7 technology policy shifts redefine regulatory landscape

The second Trump administration launched significant technology policy initiatives during its first 100 days, creating an immediate impact across the digital economy. Markets focused on economic indicators may have missed these regulatory shifts that now demand immediate attention from tech executives.
Technology companies that quickly adapt their strategies to align with these policy changes could gain competitive advantages, particularly in high-growth sectors like fintech, cryptocurrency and telehealth.
Here, we’ll look at seven key policy shifts, as well as how business leaders can identify compliance priorities and growth opportunities.
1. Telehealth expansion and digital health regulations
In November 2024, the DEA and Department of Health and Human Services (HHS) extended telehealth prescribing flexibilities for controlled substances through December 31, 2025, maintaining provisions that allow DEA-registered practitioners to prescribe Schedule II-V medications via telemedicine without an initial in-person evaluation.
However, a “telehealth policy cliff” looms on September 30, 2025, when key Medicare telehealth flexibilities — home-based care and expanded provider eligibility — are set to expire unless Congress enacts further legislation.
The FDA, under Trump appointee Dr. Marty Makary, has also implemented stricter regulations for digital health tools, particularly AI-driven diagnostics, requiring greater transparency and evidence of efficacy.
Impact on tech firms: This dual-regulatory approach — expanding access while tightening oversight — creates complex operating environments for digital health companies. The resulting requirements include:
- Infrastructure upgrades: Enhanced security and privacy standards require technology investments.
- Documentation overhaul: AI applications require more comprehensive evidence of safety and efficacy.
- Transparency frameworks: Companies must develop systems that make AI decision-making explainable to regulators.
Forward-thinking firms can turn these requirements into advantages by implementing automated compliance systems and building “explainable AI” frameworks that provide algorithmic transparency to regulators and users.
Healthcare compliance consulting has become vital, particularly for FDA/FTC guidance. The surge in digital health platforms, especially those that use AI diagnostics and remote patient monitoring, will increase the need for specialized risk advisory services.
2. Fintech oversight and real-time payments modernization
The Federal Reserve, Office of the Comptroller of the Currency (OCC) and Securities Exchange Commission (SEC) have increased enforcement activities while working to streamline the financial regulatory framework. The administration’s proposed federal fintech charter would allow companies to operate nationwide under a single framework rather than navigating 50 separate state licensing processes.
The administration has also accelerated initiatives to modernize real-time payments, enhancing speed and security to help ensure American competitiveness with European and Asian financial centers.
Impact on tech firms: Despite pro-innovation rhetoric, enforcement actions against noncompliant firms have increased, particularly regarding anti-money laundering (AML) compliance and consumer protection. Payment system modernization requires significant technology investments, creating short-term financial pressure despite long-term benefits.
Leading fintech companies can respond by investing in compliance automation, building partnerships with established financial institutions and developing modular technology architectures that quickly adapt to regulatory changes.
3. Cryptocurrency and digital asset regulation
On January 23, 2025, President Trump signed Executive Order 14178, “Strengthening American Leadership in Digital Financial Technology,” which established a cryptocurrency working group within the National Economic Council to develop new digital asset regulations and explore creating a national cryptocurrency stockpile. The order explicitly supports “responsible growth and use of digital assets” while protecting crypto companies’ access to banking services.
The SEC, under Paul Atkins, paused high-profile enforcement cases against major cryptocurrency exchanges, and in March 2025, the administration established the Strategic Bitcoin Reserve, formalizing the government’s role in cryptocurrency markets.
Impact on tech firms: This regulatory shift changes the operating environment for blockchain companies in three ways:
- Banking relationship stability: Banking access protection removes a fundamental barrier that previously hindered cryptocurrency business operations.
- Regulatory uncertainty: The pause in enforcement actions creates space for innovation, though companies should prepare for new rules from the presidential working group.
- Compliance requirements: Despite the favorable environment, firms face enhanced transparency and fraud prevention standards.
Blockchain and cryptocurrency companies may now accelerate product development timelines, build compliance systems for the expected regulatory framework and establish banking partnerships that were previously difficult to maintain. Companies looking to position themselves for long-term success in a potentially favorable regulatory climate should consider partnering with advisory services specializing in digital asset compliance and audit for support.
4. AI oversight and data privacy legislation
President Trump’s Executive Order 14179, “Removing Barriers to American Leadership in Artificial Intelligence,” replaced Biden’s more restrictive approach with a framework centered on deregulation and competitiveness. In data privacy, the administration has signaled skepticism toward comprehensive federal legislation, preferring state-level regulation.
The administration also dismissed all three Democratic members of the Privacy and Civil Liberties Oversight Board (PCLOB), raising questions about the EU-US Data Privacy Framework, which facilitates transatlantic data transfers.
Impact on tech firms: Companies now face the paradox of fewer federal restrictions coupled with increased complexity due to state-level action and international considerations. An inconsistent landscape where federal agencies prioritize innovation while states implement increasingly stringent privacy rules could create an inconsistent landscape.
Leading firms are responding by developing privacy compliance systems that adhere to the most stringent state laws, such as California’s Consumer Privacy Act. They are implementing modular data architectures to segregate information by jurisdiction and creating AI governance frameworks that show ethical responsibility in the absence of strict federal mandates.
5. Cybersecurity legislative push
In March 2025, President Trump issued an executive order titled “Achieving Efficiency Through State and Local Preparedness,” which launched the “National Resilience Strategy.” This strategy shifts focus to state and local governments to prepare for cyberattacks and extreme weather and calls for a review of all infrastructure, continuity and preparedness policies to modernize and simplify federal approaches, aligning them with the “National Resilience Strategy.”
Additionally, the administration has proposed the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), which mandates that entities across all 16 critical infrastructure sectors report cyber incidents. The rule aims to set clear standards for incident reporting, enhancing the nation’s ability to respond to cyberthreats.
Approximately 30 states have enacted or proposed specific cybersecurity standards for businesses. California leads these efforts through initiatives like the proposed cybersecurity audits and risk assessments under the California Consumer Privacy Act (CCPA). These proposed regulations require certain businesses to conduct risk assessments and complete annual cybersecurity audits, aiming to enhance consumer data protection.
Impact on tech firms: New standards require cybersecurity integration into core business operations rather than treatment as a separate compliance function. Executive leadership and boards face explicit responsibility for cybersecurity governance, while mandatory incident reporting timelines have shortened significantly.
Companies can respond by integrating security earlier in product development cycles, implementing enhanced third-party risk management and aligning internal controls with frameworks like NIST.
6. Section 174 R&D tax reform
The March 10, 2025, reintroduction of the American Innovation and R&D Competitiveness Act aims to retroactively reinstate full R&D expensing under Section 174 back to 2022. This would reverse the TCJA requirement that R&D expenses be amortized over five years domestically and 15 years internationally.
The House Budget Committee’s FY 2025 plan includes a $4.5 trillion tax-cut blueprint with Section 174 reform as a key component, signaling strong administration support for this change.
Impact on tech firms: For technology companies with significant R&D operations, immediate expensing would substantially improve cash flow, simplify financial planning and create competitive parity with international firms benefiting from more favorable tax treatment.
Companies can develop dual-track tax planning scenarios, adjust R&D investment timing to maximize benefits under either outcome and reassess domestic versus international research allocation. This uncertainty may drive demand for specialized tax strategy planning and assistance with IRS Form 6765 documentation, which has undergone significant revisions for 2025.
7. IRS R&D tax credit claim requirements
The IRS finalized Form 6765 with major updates requiring significantly more detailed documentation for research tax credit claims. Section G (Business Component Detail) becomes mandatory for most filers in tax year 2025, though exceptions exist for qualified small businesses and companies with limited QREs.
Taxpayers must now report components accounting for 80% of their total QREs (up to 50 components), directly reflecting tax court rulings emphasizing precise recordkeeping for R&D credit claims.
Impact on tech firms: These changes force companies to implement more rigorous systems for tracking research activities by specific business component. Technical staff must provide detailed documentation, while companies without project-level accounting face substantial system upgrade requirements.
Organizations should consider implementing enhanced project tracking, developing standardized documentation protocols that serve both tax and knowledge management purposes and training staff to document research activities without disrupting innovation.
How Wipfli can help
Technology companies need advisors who understand both compliance requirements and strategic business opportunities. The policy shifts reshaping the tech landscape will require experience across domains, from healthcare and finance to cybersecurity and tax strategy.
Wipfli can help. Our technology industry specialists can provide comprehensive guidance on telehealth compliance, fintech regulatory frameworks, cryptocurrency reporting, privacy governance and R&D tax optimization. Learn more about how Wipfli’s industry-specific knowledge and experience can help your technology company thrive in 2025’s changing regulatory landscape.