MAR 12, 2025 | US | AGENCY SUBMISSION
US: BSA Letter to Office of Management and Budget on Revisions to OMB Memos on Government Use and Acquisition of AI
Here are the recommendations the letter makes on improving government use and acquisition of AI:
OMB Memo 24-10:
- Continue efforts to ensure federal agencies remove barriers to AI adoption to streamline services and enhance government efficiency, including by strengthening AI governance, modernizing IT infrastructure, investing in tools and processes to digitize, increase access to, and enhance usability of government data to support AI adoption, and enhancing the capability of the federal workforce;
- Use one, consensus- and risk-based framework as the basis for federal agencies’ risk management practices;
- Tailor the scope of risk management practices to high-risk uses of AI that have the most significant impact on Americans’ lives;
- Streamline agency impact assessment requirements; and
- Ensure harmonization across federal agencies, including streamlining vendor documentation requirements and allowing approved AI solutions to be used by other agencies.
OMB Memo 24-18:
- Prioritize use of commercial AI products;
- Increase efficiency of Federal Risk and Authorization Management Program (FedRAMP);
- Ensure regulatory consistency;
- Remove obligations for vendors to disclose sensitive proprietary information;
- Revise incident reporting obligations, including defining the scope more clearly and narrowly, extending the reporting time frame, and harmonizing agency approaches;
- Promote transparency of AI-generated content through open technical standards enabling relevant disclosures of content authenticity and provenance;
- Revise testing and risk mitigation practices for generative AI to clarify the scope of issues covered by the obligations and enhance the effectiveness of appropriate safeguards; and
- Ensure obligations are feasible to implement, including creating notification and remediation processes prior to an agency’s termination of use of an AI system and eliminating the requirement for vendors to meet performance standards before deploying a new version of an AI system, which prevents the release of new versions that can improve performance.
