Regulators Crackdown On Exaggerated AI Claims

Global regulators are no longer issuing polite warnings about the exaggerated claims made about artificial intelligence (AI). From the US Securities and Exchange Commission (SEC) to the UK’s Advertising Standards Authority (ASA), the message to businesses is loud and clear:

be honest about what your AI does and be able to prove it

Regulators on both sides of the Atlantic are now actively scrutinizing marketing and disclosures to ensure they match operational reality.

In the US, the Securities and Exchange Commission (SEC) settled cases with two investment advisers in March 2024 for making false and misleading statements about their use of AI. The firms had to pay $400,000 in penalties, a powerful signal that “AI washing” — when a company claims to have cutting-edge AI when it’s just using a basic system — is now a major focus of enforcement.

In the UK, the Advertising Standards Authority (ASA) is also taking action. Its November 2024 analysis found that roughly 16,000 ads referred to AI within a three-month period. The ASA reminded businesses of the Committee of Advertising Practice (CAP) Code, which states that they must not claim to use AI when they don’t, exaggerate a system’s capabilities or make claims of superiority without solid proof.

Other UK regulators are also involved. The Financial Conduct Authority (FCA) expects all communications to be clear, fair, and not misleading, as laid out in its Principle 7:

A firm must pay due regard to the information needs of its clients, and communicate information to them in a way which is clear, fair and not misleading

The FCA’s AI Update links these expectations to both the use and marketing of AI models and puts accountability for these claims on senior management under the Senior Managers and Certification Regime (SM&CR). The UK’s Competition and Markets Authority (CMA) has also warned about the dynamics of the AI market and is ready to use its competition and consumer protection tools to address any issues.

In the US, the Federal Trade Commission (FTC) is also focusing on AI washing with its Operation AI Comply program, indicating that it will take action against unsubstantiated or deceptive claims.

Common missteps in AI claims

When regulators and compliance teams review AI-related marketing, the same mistakes keep popping up, weakening a firm’s credibility and inviting regulatory scrutiny. These common errors include:

• Vague terminology: Using blanket phrases like “AI-powered” without explaining the system’s purpose, methods or how it fits into the workflow
• Human-level claims: Using language that suggests an AI can perform as well as — or better than — a human, without robust, verifiable evidence
• Misattributing outcomes: Crediting a system with an “AI model” when the outcomes are actually based on simple rules or manual reviews
• Biased evidence: Presenting benchmarks from limited tests or ideal datasets as typical performance
• Undisclosed limitations: Hiding or failing to mention known issues like bias, error rates or other flaws
• Misleading certifications: Using terms like “regulated” or “certified” without an official designation from a regulatory body like the FCA or SEC
• Third-party conflation: Implying that a company’s capabilities are its own when they actually belong to a third-party provider, without clarifying the dependency
• Data ambiguity: Making unclear claims about training data, its origin or consent, which creates uncertainty about its legality
• Version mismatch: Marketing a model that is no longer in use or is different from what customers are currently experiencing
• Governance gaps: Failing to connect claims to a designated owner under the SM&CR or provide evidence that senior management has reviewed the risks

Best practices for Responsible AI claims

In response to this increased scrutiny, forward-thinking companies are tightening their approach to AI disclosures. Instead of relying on vague marketing slogans, they’re creating structured processes to back up every claim. These best practices demonstrate how companies can maintain credibility while complying with regulations:

• Create a claims catalog: Many firms now track every AI-related statement across their websites, presentations and social media, connecting each one to supporting evidence
• Require sign-offs: Financial promotion workflows now specifically include AI claims, requiring review and approval from legal and compliance teams and the model’s owner
• Publish model fact sheets: Firms are maintaining short “model cards” internally and sometimes publishing them to describe a model’s purpose, data sources, limitations and how it’s monitored
• Set language guardrails: Firms are creating word lists that trigger extra scrutiny (e.g., “fully autonomous,” “guaranteed accuracy”). Some even ban these terms unless there is very strong evidence
• Establish a pause and update protocol: Companies are monitoring for changes in a model’s performance. If a change is detected, it triggers a “claims freeze” and a quick update of all customer-facing materials
• Vet suppliers: Due diligence for third-party providers now includes reviewing their data, safety policies and service limitations. Marketing must then accurately reflect these realities
• Align with advertising standards: Companies are embedding CAP Code guidance into their creative review process to ensure ad copy aligns with the evidence on file and avoids unsubstantiated superiority claims
• Improve record-keeping: Firms are enhancing their records to document what was claimed, when, and where it was approved to help with internal audits and regulatory inquiries
• Train staff: Sales and support teams are being trained on what models can and cannot do to prevent them from making off-the-cuff, exaggerated claims
• Conduct consistency checks: Periodic reviews compare a product’s reality with public claims, catching any changes and ensuring disclaimers are accurate

In the current market, loose language is a major regulatory risk. The message is clear:

precision and proof matter as much as the product itself

The regulatory landscape has shifted, and firms must now proactively monitor and test their claims, including those from their suppliers, to avoid the consequences of “AI washing.”