Welcome to This Week in AI Regulations for May 17, 2026.

In China, the Huangpu District People’s Government Office in Shanghai has reissued revised regulations governing the drafting, review, issuance, evaluation, and management of administrative normative documents. These updated rules clarify responsibilities, procedures, and prohibitions. A key feature of the revision is the mandated use of artificial intelligence and big data technologies for risk assessment and legality review of administrative documents. The regulations also emphasize strengthening party leadership in document management and classifying documents into district government and department normative documents.

Also in China, the Shanghai Municipal People’s Government Office has published a comprehensive action plan to deepen the “One Network for All Services” reform. This plan aims to standardize, optimize, and expand government service processes with a focus on AI-assisted services. It promotes policy service integration, cross-regional collaboration within the Yangtze River Delta, and enhanced data sharing to improve the overall service experience.

Turning to the United Kingdom, the Financial Conduct Authority, the Bank of England, and the Treasury issued a joint statement addressing frontier artificial intelligence models and cyber resilience. The statement highlights the need for firms to enhance governance, risk management, protection, and response capabilities specifically to counter frontier AI-driven cyber threats. The statement requires boards and senior management to understand frontier AI risks to set strategic direction and oversee risk management. It also calls for investment and resourcing decisions to reflect emerging frontier AI threats, including insurance considerations. Firms are expected to triage, prioritize, assess, and respond to these AI-driven cyber risks in line with reinforced operational resilience rules.

In Italy, security vulnerabilities in Spring AI products prior to versions 1.1.6 and 1.0.7 have been resolved. Users of Spring AI are advised to update to the patched versions to mitigate risks of data manipulation and information disclosure.

Lastly, in Japan and the United States, the joint venture SB OAI Japan GK will expand its activities from marketing and reselling AI solutions to developing end-user AI applications and providing professional services within Japan. This change follows approval by the European Commission under Article 6(1)(b) of the Merger Regulation, ensuring compliance with European Union competition law and internal market rules. The Commission declared no opposition based on simplified treatment criteria.

That wraps up today’s regulatory updates. Visit carveragents.ai for more information.