Good morning. The European Union said it published the final version of a voluntary code of practice for general-purpose artificial intelligence that is meant to make it easier for companies to comply with AI legislation in the bloc.

The European Commission, the EU’s executive arm, said the code was developed by 13 independent experts, based on input from more than 1,000 small and medium-sized enterprises, academics, civil society groups and providers of the large language models that underpin AI.

• Next steps: Now, the commission and the EU’s 27 member states will have to sift through the code and decide whether to endorse it. Model providers will then have the option to sign the code, which EU officials said would help companies to comply with the bloc’s wide-ranging legislation on the technology.
   
• Offering guidance: The code includes guidance on safety and security to help companies mitigate risks when developing advanced AI models, a section on copyright material as well as a chapter on transparency.
   
• AI statute: EU lawmakers approved the AI Act last year. The law bans certain uses of AI, rolls out new transparency guidelines and requires risk assessments for AI systems that are deemed high-risk.

CFTC joins Trump push against ‘overcriminalization.’

The U.S. Commodity Futures Trading Commission put out new criteria on when it will consider asking for criminal charges over regulatory violations, as part of a Trump administration push to fight what it calls overcriminalization in federal regulations.

The derivatives regulator told enforcement staff to start looking at several factors, including whether a defendant was aware of laws around conduct or regulations at issue, when determining whether to refer investigations to the U.S. Justice Department for possible criminal prosecution.

U.S. Senate confirms new comptroller of the currency.

The U.S. Senate has confirmed Jonathan Gould, a lawyer and former blockchain company executive, to lead the Office of the Comptroller of the Currency.

Gould is the first Senate confirmed comptroller since Joseph Otting, who stepped down from the role in 2020. Gould will take over from Rodney Hood, who has served as the acting comptroller since February.

• Wells Fargo is moving closer to ending a flashy credit-card partnership that lets people earn rewards points for charging their rent. The partnership raised concerns inside Wells Fargo about potential money-laundering risks. 
   
• Separately, Wells Fargo is asking a federal judge to dismiss a lawsuit claiming the bank frequently conducted fake job interviews with women, people of color, and other diverse candidates for positions it had already filled.
   
• The Justice Department on Thursday said its antitrust division won’t seek an injunction to prevent T-Mobile from closing on its proposed acquisition of U.S. Cellular.
   
• China’s Ministry of Commerce imposed export restrictions on eight Taiwanese companies, prohibiting Chinese exports of dual-use items to entities spanning Taiwan’s defense industrial base, including shipbuilders and aerospace manufacturers.

Why xAI’s Grok went rogue.

An X user recently found that the newest bully online was a chatbot: Grok.

Attorney Will Stancil opened his phone on Tuesday and found that Grok, xAI’s chatbot, was providing millions of people on X with advice on how to break into his house and assault him.

Artificial intelligence companies like xAI train their large language models off huge swaths of data collected from all across the internet. As the models have been applied for commercial purposes, developers have installed guardrails to prevent them from generating offensive content like child pornography or calls to violence. But the way the models generate specific answers to questions is still poorly understood, even by the seasoned artificial intelligence researchers who build them.

Hackers target eldercare homes.

Several nursing homes and eldercare facilities have suffered cyberattacks in recent months, with hackers stealing the personal, financial and medical information of a vulnerable population.

Providers that cater to the elderly are particularly susceptible to data theft and attacks by ransomware gangs. These facilities often lack sophisticated cyber or tech staff, and if a breach happens, it can take months for companies to figure out how and whether sensitive data was accessed or stolen. The elderly are a prime target for text, phone and email scams, as well as identity theft.

• The Pentagon is making a big investment in rare-earth magnets, striking an unusual deal with a private-sector company aimed at undercutting China’s dominance.
   
• Thieves are mining the trucking industry to steal copper as the value of the metal soars.
   
• Secretary of State Marco Rubio said he discussed new ideas for Ukraine peace talks with Russian Foreign Minister Sergei Lavrov while conveying the White House’s “disappointment and frustration” at the intensifying war.
   
• The crisis engulfing Boston Consulting Group over its involvement with a humanitarian project in Gaza deepened Thursday when the firm announced two senior partners were stepping down from their leadership roles over their connection to the work.
   
• As renewables companies face increasingly onerous regulatory headwinds in the U.S. and higher interest rates in Europe, Orsted is pushing ahead with an offshore project in Asia.

• The private-equity industry has almost all the pieces in place to start managing Americans’ 401(k) money—everything but the customers.
   
• A failed GOP effort to block a jumble of state AI privacy and security laws has developers calling for “consistent standards.”
   
• It’s never been easier to create your own app with “vibe coding.” Now, professional software engineers are bringing it into the enterprise.
   
• Some creators say their work has been wrongly tagged as AI on tech platforms, hurting their reputation, while some all-artificial ads get through undisclosed.

• The U.S. will put a 35% tariff on imports from Canada effective Aug. 1, President Trump announced. But an exemption for goods that comply with the nations’ free-trade agreement, the U.S.-Mexico-Canada Agreement, would still apply, a White House official said, stressing that could change.
   
• The investigation into last month’s Air India crash is focusing on the actions of the jet’s pilots and doesn’t so far point to a problem with the Boeing 787 Dreamliner, according to people familiar with U.S. officials’ early assessments.
   
• For more than 48 hours, two merchant ships in the Red Sea tried to fight off repeated attacks by Houthi fighters who used rocket-propelled grenades, missiles and drones to sink them both, kill at least three crew members and take others hostage. No U.S. or allied warship was around to help.
   
• The U.K. and France struck a deal on Thursday to try to slow a record number of migrants crossing the English Channel in flimsy boats, as anti-immigrant populists in both countries lead in the polls.
   
• A federal judge on Thursday blocked the Trump administration from enforcing its birthright citizenship order, using a different legal avenue to halt the policy after the Supreme Court limited sweeping injunctions in similar challenges.
   
• Russia, China, Iran and North Korea are all hostile to the U.S. That doesn’t mean they would go to war for one another—for now, Yaroslav Trofimov writes in an essay.

Follow us on X at @WSJRisk. Send tips to our reporters Max Fillion at max.fillion@wsj.com, Mengqi Sun at mengqi.sun@wsj.com and Richard Vanderford at richard.vanderford@wsj.com.

You can also reach us by replying to any newsletter, or by emailing our editor David Smagalla at david.smagalla@wsj.com.