Federal agencies lag on AI inventories

The federal government gave agencies until April 3 to either put guardrails on their riskiest artificial intelligence systems or shut those systems down, and some big departments still were not fully there a week later. FedScoop reported that the Department of Homeland Security and the Department of Justice were among the agencies publicly lagging on updated inventories and risk materials. (fedscoop.com) An artificial intelligence inventory is basically a master list: what system exists, what it does, who owns it, and whether it can affect people’s rights or safety. The Office of Management and Budget says agencies must keep those lists public and machine-readable so outsiders can see how the government is using the technology. (github.com) (whitehouse.gov) The rulebook here is Office of Management and Budget memo M-25-21, issued on April 3, 2025. That memo replaced the earlier Biden-era memo M-24-10 but kept the basic structure: agencies can use more artificial intelligence, but high-impact systems need extra checks before they touch the public. (whitehouse.gov 1) (whitehouse.gov 2) Those checks are not abstract policy words. FedScoop says the required practices include pre-deployment testing, impact assessments, monitoring for harm, human training, fail-safes, appeal processes, and ways for users to submit feedback. (fedscoop.com) That matters most in places like immigration, policing, benefits, and screening, where a bad model is less like a buggy spreadsheet and more like a clerk making thousands of fast decisions with no sleep and no common sense. The Department of Homeland Security’s own inventory shows use cases across Customs and Border Protection, Immigration and Customs Enforcement, the Transportation Security Administration, and other components. (dhs.gov) The awkward part is that some agencies were not exactly empty-handed; they were mid-update. The Department of Homeland Security says its 2025 inventory was updated under the 2025 Office of Management and Budget guidance and will be updated regularly through 2026, which shows the machinery exists even while the public compliance picture still looked incomplete at the deadline. (dhs.gov) (fedscoop.com) Other agencies used the deadline to clean house. FedScoop reported that the Department of Labor said any use case that did not meet federal standards had been paused or discontinued, and NASA said noncompliant use cases had been removed even though one of its monitoring and independent-review steps was still in progress in the posted inventory. (fedscoop.com) This is also not the first time agencies have struggled with the paperwork side of artificial intelligence oversight. When the first big public compliance plans were due in September 2024, FedScoop found 22 plans quickly but had to chase several agencies because the posting locations were inconsistent and some plans were still coming. (fedscoop.com) The scale of the job is easy to underestimate. The Chief Information Officers Council said agencies publicly reported more than 1,700 artificial intelligence use cases in the 2024 inventory, and four departments alone — Health and Human Services, Veterans Affairs, Homeland Security, and Interior — accounted for half of them. (cio.gov) So this story is partly about artificial intelligence risk, but it is also about plain old bureaucracy. Before an agency can prove a model is tested, monitored, and appealable, it first has to know that the model exists, decide who owns it, classify its risk correctly, and post the record in the right place for the public to find. (whitehouse.gov) (github.com)