On April 7, the White House released two updated policies on federal use and acquisition of AI (artificial intelligence). This follows Executive Order 14179 on January 23. The first memo M 25-21 directs federal agencies to remove barriers to innovation, empower AI leaders to accelerate responsible AI adoption, and “ensure their use of AI works for the American people.” The second, M 25-22, provides guidance to agencies to improve their ability to “acquire AI responsibly,” requiring agencies to revisit “existing internal procedures on acquisition” of AI within 270 days, and “maximize the use of American-made AI.”
Both memos rescind and replace previous Biden Administration AI policy memos, namely M-24-10 and M-24-18. National security systems are exempted from these mandates.
The cornerstone for both new memos is the Executive Order 14179, “Removing Barriers to American Leadership in Artificial Intelligence,” which states that, “it is the policy of the United States to sustain and enhance America’s global AI dominance in order to promote human flourishing, economic competitiveness, and national security.”
Competition, national security, and marketplace dominance by the United States across the global AI landscape resonate throughout both policy memos. Taken together they represent large-scale changes and provide guidance for the acquisition, trusted use, and governance of AI across the Federal government.
Accelerating Federal Use of AI through Innovation, Governance, and Public Trust M 25-21 frames three broad themes designed to, “seize the opportunity to apply the best of American AI,” namely by:
- Removing barriers to innovation and providing the best value for the taxpayer
- Empowering AI leaders to accelerate responsible AI adoption
- Ensuring AI works for the American people
Agencies are directed to drive innovation and adoption of AI while also improving governance and fostering public trust in and awareness of AI use for government services and missions.
Agencies are also directed to leverage American AI and innovation, share agency data and AI assets, procure effective and responsible AI by removing “unnecessary and bureaucratic requirements that inhibit innovation and responsible adoption.” The value of existing investments is to be maximized to ensure “speedy deployment and to protect taxpayer dollars from duplicative spending.” The emphasis on speed is one of the primary differences from the Biden guidance. Agency resources are to be shared within an agency and across the government, and agency data, models and code are to be reused.
An emphasis is placed on procurement reform further fleshed out in the second memo.
AI strategies in and across agencies are to be updated and must “elevate AI adoption and innovation as a priority, while increasing transparency.” These strategies are to outline current and planned use-cases deemed most impactful to an agency’s mission; and must also ensure that agencies have access to adequate IT infrastructure including high-performance computing for specialized AI use-cases.
The timeline for adoption of these new mandates is near-immediate, and applies to any existing contract option, renewal or extension, and new contracts signed on or after 180 days after issuance of the memo.
PUBLIC TRUST IN AI
The policy memo emphasizes ensuring public trust and responsible use of AI so that agencies “develop AI that serves the public by, for example, increasing the accessibility of government services, increasing government efficiency, enhancing national security, and growing American economic competitiveness.”
The memo also includes new definitions and policy mandates, particularly in the areas of “high-risk AI” and AI risk management. To foster public trust, the memo directs four key emphasis points for agencies, namely to:
- Identify and determine high-impact AI
- Implement minimum risk management practices for any high-impact AI
- Identify specific use-cases for high-risk AI; and
- Improve methodologies for understanding AI risk management
High-impact AI is defined for the first time in policy or regulatory documents to be: “AI with an output that serves as the primary basis for decisions or actions with legal, material, binding, or significant effect on: (1) an individual or entity’s civil rights, civil liberties, or privacy; or (2) an individual or entity’s access to education, housing, insurance, credit, employment, and other programs; (3) an individual or entity’s access to critical government resources or services; (4) human health and safety; (5) critical infrastructure or public safety; and (6) strategic assets or resources, including high-value property and information marked as sensitive or classified by the Federal Government.”
Risk management practices for high-impact AI are to include termination of non-compliance AI capabilities, public reporting of any waivers to policy, pre-deployment testing, AI impact assessments, and adequate human assessment, oversight, intervention and accountability.
DRIVING EFFICIENT ACQUISITION OF ARTIFICIAL INTELLIGENCE IN GOVERNMENT
The M 25-22 provides “guidance to agencies to improve their ability to acquire AI responsibly,” requiring agencies to revisit “existing internal procedures on acquisition” of AI within 270 days, and “maximize the use of American-made AI.”
It outlines three “grounding themes” that seek to:
- Ensure the government and the public benefit from a competitive American AI marketplace
- Safeguard taxpayer dollars by tracking AI performance and managing risk
- Promote effective AI acquisition with cross-functional engagement
Again, “buy American” is a central theme, although agencies are directed to avoid vendor lock-in, and “pay careful attention to vendor sourcing, data portability, and long-term interoperability to avoid significant and costly dependencies on a single vendor.”
The memo delineates and mandates ways to improve AI acquisition life cycles that utilize commercial best-practices including: (1) identification of requirements via cross-functional teams and determination of high-impact AI use-cases; (2) conducting marketing research and planning; (3) solicitations that ensure transparency and protect IP rights and the use of government data, and; (4) awards that include favorable contract terms for the government.
Federal agencies are directed to ensure robust testing, evaluation, and monitoring of AI and use performance-based contracting where vendors provide “access and time necessary for agencies to complete independent evaluation,” and discloses how the vendor conducts testing, and the results of testing.
MODERN SOFTWARE ACQUISITION TO MAXIMIZE LETHALITY
Although national security systems are excluded from both AI policy memos, recent activity by the Department of Defense aligns with many of these policy mandates.
In March, Defense Secretary Hegseth signed, “Directing Modern Software Acquisition to Maximize Lethality,” a memo that mandated DOD to, “shift to a construct designed to keep pace with commercial technology advancements, leverage the entire commercial ecosystem for defense systems, rapidly deliver scaled digital capabilities, and evolve our systems faster than adversaries can adapt on the battlefield.”
This directs the use of the Software Acquisition Pathway (SWP) as the preferred framework for how DOD should acquire software and systems at speed and scale.
SWP mandates that software acquired or developed “not be treated as a major defense acquisition program” to enable incremental, iterative, and rapid delivery of software capability to the user. The memo therefore directs DOD to use this overlooked authority, in place since December of 2019.
Given AI’s reliance on software and data, these SWP mandates are aligned with the recent OMB memos. This includes eliminating AI programs not aligned to administration policies such as DOD’s recent cancellation of a $9 million university grant for developing “equitable AI and machine learning models,” which sparked the Secretary of Defense to declare, “I need lethal machine learning models not equitable machine learning models.”
WHAT’S AHEAD
While we expect continued emphasis from this Administration on critical technologies such as AI and quantum information science, it remains to be seen what specific AI programs and activities across the Federal government will benefit or be adversely impacted by the President’s FY26 Budget.
Ahead of the budget we can expect continued redirection of AI programs misaligned with the Administration policies and for more agencies to take actions similar to DOD’s grant cancellation. The Department of Government Efficiency (DOGE) will likely play an outsized role given their sweeping and flexible mandate and stated intent to leverage AI across the Federal government.
Large scale and multi-year investments may be required to ensure agencies have access to adequate AI infrastructure including high-performance computing, and the Department of Energy has recently identified 16 Federal sites across the country for such infrastructure.
Lastly, the forthcoming AI Action Plan for the Federal Government — will provide further guidance and program emphasis points for all agencies and will likely continue the themes and mandates outlined in these transformative AI memos.