AI is no longer "some science-fiction side of technology – it is normal computer programming now,” Eduardo Ustaran of Hogan Lovells told the Cybersecurity Law Report, and efforts to regulate AI and machine learning are proliferating. This checklist is a convenient guide that companies can use to shape a compliance program for AI/ML innovation. Adapting the Three Lines of Defense risk management framework that financial companies have used for decades to ensure that earlier generations of automated decision making adhered to equal-opportunity laws, this checklist is adjusted for the latest generation of powerful algorithms to help companies gain public and regulator trust in their sensitive AI projects. See our AI Compliance Playbook series: “Traditional Risk Controls for Cutting-Edge Algorithms” (Apr. 14, 2021); “Seven Questions to Ask Before Regulators or Reporters Do” (Apr. 21, 2021); “Understanding Algorithm Audits” (Apr. 28, 2021); and “Adapting the Three Lines Framework for AI Innovations” (Jun. 2, 2021).