Gary Gensler didn't mince words. Companies "shouldn't greenwash and one shouldn't AI wash." The line is deliberate. The SEC has spent years chasing misleading environmental and sustainability claims; now it's applying the same playbook to artificial intelligence. If you tell investors you're doing something with AI that you aren't, or you dress up rule-based automation as machine learning, you're in the same bucket as a company that overstates its carbon footprint or its use of recycled materials. The label is new. The theory of the case isn't.
That shift from "greenwashing" to "AI-washing" isn't just branding. It signals how the agency thinks about the problem: material misstatements about a capability that investors care about, in a domain where hype outpaces reality. The enforcement record, though still thin, is already showing a clear pattern.
The First Wave: Advisers Who Claimed AI They Didn't Have
In March 2024 the SEC settled its first AI-washing cases. Both were investment advisers. Delphia (USA) Inc., a Toronto-based firm, had told clients and the public that it used AI and machine learning to analyze client spending and social media data to inform investment decisions. It claimed its "proprietary algorithms" made predictions across thousands of publicly traded companies "up to two years into the future" and that it "put[s] collective data to work to make our artificial intelligence smarter." The problem: Delphia had never actually implemented those capabilities in its investment process. It had collected some client data, but the "AI" narrative was ahead of the product. The firm paid $225,000 and consented to a cease-and-desist and censure.
Global Predictions Inc., out of San Francisco, went further. It billed itself as the "first regulated AI financial advisor" and advertised "expert AI-driven forecasts" on its website and in social media. Again, the SEC found the claims false or misleading. Global Predictions also ran afoul of the Marketing Rule by falsely claiming to offer tax-loss harvesting. Penalty: $175,000, plus censure and cease-and-desist.
Neither firm admitted or denied the findings. The combined $400,000 in penalties is modest by SEC standards, but the message wasn't about the dollar amount. The agency will treat "we use AI" as a factual, verifiable claim, and it's willing to open enforcement files when that claim doesn't match what the firm actually did.
Escalation to Issuers: Presto and the "Proprietary" Trap
The next step was inevitable. In January 2025 the SEC charged Presto Automation Inc., a restaurant-technology company, with misrepresenting its flagship AI product, Presto Voice, in SEC filings and public statements. Presto is the first public company the agency has pursued for AI-washing. The order tells you exactly what the staff is looking for.
From late 2021 through September 2022, Presto described Presto Voice as "our" technology and "Presto's" technology in filings. It didn't disclose that the underlying AI speech recognition was owned and operated by a third party. Investors were led to believe the company had built something in-house that it had in fact licensed or outsourced. That's one class of misstatement: overclaiming ownership or development.
After Presto deployed its own version in September 2022, the story flipped. The company claimed the technology "eliminated the need for human order taking." In reality, the vast majority of drive-thru orders still required substantial human intervention. Presto had hired and supervised human order takers, including offshore in the Philippines and India, to process most orders. The "autonomous AI" pitch was false. That's the second class: overstating capability or understating human-in-the-loop.
Presto settled without admitting or denying the findings. The SEC imposed a cease-and-desist but no civil penalty, citing the company's cooperation and remedial efforts. The company had already been delisted from Nasdaq in September 2024. The takeaway isn't just "don't lie about AI." The staff is parsing (a) who actually built or owns the tech, and (b) how much of the work is really automated versus human-assisted. Get that wrong in a filing or in investor-facing materials, and you're in the same box as Presto.
What the SEC Is Actually Scrutinizing
The SEC's Cybersecurity and Emerging Technologies Unit (CETU) has been explicit about its focus. It's looking at predictive data analytics, AI-driven trading algorithms, chatbot functionality, and AI-generated investment advice. Crucially, it's also asking whether firms are transparent about what's technology versus what's repackaged rule-based automation. Calling a rules engine "AI" because it sounds better is exactly the kind of thing that draws scrutiny. Vague language ("AI-powered," "machine learning–enhanced") without a clear, accurate description of what the system does and what role, if any, genuine ML or AI plays will too.
Gensler has used a Music Man analogy: AI washers are like Professor Harold Hill, the traveling salesman who cons a town into believing they need something he can't actually deliver. The analogy is memorable because it captures the enforcement theory. Investors are making allocation and valuation decisions in part on the basis of AI capability. If that capability is overstated, the decision is distorted. Same as with green claims: the market is pricing something (sustainability, AI readiness) that isn't there.
Why This Feels Like Greenwashing All Over Again
The greenwashing parallel is structurally accurate. In both cases the SEC is enforcing existing duties: don't make materially false or misleading statements in filings, in marketing, or in other investor-facing communications. There's no new "AI disclosure rule" yet. The agency is using the same tools it uses for ESG: antifraud and disclosure standards that already require accuracy and completeness. The difference is the subject matter. A few years ago it was "we're net zero" or "our funds are sustainable." Now it's "we use AI to pick stocks" or "our product eliminates the need for human labor." The legal hook is identical.
That has practical implications. You don't get a pass because AI is hard to define. The SEC doesn't need to adopt a formal definition of "AI" to bring a case. It only needs to show that you said something about your use of AI that was false or misleading in a material way. The fix isn't to wait for regulatory guidance on what counts as AI. It's to align your external claims (in 10-Ks, investor presentations, press releases, and marketing) with what your systems actually do. If the "AI" is a rules-based workflow with a thin ML layer, say that. If humans are in the loop for most decisions, say that. If the core tech is licensed, say that.
What to Do Before the Next Wave
Senior SEC officials have said that rooting out AI-washing remains an immediate priority, even as the agency's overall enforcement activity has drawn criticism. More cases are likely. The first wave hit advisers; the second hit a public issuer. The next could hit more issuers, or funds, or SPACs, or anyone else raising capital or selling products on the strength of an AI story.
Concrete steps: Audit your filings and public statements for AI-related claims. Map each claim to the underlying capability: who built it, how it works, where humans are involved. Strip out boilerplate that suggests more than you can support. If you use "AI" or "machine learning" in marketing or investor materials, ensure you have a reasonable basis and that the same story appears (or is at least consistent with) your SEC disclosures. And if you've already overstated things, consider whether voluntary correction and cooperation might put you in a Presto-like posture. Remedial steps and cooperation can matter when the staff is deciding whether to recommend a penalty.
AI-washing is the new greenwashing in the sense that the SEC has decided to treat them the same way. The enforcement actions so far are the proof. The rest is execution: say what you do, do what you say, and don't let the buzzword get ahead of the product.