, Colorado, and Texas AI laws simultaneously, this isn't a technical footnote. It's a potential compliance reset.
On the developer side, the bill targets "large frontier developers": AI companies with more than $500 million in annual revenue. Those companies would face binding obligations. Publish safety frameworks. Conduct risk assessments before deploying advanced models. Make pre-release disclosures. Report critical safety incidents to the federal government. A new institution, the Center for AI Standards and Innovation inside the Commerce Department, would develop security standards, assess frontier risks, and coordinate with international partners.
What this means if you run or advise a US business
The three-year preemption window is the most immediately useful thing in the bill for planning purposes. If it passes in anything close to its current form, the state-by-state patchwork that has made AI compliance genuinely painful for multi-state operators pauses. Legal teams tracking California, Colorado, and Texas requirements in parallel can redirect some of that attention.
But the $500 million threshold has downstream implications for businesses well below that revenue line. When large frontier developers face mandatory safety assessments and pre-deployment disclosures, those requirements flow into supply chains. Enterprise software vendors, API providers, and SaaS platforms built on frontier models will face procurement questions about compliance posture. Third-party audit frameworks and incident reporting documentation are likely to become standard procurement expectations, not optional features.
The bill is still a discussion draft: it hasn't been formally introduced and will be amended before any vote. But 269 bipartisan pages signals substantive work, not a press release in legislative clothing. The framework it proposes (preemption, developer obligations, a federal oversight body) is probably the shape of what eventually passes, even if the specifics shift.
The bigger picture
The United States has watched the EU AI Act take effect while Washington debated whether to act at all. The Great American AI Act is a direct answer to that inaction, and it makes a distinctly different bet. Where the EU framework tiers requirements by use case and risk level, the American draft draws its primary line at developer size and capability. Regulate the most powerful builders, preempt the states, let the federal centre set the floor.
Whether that's the right tradeoff is genuinely contested. Public Citizen has already argued the bill strips consumer and worker protections that states have built. The tech industry will push hard on the preemption provisions. But for businesses that have been waiting for federal clarity before committing to a compliance architecture, a stable federal framework, even in draft form, is more useful than a moving target across fifty jurisdictions.
It's still a discussion draft. It will be amended. The preemption provisions will be fought over heavily. But 269 bipartisan pages is not a press release: it's a signal that the shape of US AI governance is becoming visible. For businesses in regulated industries especially, healthcare, finance, and legal, this is the framework to track. The language being written in Congress now will become the compliance requirements you navigate in the next couple of years