Insights

The National Association of Insurance Commissioners (NAIC) is intensifying its oversight of how insurers use AI — and the pace of regulatory activity shows no signs of slowing. Over the past several months, the NAIC has published a formal Issue Brief staking out its position on federal AI legislation, launched a multistate AI Evaluation Tool pilot aimed at examining insurers’ AI governance programs, and continued to expand adoption of its AI Model Bulletin across state lines. These developments continue a trend towards enhancing regulation; the NAIC adopted AI Principles in 2020 and a Model Bulletin in 2023 clarifying that existing insurance laws apply to AI systems and establishing expectations for governance, documentation, testing, and third-party oversight. That Model Bulletin has now been adopted in approximately 24 states.

In its latest attempt to establish a national AI regulatory standard and quash “cumbersome” state AI laws, the White House on Friday, March 20, 2026, released legislative recommendations for a National Policy Framework on Artificial Intelligence. 

Legislative efforts to significantly expand California’s antitrust laws are working their way through the state legislature. The most comprehensive overhaul is Assembly Bill 1776 — the Competition and Opportunity in Markets for a Prosperous, Equitable and Transparent Economy (COMPETE) Act, introduced by Assembly Majority Leader Cecilia Aguiar-Curry, on March 23, 2026. AB 1776 is modeled closely after draft legislation recommended by the California Law Revision Commission (CLRC) in December. AB 1776 would not only significantly expand potential liability for single-firm conduct and monopolization but would also explicitly decouple California antitrust analysis from certain federal standards. Companies doing business in California should pay close attention to AB 1776 because of its potentially dramatic impact, including increased exposure to antitrust litigation and increased compliance costs.

On March 13, a Massachusetts federal district court temporarily blocked the Trump Administration from requiring higher education institutions to respond to the Admissions and Consumer Transparency Supplement (“ACTS”) survey — a new data collection effort mandating that institutions disclose detailed admissions information regarding students’ race and sex to the federal government. In Commonwealth of Massachusetts v. Department of Education, 1:26-cv-11229 (D. Mass.), the court extended the deadline for institutions to respond to the survey from March 18th to March 25th to allow time to consider the case.

False Claims Act (FCA) settlements and judgments hit record highs yet again in FY 2025, surpassing the previous record by over $1 billion and setting a new high-water mark for the number of new FCA cases filed.  These records were built both on existing enforcement priorities such as pandemic-related fraud and healthcare enforcement actions and new guidance from the Executive Branch instructing the Department of Justice to enforce its 2025 priorities including Diversity, Equity, and Inclusion (DEI), civil rights, and customs issues.  Procurement fraud, cybersecurity issues, and small business fraud also remained focal points, with significant settlements in each of those areas.  In the courts, an Eleventh Circuit decision expanded relators’ ability to use discovery to avoid dismissal under Rule 9(b), and a Ninth Circuit ruling clarified a number of customs fraud issues while applying the Supreme Court’s Schutte scienter test.  Debate over the qui tam provisions’ constitutionality continued to grow, with arguments made in multiple circuits, including an Eleventh Circuit oral argument in the appeal of the Middle District of Florida’s Zafirov decision that helped to spark the recent wave of challenges.  Crowell FCA attorneys explain these developments, trends, and what’s next for the FCA in a “Feature Comment” published in The Government Contractor.

In a significant ruling on the application of data protection law in the United Kingdom, on 19 February 2026, the UK’s Court of Appeal (CA) ruled in favour of the UK Information Commissioner (ICO) in its appeal against the decision of the Upper Tribunal (UT) in the case of DSG Retail Ltd v The Information Commissioner [2026] EWCA Civ 140. This ruling clarifies the scope of data controllers’ security obligations with pseudonymised personal data and confirms that a controller’s duty to safeguard personal data is not diminished merely because a cyber attacker who exfiltrates that data would be unable to re-identify the individuals concerned.

On 12 March 2026, the USTR self-initiated Section 301(b) investigations against 60 of the United States' largest trading partners, including the United Kingdom. The investigations will examine whether each economy's acts, policies, and practices relating to the failure to impose and effectively enforce a ban on goods produced with forced labour are unreasonable or discriminatory and burden or restrict U.S. commerce.

In our second alert in this EU Pharma Package Series, we provided a detailed overview of the diverging positions of the European Commission (Commission), the European Parliament (Parliament), and the Council of the European Union (Council) on one of the most debated and anxiously anticipated topics, the regulatory data protection (RDP). While all EU institutions proposed a modulation system, they differed significantly in terms of the baseline period and the structure of the possible extensions.

On March 19, 2026, a U.S. District Court for the Fifth Circuit panel denied the Federal Trade Commission’s (FTC) emergency motion for a stay pending appeal of a district court’s order that vacated the FTC’s 2024 overhaul of the HSR premerger notification form.

Recent developments present urgent compliance questions for colleges and universities navigating the evolving Name, Image and Likeness (NIL) landscape for collegiate athletes.

[1] In a recent development, the UK Supreme Court ruled that Artificial Neural Networks (ANNs) are not excluded from patentability due to being a computer program “as such.” In doing so, the Court set out the framework of a new test for the UK Intellectual Property Office (IPO) to use when evaluating the patentability of computer. The ruling breaks down barriers to the patenting of AI algorithms in the UK and paves the way for a wider change in the UK IPO’s approach to assessing excluded subject matter.

2026 will prove to be a pivotal year for organ procurement organizations (OPOs). For the first time, the impact of the Center for Medicare and Medicaid Services’ (CMS) 2020 outcome measures will be fully felt, as the year marks the end of the first certification cycle governed by the new benchmarks. In the meantime, OPOs are challenging the 2020 rule in several federal lawsuits and, as that litigation progresses, CMS is accepting comments on a new proposed rule, which we discussed in a prior alert. 

On March 12, 2026, the U.S. Commodity Futures Trading Commission (CFTC) took formal steps toward establishing additional regulations for prediction markets. The agency issued an Advanced Notice of Proposed Rulemaking (ANPRM) soliciting public input on potential new rules, and separately, released staff guidance outlining its views on how existing rules apply to prediction market platforms currently in operation. These developments signal a significant shift in the regulatory landscape for an industry that has grown rapidly over the past year.

Entities regulated by the Animal Welfare Act (AWA) are potentially facing an unprecedented wave of federal enforcement as DOJ, USDA, HHS, and DHS unleash a plan to intensify inspections, increase compliance demands, and coordinate enforcement efforts like never before — making proactive preparation essential for all affected organizations.

In a rare move that could have significant impacts for businesses operating in regulated industries, the Trump administration has indicated plans to invoke the Endangered Species Committee, commonly referred to as the “God Squad.”  See 16 U.S.C. 1536(e); 50 C.F.R. Part 453. On March 16, 2026, the Interior Department published a notice in the Federal Register, stating that the Committee will hold a meeting – which will be livestreamed - on March 31 in Washington, D.C. to consider an ESA exemption “with respect to oil and gas exploration, development, and production activities” in the Gulf.[1]This little-known but powerful federal panel earned its nickname because it holds the authority to exempt certain projects from the protections of the Endangered Species Act (ESA), potentially clearing the way for development and other activities in sensitive habitats.

The BCA 2026 Priorities Paper sets out the sectors in which the authority will exercise particular vigilance, and outlines its strategic policy priorities for the year, including the development and deployment of its enforcement instruments. For in-house counsel, the document is an important roadmap: it signals where investigations are most likely to originate, what new tools the BCA is acquiring, and which compliance initiatives deserve immediate attention. The most prominent change in the 2026 paper is the replacement of the construction sector, considered a priority sector in 2025, with sport, media and entertainment.

The New Jersey Legislature is considering two bills, that if enacted, would prohibit business entities from using either consumers' personal data or “personalized algorithmic pricing” to set prices for merchandise or services, including groceries. If enacted, the new laws would have broad implications for companies across industries that rely on algorithmic or data-informed pricing strategies. In her recent State Budget Address, New Jersey Governor Mikie Sherrill pledged to sign the proposals into law if they reach her desk.

On March 11, 2026, U.S. Patent and Trademark Office (USPTO) Director Squires issued a memorandum (2026 memo) to all Patent Trial and Appeal Board (PTAB) users titled “Additional Discretionary Institution Considerations — U.S. Manufacturing and Small Business Use of AIA Proceedings.”[1] In the 2026 memo, the director adds three new factors in determining whether to institute inter partes review (IPR) and post-grant review (PGR) proceedings.[2] The factors focus on domestic manufacturing and the use of these proceedings by small businesses.[3] The memo applies immediately to all pending IPR and PGR proceedings in which the due date for the patent owner’s discretionary brief has not yet elapsed.[4] Patent owners, petitioners with domestic manufacturing ties, and small business petitioners should take note.

In Wake Chapel Church, Inc. v. Church Mutual Insurance Company, the Fourth Circuit affirmed a $1.1 million jury verdict in favor of a policyholder, reaffirming that under North Carolina law insurers cannot defeat all-risk coverage by pointing to a postulated inherent defect or other excluded cause if a covered peril also contributed to the loss.

On 4 March 2026, Qatar’s Ministry of Commerce and Industry (MoCI) issued Ministerial Decision No. (25) of 2026 (Decision), establishing a regulatory framework (Framework) for conducting commercial activities through electronic platforms that do not require a physical premises in Qatar. The Decision was published in the Official Gazette on 15 March 2026 and entered into force on 16 March 2026.