The numbers are stark. According to Comparitech research, as reported by Computing, researchers assessed 178 countries against 11 regulatory measures, including the presence of AI-specific laws, a dedicated regulatory body, bias protections, requirements to disclose copyrighted training data, and penalties for non-compliance. Only 33 countries cleared the bar for comprehensive AI legislation. Of those 33, 27 are EU member states.
That’s not a gap. It’s a chasm.
Denmark, France, and Greece each scored 13 out of 14, according to the same Comparitech research reported by Computing, leading the global rankings. Kazakhstan introduced AI legislation in January 2026 and scored 11 out of 14, according to Computing’s coverage of the study. Both the UK and US scored significantly lower than EU countries, the study found. The US reportedly scored 4 out of 14 according to Computing’s reporting, though that specific figure hasn’t been independently confirmed against the original Comparitech research.
The practical implication is straightforward: organizations operating across multiple jurisdictions aren’t navigating a patchwork of comparable frameworks. They’re operating under rigorous EU rules in one geography and near-absent federal standards in another.
For compliance teams, the Comparitech findings are a useful benchmark for assessing where regulatory risk actually sits across a global portfolio. The EU concentration of comprehensive legislation also underscores why the EU AI Act’s August 2026 deadline carries so much weight, it represents the world’s most developed regulatory regime enforcing its most significant deadline.