EU AI Act vs NYC Local Law 144 — Compliance Overlap Map
A practical compliance overlap map for NYC organizations facing dual AI regulation obligations.
Two regulatory frameworks, one compliance challenge
NYC organizations using AI for employment decisions face a unique regulatory intersection: Local Law 144 mandates annual bias audits for automated employment decision tools, while the EU AI Act classifies employment AI as high-risk under Annex III Area 4. If your hiring AI also evaluates EU-connected candidates, you need to satisfy both simultaneously.
Where the frameworks overlap
Bias and fairness requirements. Both frameworks require evaluation of AI systems for discriminatory impact. LL144 mandates annual independent bias audits examining disparate impact across race/ethnicity, sex, and their intersections. The EU AI Act requires ongoing risk management (Article 9) including bias prevention through data governance (Article 10). A comprehensive bias assessment designed for both can satisfy LL144 audit requirements while building the documentation needed for EU AI Act conformity.
Transparency and notification. LL144 requires employers to notify candidates at least 10 business days before AEDT use, disclosing what the tool assesses, what data it collects, and the retention policy. The EU AI Act requires transparency to deployers (Article 13) and, for limited-risk systems, disclosure to users that they are interacting with AI (Article 50). Both demand that individuals know AI is involved in decisions about them.
Human oversight. Although LL144 does not mandate specific human oversight, the EU AI Act's Article 14 requires high-risk systems to enable effective human supervision. Organizations meeting Article 14 requirements will inherently exceed LL144 expectations.
Where they diverge
Scope. LL144 is narrow: it applies only to automated employment decision tools evaluating NYC residents. The EU AI Act is broad: it covers all high-risk AI across multiple sectors, applying extraterritorially whenever output reaches the EU.
Auditor requirements. LL144 requires an independent third-party auditor who cannot be the tool vendor. The EU AI Act requires self-assessment conformity for most Annex III systems, with third-party assessment only for certain biometric and critical infrastructure applications (Article 43).
Documentation depth. The EU AI Act demands far more extensive documentation: full technical files (Article 11), automatic event logging (Article 12), quality management systems (Article 17), and 10-year record retention (Article 18). LL144 requires only publication of audit results and retention of disclosure records.
Penalties. LL144 penalties are $500 for a first violation, up to $1,500 per subsequent violation. EU AI Act penalties reach up to €15 million or 3% of global annual turnover for high-risk non-compliance — orders of magnitude higher.
Building a unified approach
The most cost-effective strategy is to design your compliance program to the EU AI Act's higher standard first, then ensure LL144-specific requirements (annual independent audit, intersectional demographic analysis, candidate notice timeline) are layered on top. This avoids building two separate compliance programs and ensures no gaps fall between frameworks.
Related reading
Article 2 Extraterritorial Scope · GDPR Art.22 + EU AI Act · NIST AI RMF vs EU AI Act
Assess your exposure
Take our free 5-minute assessment to determine how these obligations apply to your organization.
Start the assessmentThis article provides general information about AI regulation. It does not constitute legal advice. Lexara Advisory LLC is an AI governance consulting firm, not a law firm. Published April 2026. About the author.