Introduction
On April 3, 2025 [2] [4] [7] [8], the White House’s Office of Management and Budget (OMB) issued two significant memoranda aimed at enhancing the adoption and governance of artificial intelligence (AI) within federal agencies. These directives [6] [8], M-25-21 and M-25-22 [2] [4], establish new standards for evaluating [8], adopting [2] [4] [5] [6] [8], and procuring AI technologies, supporting the implementation of Executive Order 14179 [4]. The memos promote a pro-innovation and pro-competition approach [1], encouraging faster AI adoption by reducing bureaucratic obstacles and empowering agency leadership in AI governance [4].
Description
On April 3, 2025 [2] [4] [7] [8], the White House’s Office of Management and Budget (OMB) issued two memoranda—M-25-21 titled “Accelerating Federal Use of AI through Innovation, Governance [1] [4] [7] [8], and Public Trust” and M-25-22 titled “Driving Efficient Acquisition of Artificial Intelligence in Government.” These directives establish new standards for the evaluation, adoption [2] [4] [5] [6] [8], and procurement of artificial intelligence (AI) within federal agencies [2] [7] [8], supporting the implementation of Executive Order 14179 [4], which aims to eliminate barriers to AI technology adoption in the federal government and enhance public services [4]. The memos promote a pro-innovation and pro-competition approach [1], encouraging faster AI adoption by reducing bureaucratic obstacles and empowering agency leadership in AI governance [4].
M-25-21 specifically addresses the integration of AI within federal agencies [2], outlining necessary preparations for government contractors [2], particularly in IT and emerging technologies [2]. It emphasizes transparency measures to demonstrate AI risk mitigation and allows waivers for high-impact AI use cases [4], with a preference for American-developed AI products and services. The memo governs the development [1], use [1] [2] [3] [4] [5] [6] [7], and acquisition of AI by covered agencies [1] [6], which include executive and military departments [7], government corporations [2] [7], and other executive branch establishments [7], while excluding certain regulatory actions [1], law enforcement [7], testing [2] [4] [5] [6] [7] [8], research [7], and AI used in National Security Systems [2] [4].
Key initiatives outlined in the memos include promoting competition in federal AI procurement, building an AI-ready workforce [1] [5], and maintaining annual inventories of AI use cases. Agencies are directed to streamline AI adoption by minimizing unnecessary requirements and maximizing resources [4]. Within 180 days [2] [4] [5] [6], CFO Act agencies must publish strategies to eliminate barriers to AI use [4], while governance boards must be convened within 90 days to oversee AI initiatives [4]. Agencies are required to appoint Chief AI Officers (CAIOs) within 60 days to lead governance efforts [4], oversee the adoption of AI technologies [4] [5], and ensure compliance with risk management protocols [1] [5]. These officers will also be responsible for building an AI-ready workforce and advising on agency investments in AI.
The guidance emphasizes responsible AI governance [7], aligning with state AI legislation applicable to private companies [1] [7]. Notably, the use of biometric identification for one-to-many identification in publicly accessible spaces is classified as a high-impact AI application [6], requiring agency officials to provide documentation to the CAIO to counter the presumption of high-impact use [6]. Agencies must implement tailored risk management practices for high-impact AI use cases [4], which significantly affect civil rights [4] [8], essential services [8], health [8], safety [4] [8], and critical infrastructure [8]. This includes conducting pre-deployment testing [4], completing AI impact assessments [2] [4], ensuring human oversight [4], providing remedies for affected individuals [4], and pausing non-compliant high-impact AI use [4]. A deadline for discontinuing non-compliant systems is set for April 3, 2026 [8].
While recognizing the need for intellectual property protections [2], the memos lack specific implementation details. They stress the importance of interoperability, avoidance of vendor lock-in [2], and data sharing [2] [8], prompting contractors to adjust their licensing agreements [2]. A new category of “high-impact” AI is introduced [2], necessitating additional risk management practices [2], including ongoing monitoring and training [2]. Agencies must ensure that contracts for AI systems include provisions for regular monitoring and evaluation of performance [3], risks [1] [2] [3] [4] [5] [8], and effectiveness [3], with vendors required to conduct ongoing assessments to address new risks and changes in AI model performance [3]. If an AI use case is presumed high-impact [2], agency officials must provide documentation to rebut this presumption to the CAIO [2]. The OMB may also seek determinations from CAIOs regarding such applications [6].
Federal agencies are directed to update their IT policies and infrastructure within 270 days [2], which may affect existing contracts [6]. M-25-21 aims to guide agencies in the responsible adoption and development of AI while ensuring safeguards for privacy [2], civil rights [2] [8], and civil liberties [2], in accordance with the AI in Government Act [2]. Contractors are required to publicly release a compliance plan within 180 days, develop a Generative AI policy by early 2026, and annually publish an AI use case inventory until 2036 [2]. Agencies must also reassess their internal policies on IT infrastructure, data [1] [2] [6] [8], and cybersecurity within the same 270-day timeframe.
The memos highlight the necessity of an AI governance framework to balance competitiveness with the associated risks of AI systems [1]. Plans are in place for OMB to publish procurement playbooks [1], while the General Services Administration (GSA) will provide guides for the federal acquisition workforce. Additionally, an online repository of tools and resources for responsible AI procurement will be developed [3], promoting knowledge-sharing and cooperation among agencies [3], with contributions encouraged to enhance best practices in AI deployment [3].
Overall, the memos encourage procurement practices that foster competition and interoperability in the Federal AI marketplace [2], with contractors anticipating increased solicitations for AI-related services and being mindful of contractual terms that prevent vendor lock-in [6], thereby promoting competition and limiting exclusivity agreements [6]. As the government establishes standards around AI accountability [8], private companies are encouraged to align their governance models with these standards to build internal trust and mitigate future regulatory risks [8]. Investing in infrastructure that accommodates regulatory changes around AI is essential [8], as solutions that unify privacy compliance [8], data governance [1] [4] [7] [8], and AI oversight enable businesses to scale AI confidently and responsibly [8], meeting diverse regional and state requirements [8].
Conclusion
The issuance of memoranda M-25-21 and M-25-22 by the OMB marks a pivotal step in advancing AI integration within federal agencies. By establishing clear guidelines and promoting a competitive and innovative environment, these directives aim to streamline AI adoption while ensuring responsible governance and risk management. The emphasis on transparency, interoperability [2] [6], and compliance with state legislation underscores the federal government’s commitment to leveraging AI technologies to enhance public services. As agencies and contractors align with these standards, the federal AI marketplace is poised for significant growth, fostering innovation and improving service delivery across the government.
References
[1] https://natlawreview.com/article/new-federal-agency-policies-and-protocols-artificial-intelligence-utilization-and
[2] https://www.jdsupra.com/legalnews/omb-issues-memoranda-on-use-and-3148204/
[3] https://www.hunton.com/privacy-and-information-security-law/omb-issues-revised-policies-on-ai-use-and-procurement-by-federal-agencies
[4] https://www.lexology.com/library/detail.aspx?g=77aa1487-8bec-40ab-b040-ae7d002f80e1
[5] https://www.grip.globalrelay.com/orders-and-memos-set-expectations-for-federal-agency-use-of-ai/
[6] https://www.pilieromazza.com/omb-issues-memoranda-on-use-and-acquisition-of-ai-by-federal-agencies-part-1-what-it-means-for-government-contractors/
[7] https://www.workforcebulletin.com/new-federal-agency-policies-and-protocols-for-artificial-intelligence-utilization-and-procurement-can-provide-useful-guidance-for-private-entities
[8] https://ethyca.com/blog/navigating-the-new-federal-ai-landscape-implications-for-businesses-and-the-role-of-trust
