Though the Securities and Exchange Commission has yet to issue regulations specific to AI, this doesn’t mean companies are off the hook when it comes to disclosures, as the technology’s use can easily be slotted into other, already existing requirements. 

Speaking today at a virtual conference hosted by Financial Executives International, Scott Lesmes, partner in charge of public company advisory and governance with law firm Morrison Foerster, noted that there are many risks that come with AI including false or misleading information, data breaches, cyberattacks, intellectual property risk and much more. He said people need to be taking these risks seriously.

“These mistakes are in the real world and have had significant consequences,” he said. 

He pointed to a case where a chatbot advised small business owners that it was legal to fire people for complaining about sexual harassment, which is absolutely is no. He also referred to another case where a real estate company was forced to take a $300 million writeoff for relying on a faulty AI algorithm for property pricing decisions, and another where an AI model used by hospitals to determine which patients are high risk and need extra care was found to be biased against Black people, as it was far less likely to identify them. 

Incidents like this underscore the need for robust AI governance. He noted that there has been a rise in companies forming cross-disciplinary AI governance committees encompassing finance, legal, product, cybersecurity, compliance and in some cases HR and marketing; failing that, he has also seen companies add AI oversight on the duties of existing committees. While some companies have established dedicated AI departments, more commonly they have been giving AI oversight duties to the Chief Information Security Officer or other relevant c-suite position. 

He also noted that there has been a dramatic increase in board supervision of AI, saying that in the most recent 10-K season there was a lot of clients who added “Oversight of AI” in terms of what the board was responsible for; while it was a small percentage, he was certain it was going to increase over time. He has also found that many boards either designate a single AI expert who handles such matters or place the responsibility on either already-existing technology committees or (more commonly) audit committees. 

“There is certainly a tension, audit committees already have such a full plate, so adding another responsibility, especially with such a broad mandate, can be a little unsettling but that is where many companies are putting this, if they handle it on the board level. Audit committee does make some sense, because it is very focused on internal controls as well as compliance,” he said. 

Boards generally need to consider the legal and regulatory factors that may impact operations, and just like how many have management frameworks for oversight, so too should there be AI frameworks for how the board fulfills these responsibilities. In executing these duties, boards needs to understand the critical AI uses and risks in the company, how they integrate with business processes, what is the nature of the AI system, how does the company mitigate risk, how oversight responsibility is divided between board and management, as well as any material AI incidents. 

“The board does not need to know about every AI incident altogether, there needs to be a level of understanding of what’s important enough to share and what’s not. The board should understand the material incidents, how the company responded and the material impact,” he said. 

SEC Disclosures

Ryan Adams, another Morrison Foerster partner in the same practice area, noted that even though regulators like the Securities and Exchange Commission have yet to issue specific rules or guidance around AI, they have stressed the importance of complying with existing obligations, which may or may include disclosures regarding the company’s use of AI and its impact, particularly where it concerns business operations. Already companies need to report material risks and changes in their filings, and as AI further embeds itself into the global economy, it will almost certainly be a factor. 

Further, companies should not be making false claims or misleading potential investors in general, and this applies to AI as well. He noted that the government has been especially interested in “AI washing,” that is exaggerating, or making false claims about the company’s AI capabilities or use. He pointed to one example where the SEC brought charges against the CEO and founder of a startup who said they had a proprietary AI system that could help clients find job candidates from diverse backgrounds, but this AI did not in fact exist. He pointed out that this didn’t even involve a public company, just a private one that was trying to raise investment capital. 

“So it makes clear that the SEC will scrutinize all AI-related claims made by any company, public or private, trying to get investors to raise capital,” he said. 

He added that AI washing can be thought of very similarly to inflating financial results or just making up the numbers entirely. Also, just as an entity should not overstate the capacities of their AI systems, the same has already applied for automation technology in general. Regulators want clear and candid disclosures about how a company uses AI and how it presents material risks. In this regard, he also warned against generic or boilerplate disclosures regarding AI. 

“Regardless of the type of company you are, you have to take this seriously. Anyone touting the benefits of AI with customers or the public needs to make sure what they say is truthful and accurate and can be substantiated, or risk potential legal consequences,” he said. 

It is important to keep materiality in mind. Neither investors nor regulators want to read a list of every conceivable AI-related risk a company faces when only one or two are relevant. He conceded that this might require slightly different thinking, as accountants tend to lean on quantitative factors to assess materiality, but AI can also carry qualitatively material factors as well. There is the risk that AI could inadvertently breach confidentiality agreements through sensitive information in the training data, it could completely disrupt traditional business functions if used properly or completely disrupt new ones if used improperly, there is the risk of being unable to find the experts needed to properly monitor an AI system, there could be third party fees for things like data storage or increased energy use, AI can disrupt competitive dynamics in the market, there could be ethical risk like the aforementioned racist algorithm, and legal or regulatory risks. 

“You could go on forever with these AI risks…  Just because you use AI and a risk is potential does not necessarily mean disclosure is appropriate. You need to spend time thinking about whether AI-related risks are appropriate to disclose and if they are they should be narrowly tailored to describe the material risk,” he said. 

When assessing materiality, he said to go with the same standard accountants have been using for ages: is there a substantial likelihood a reasonable investor would consider this information important to determine whether to buy, sell or hold a security. Where AI introduces a slight wrinkle is that, given the pace of change in the field, it is important for companies to review and reevaluate their risk factors every quarter. 

But risks are not the only thing one should disclose. Adams noted that companies should also consider AI impacts when drafting management discussion and analysis or the executive overview, painting out major developments or initiatives or milestones related to the technology. AI could also come up in discussions of capital expenditures, if the entity made big AI investments that are material and known to the business, that needs to be disclosed. Another area AI plays into is cybersecurity disclosures, which already has a number of SEC requirements around it. The two topics, he said, often go hand in hand, so if AI interacts with cybersecurity in any way it might be worth disclosing. 

Overall, Adams recommended companies fully and accurately disclose their AI use; avoid overly vague or generic language given AI’s wide variations; avoid exaggerated claims around what your AI is capable of doing, taking care especially not to discuss capacities in terms of hypotheticals; be specific about the nature and extent of how the entity is using AI and the role AI plays in business operations; have a good understanding of vendors and other third parties who use AI, as their risks could ripple outwards; establish, or at least begin to establish, an AI governance framework; train the staff in AI so they can understand what it can and cannot do; actively monitor company AI usage; regularly update stakeholders on changes, progress and improvements in company AI use; and have either the legal department or outside counsel review any public statements or marketing materials mentioning AI. 

While the current administration has emphasized a less regulated approach to AI, Adams noted that the SEC is still active in its dialogues with the business community around potential regulation, mentioning a recent meeting with the investment advisor community as well as a strategy roundtable with the financial services community. 

“The big takeaway here is that both the SEC and industry are saying ‘we want to have active and ongoing communications as this develops’ … any regulations we do see, if any, in the future [will be] informed by what is actually happening in the marketplace,” he said.

President Donald Trump’s drive to enact trillions of dollars in tax cuts and raise the federal debt is on track after he and congressional leaders successfully corralled House Republican lawmakers to approve a Senate-passed budget outline.

The 216-214 vote Thursday on the budget — which outlines the parameters for the tax cut and debt ceiling increase — was delayed a day so Trump and Republican congressional leaders could assuage a dissident group of conservative spending hawks pressing for deeper cuts in safety-net programs. 

The president worked the holdouts by phone and in a White House meeting. House Speaker Mike Johnson held a press conference to declare himself “committed” to coming up with at least $1.5 trillion in spending cuts. And Senate Republican leader John Thune joined the speaker to announce “a lot of” Republican senators shared the goal, though he stopped short of a commitment. 

It was enough. 

With the budget approved, the way is open for a follow-on package to cut taxes by up to $5.3 trillion over a decade and raise the debt ceiling by $5 trillion, in exchange for $4 billion in spending cuts. Republicans can now pass Trump’s tax-cut agenda solely on GOP votes, bypassing the need for negotiations with Democrats.

Trump offered congressional Republicans “Congratulations” in a social media post minutes after the vote.

The vote came a day after Trump announced a 90-day pause on some of his sweeping tariff plans that have roiled markets and sparked predictions of a looming recession. Financial markets — often a barometer of success for the president — initially soared on the news, though U.S. stocks retreated Thursday morning amid angst over an escalating trade conflict with China.

Republicans are planning to renew Trump’s first-term tax cuts for households and the owners of privately held businesses, and enact a fresh round of reductions, including expanding the state and local tax deduction and eliminating levies on tipped wages.

Conservative hardliners in the House say they want a final package to trim $2 trillion in spending over the next decade, a significant increase over the $4 billion the Senate is directed to cut in the budget passed Saturday. To make those reductions they’ll likely need to curb Medicaid, food stamps and other social programs with tens of millions of beneficiaries. 

A group of moderate Republicans sought — and gained — assurances from Johnson during the vote that the final bill would not cut benefits for qualified Medicaid individuals and institutions, said New Jersey Republican Jeff Van Drew. 

“We voted late to make the point,” Van Drew said. 

The group, however, is open to eligibility reviews and work requirements for Medicaid recipients, he said. 

The budget outline punts many of the hard decisions for lawmakers to hammer out later in the tax-cut negotiations. That could lead to a standoff with the Senate at the end of the process, where several members are resistant to large cuts in safety-net programs. 

Democrats assailed the plan as cutting benefits for the poor in order to pay for a tax cut skewed toward the wealthy. 

“Republicans do nothing to lower the high cost of living,” Democratic Leader Hakeem Jeffries said on the House floor. “In fact, you’re making the affordability crisis in America worse, not better, when you target earned benefits and things that are important to the American people, like Medicaid.”

Senator John Barrasso, the No. 2 Senate Republican, said GOP lawmakers in both chambers are committed to “very serious savings for the American taxpayer.”

Trump hosted Republican holdouts at the White House on Tuesday to urge their backing. He echoed his pleas while speaking later that day at a donor event in Washington, imploring members who were hesitant to vote for the budget to “just get the damn thing done and stop showboating.”

“It is IMPERATIVE that Republicans in the House pass the Tax Cut Bill, NOW! Our Country Will Boom!!!” Trump posted on Truth Social Wednesday.

Johnson has set a target of the end of May to enact the tax bill, while Senate Republicans have talked of being able to complete the process by August. The 2017 tax cuts don’t expire until the end of the year.

Those self-imposed deadlines could be overrun by a fiscal deadline: the debt ceiling. 

The nonpartisan Congressional Budget Office estimates that the Treasury will be unable to pay all of its bills in August or September, but that date could come as soon as late May if tax receipts are low. 

Baker Tilly, a Top 25 Firm based in Chicago, reportedly is close to a megamerger with Moss Adams, another Top 25 Firm based in Seattle, creating a firm with $3 billion in annual revenue.

The deal, reported Wednesday by The Wall Street Journal and the Financial Times, would create potentially the sixth largest accounting firm in the U.S. Baker Tilly ranked No. 11 on Accounting Today‘s 2025 list of the Top 100 Firms with $1.8 billion in annual revenue, over 600 partners and nearly 6,900 employees. Moss Adams ranked right below it at No. 12 with $1.3 billion in annual revenue, over 400 partners and more than 4,800 employees.

Baker TIlly declined to confirm the deal, but acknowledged it’s always searching for merger candidates. 

“We can’t comment on speculation or confidential discussions,” said Baker Tilly spokesperson Nicole Berkeland in an email to Accounting Today. “What we can say is that we’ve been transparent about our strategy to grow through strategic mergers. We are continually exploring opportunities with respected firms that align with our vision and will strengthen our ability to serve the middle market.” 

Moss Adams also declined to comment. “It’s our policy not to comment on market speculation,” said Moss Adams spokesperson Greg Kunkel.

Koltin Consulting Group CEO Allan D. Koltin, who has previously advised Baker Tilly and Moss Adams on strategy and M&A, sees major ramifications from the deal. “Just when we thought nothing could get any bigger in CPA firm M&A than Forvis (formerly BKD and Dixon Hughes), and CBIZ (formerly CBIZ and Marcum), here comes Baker Tilly and Moss Adams (potentially) combining to create the sixth largest CPA firm in the country (only behind the Big Four and RSM),” Koltin said in an email. “After the combination, Baker Tilly will become the largest (non-Big Four) CPA firm in the Western region and Moss Adams will become part of a Top 10 Global Network. Additionally, both firms will bring over their unique areas of industry specialization and service line expertise which should provide robust organic growth opportunities to the combined firm. As a 44-year veteran and advisor to the accounting profession, I daresay there has been more change and transformation in the accounting profession in the past 4 years than the 40 prior years combined!”

Another merger expert also sees benefits in the combination. “The primary reason for this reported merger is to expand both firms’ scale and market position,” said Brad Haller, a senior partner in West Monroe’s mergers and acquisitions practice. This move would significantly boost Moss Adams’ scale and provide Baker Tilly with access to Moss Adams’ extensive client base. Together, they would become the sixth largest firm, leapfrogging over Grant Thornton and others. Additionally, this merger would allow Moss Adams to tap into Baker Tilly’s global networks, enabling them to expand their wallet share with clients. While there will be modest synergies in the long term as they combine redundant support services, the immediate benefits of this merger would be substantial.”

Baker Tilly is part  of the Baker Tilly International network, based in London, which reported $5.6 billion in worldwide revenue in 2024. Baker Tilly has done several acquisitions since receiving private equity funding last February led by Hellman & Friedman and Valeas Capital Partners, accelerating the firm’s growth strategy. Earlier this year, it acquired CironeFriedberg, a firm based in Bethel, Connecticut, and Hancock Askew, a Regional Leader based in Savannah, Georgia.

Last May, it merged in Seiler LLP, a Top 75 Firm based in Redwood City, California. Prior to the private equity funding, in 2022, Baker Tilly merged in Henry + Horne in Tempe, Arizona, True Partners Consulting in Chicago; Management Partners in Cincinnati and San Jose; Bader Martin in Seattle; Orchestra Healthcare in West Palm Beach, Florida; and Vanilla, based in the United Kingdom. Baker Tilly US is part of the London-based Baker Tilly International network and was formerly known as Baker Tilly Virchow Krause. In 2021, it added MFA Companies in Boston; The Compliance Group in Carlsbad, California; Arnett Carbis Toothman in West Virginia; AcctTwo in Houston; and Margolin, Winer & Evens in New York.

Moss Adams does not do M&A deals as often, but last December, it entered the Salesforce.com consulting market by acquiring Yurgosky Consulted Limited LLC in New York.