Preparing for Global AI Regulations: From the EU AI Act to New US RulesChargebacks911 CTO Donald Kossmann Pens Guest Article for The AI Journal on Global AI Regulation

Donald Kossmann, Chief Technology Officer at Chargebacks911, recently authored a guest piece for The AI Journal. In his article, Kossmann explores how emerging AI regulations — from the EU AI Act to assorted US regulatory levers — are increasingly affecting payments, financial services, and dispute-management systems.

The AI Journal is a specialist digital publication dedicated to covering artificial intelligence across domains such as analytics, finance, automation, and governance. It offers expert commentary and insights into how AI technologies are evolving, particularly in high-impact sectors like payments and fraud prevention.

“Everyone that touches the payments ecosystem needs to be prepared, including merchants. If an AI system makes a decision that blocks a payment, flags a customer for fraud or rejects a dispute, they will need to explain it,” Donald writes. “Regulators will want to know how the system works, who monitors it and how errors are caught – and so will consumers. These rules will apply whether the system is built in-house or provided by a vendor.”

Kossmann’s piece highlights that organisations using AI to flag fraud, decide on transactions, or manage disputes are not exempt from scrutiny. He points out that under the EU AI Act many of these systems may be classified as “high risk,” triggering obligations such as human oversight, technical documentation, and fairness-testing. He also notes that while the US lacks a unified federal AI law, agencies like the Federal Trade Commission and the Consumer Financial Protection Bureau are active in challenging automated systems that disadvantage consumers.

“Some organisations are already adapting by adopting platforms that automate key aspects of governance. These systems can track model changes, run fairness checks, and log inputs and decisions across the AI lifecycle. This approach is helpful, but falls short for most organizations as they still need to invest a great deal of internal resources to integrate these platforms into their systems and manage these platforms to stay compliant.”