67% of cross-jurisdiction AI-policy topics have NO regulator guidance. We catalog both what exists and where it doesn't.
The machine-readable AI-governance catalog.
33 governance instruments across 15 jurisdictions, 23 contested topics, and ~750 coverage cells — including the 509 cells where regulators say nothing. Every claim cites a primary source; no article body is LLM-written. Machine-readable exports under CC BY 4.0 + CC0 citation graph. Permanent citation URLs via ?asOf=YYYY-MM-DD. Public catalog free — no signup.
English-language articles only. Primary-source links point to original-language documents (Portuguese for Brazil, Chinese for China, Hindi for India, etc.). Translation partnerships on the roadmap. See methodology §11.
Built for researchers, journalists, procurement teams, compliance vendors, AI-governance teams, and AI agents downstream. We are also building an AGI Social Scientist research engine and an on-demand expert validation layer — both in active development; pages + scaffolding shipped, first commercial pilots in 2026. Paid services available on inquiry.
No LLM-generated article prose. Every claim cites a primary source. Permanent citations via ?asOf=YYYY-MM-DD.
Methodology · Funding · Public-Interest Charter · AI use disclosure · Editorial board
Most-cited instrument
EU AI Act
The most comprehensive binding regulation. Risk tiers, prohibitions, GPAI obligations, the full coverage row.
Most-contested topic
Foundation Models / GPAI
Where 33 instruments diverge on the compute-vs-behaviour-threshold debate. Read the table.
Curated vertical
Frontier regulation
Foundation models, compute thresholds, and catastrophic-risk rules across instruments — the frontier-AI slice in one view.
Why trust this
Methodology
How content is produced + reviewed. Anti-hallucination grounding, primary-source rules, version history.
The Silence Index — across 759 matrix cells
67%
of the matrix is regulator silence — 509 of 759 cells across 33 instruments × 23 topics have no governing provision.
- Most-silent topics
- Sovereign AI Doctrine31/33
- AI in Education30/33
- AI in Healthcare29/33
Most-contested topics this week
The 9 × 12 coverage matrix is desktop-friendly. On phones, the 5 topics with the highest cross-jurisdiction divergence are usually most useful — tap any to read the full coverage.
- Transparency Obligations20 governs · 1 conflicts
- Foundation Models / GPAI20 governs · 0 conflicts
- Catastrophic & Existential Risk12 governs · 0 conflicts
- Deepfakes / Synthetic Content8 governs · 0 conflicts
- International Coordination7 governs · 0 conflicts
View the full 33 × 23 coverage matrix on a wider screen, or scroll down for the article directory.
Whole-catalog density — each square is one instrument×topic cell.
Where regulators are silent
21 topicsmost regimes don't addressWhere regulators have left a gap. No incumbent canonical reference exists yet — the wiki entry can become the citable source for the field. Read these first if you're drafting policy where prior art is thin.
catastrophic_risk
42% silent · 14/33Catastrophic & Existential Risk
Governance of model capabilities that could cause mass casualties or civilisational-scale harms (CBRN uplift, autonomous replication, deceptive alignment). Distinct from EU AIA 'systemic risk' which targets market-scale rather than catastrophic-scale harms.
deepfakes
70% silent · 23/33Deepfakes / Synthetic Content
AI-generated content disclosure, watermarking, election integrity protections.
international_coordination
64% silent · 21/33International Coordination
The substantive governance work happening at, between, and around multilateral fora: treaty negotiations, AI Safety Institute network MoUs, forum-shifting between G7 / G20 / OECD / UN, regulatory arbitrage. Distinct from any specific instrument; this is the meta-domain of how governance moves.
synthetic_content_provenance
61% silent · 20/33Synthetic Content Provenance
Labelling, watermarking, and machine-readable provenance for AI-generated audio / video / text. Distinct from `deepfakes` (which centres on misuse harms) — this is the upstream infrastructure layer. EU AIA Art. 50, China GenAI Measures Art. 13 (mandatory tagging), NIST AI 600-1, G7 Hiroshima Code commitment 6, C2PA standard adoption.
criminal_justice
88% silent · 29/33AI in Criminal Justice
Predictive policing, risk assessment, sentencing assistance.
sovereign_ai
94% silent · 31/33Sovereign AI Doctrine
Domestic-compute, export controls, jurisdiction-bound model deployment.
redress
48% silent · 16/33Individual Redress
Right to explanation, appeal mechanisms, complaint channels.
national_security_carveouts
73% silent · 24/33National Security Carveouts in AI Regulation
The recurring exclusion of military, intelligence, and national-security AI uses from civilian AI-governance instruments. EU AIA Art. 2(3) explicit exclusion; US EO 14110 §11 + NSM-10 separate track; CoE AI Convention Art. 3 carve-out; UK White Paper sectoral-regulator-only scope; India DPDPA state-security exemptions. China's approach is notable for treating state security as the central concern, not a carveout.
development_rights_framing
76% silent · 25/33Development-Rights Framings
Governance approaches grounded in development-rights / digital-self-determination / Global-South-sovereignty arguments rather than EU/US risk-based framings. Loudest in Brazil, India, ASEAN, African Union policy discourse.
biometric_id
85% silent · 28/33Biometric Identification
Real-time and post-hoc biometric identification in public spaces.
education
91% silent · 30/33AI in Education
Automated grading, proctoring, student-data analytics.
training_data
55% silent · 18/33Training-Data Rights
Copyright, consent, text-and-data-mining exceptions.
healthcare
88% silent · 29/33AI in Healthcare
Clinical decision support, medical devices, diagnostic AI.
tech_sovereignty
73% silent · 24/33Technological Sovereignty
National policies asserting domestic capability + decision-making over AI infrastructure: compute on shore, domestic foundation models, talent retention, export-control reciprocity. Specifically NOT 'sovereign AI' (which focuses on deployment restrictions) — sovereignty here is about productive capacity.
compute_reporting
61% silent · 20/33Compute-Threshold Reporting
Mandatory reporting based on training-compute or capability thresholds.
agentic_systems_governance
58% silent · 19/33Agentic AI Governance
Obligations specific to AI systems that take autonomous multi-step actions (browse, transact, plan, recurse). Distinct from foundation_models (capability) and catastrophic_risk (outcome) — this is the action-surface frame. Surfaces in EU AI Office GPAI Code drafts, UK AISI agent evaluations, Seoul Frontier AI Safety Commitments §3, NIST AI 600-1.
employment
85% silent · 28/33AI in Employment
Hiring, workplace monitoring, automated decisions in employment contexts.
open_weight_release
70% silent · 23/33Open-Weight Frontier Release
Governance posture toward releasing frontier model weights publicly (Meta Llama, Mistral, DeepSeek vs. closed-weight Anthropic / OpenAI / DeepMind). EU AIA Recital 102 + Art. 53(2) carve-outs; CA SB-1047's failed framework; Meta Frontier AI Framework's explicit defence; emerging US export-control overlay.
compute_export_controls
88% silent · 29/33Compute + Model-Weight Export Controls
Restrictions on cross-border flow of frontier AI compute (GPUs, accelerators) and model weights. Distinct from `compute_reporting` (which is disclosure) — this is restriction of access by recipient. US BIS rules (Oct 2023 advanced computing, Jan 2025 outbound investment), EU dual-use Regulation 2021/821 overlay, China retaliatory measures + indigenisation push. Mostly outside traditional AI-governance instruments; carving its own track.
ai_worker_displacement
82% silent · 27/33AI-Driven Worker Displacement
Governance of AI as cause of labour displacement, retraining obligations, transition support, and just-transition frames. Distinct from `employment` topic (which is AI-IN-employment-decisions — hiring algorithms, performance management). This topic is AI-AS-cause-of-displacement. Brazil PL 2338 explicit worker-rights provisions; OECD AI Principles 1.1 inclusive growth + AI Recommendation on workforce; US EO 14110 §6 workforce + future-of-work studies; Japan METI Principle 7 fair competition with workforce themes.
environmental_impact_of_training
73% silent · 24/33Environmental Impact of AI Training
Energy consumption, water usage, carbon emissions, and resource demands of large-model training + inference. EU AIA Recital 142 + Art. 95 voluntary codes; NIST AI 600-1 Environmental Impacts (named risk category); G7 Hiroshima Code §6 sustainable AI; emerging French ARCEP + Spanish AI Bill obligations; SDG-linked references in UN + AU + ASEAN frameworks.
Topics
Grouped by kind (capability / sector / procedural obligation / political frame / meta-domain) so each group answers a single type of governance question. Ranked by composite salience (editorial × external discourse × influence opportunity) within each group. Each article shows the full 33-instrument coverage matrix.
Capability classes(5)
foundation_models
Foundation Models / GPAI
Obligations specific to general-purpose / foundation models above certain capability thresholds.
catastrophic_risk
Catastrophic & Existential Risk
Governance of model capabilities that could cause mass casualties or civilisational-scale harms (CBRN uplift, autonomous replication, deceptive alignment). Distinct from EU AIA 'systemic risk' which targets market-scale rather than catastrophic-scale harms.
deepfakes
Deepfakes / Synthetic Content
AI-generated content disclosure, watermarking, election integrity protections.
biometric_id
Biometric Identification
Real-time and post-hoc biometric identification in public spaces.
agentic_systems_governance
Agentic AI Governance
Obligations specific to AI systems that take autonomous multi-step actions (browse, transact, plan, recurse). Distinct from foundation_models (capability) and catastrophic_risk (outcome) — this is the action-surface frame. Surfaces in EU AI Office GPAI Code drafts, UK AISI agent evaluations, Seoul Frontier AI Safety Commitments §3, NIST AI 600-1.
Sectoral applications(5)
criminal_justice
AI in Criminal Justice
Predictive policing, risk assessment, sentencing assistance.
education
AI in Education
Automated grading, proctoring, student-data analytics.
healthcare
AI in Healthcare
Clinical decision support, medical devices, diagnostic AI.
employment
AI in Employment
Hiring, workplace monitoring, automated decisions in employment contexts.
ai_worker_displacement
AI-Driven Worker Displacement
Governance of AI as cause of labour displacement, retraining obligations, transition support, and just-transition frames. Distinct from `employment` topic (which is AI-IN-employment-decisions — hiring algorithms, performance management). This topic is AI-AS-cause-of-displacement. Brazil PL 2338 explicit worker-rights provisions; OECD AI Principles 1.1 inclusive growth + AI Recommendation on workforce; US EO 14110 §6 workforce + future-of-work studies; Japan METI Principle 7 fair competition with workforce themes.
Procedural obligations(8)
transparency
Transparency Obligations
Disclosure of training data, model cards, system-card requirements.
synthetic_content_provenance
Synthetic Content Provenance
Labelling, watermarking, and machine-readable provenance for AI-generated audio / video / text. Distinct from `deepfakes` (which centres on misuse harms) — this is the upstream infrastructure layer. EU AIA Art. 50, China GenAI Measures Art. 13 (mandatory tagging), NIST AI 600-1, G7 Hiroshima Code commitment 6, C2PA standard adoption.
redress
Individual Redress
Right to explanation, appeal mechanisms, complaint channels.
training_data
Training-Data Rights
Copyright, consent, text-and-data-mining exceptions.
compute_reporting
Compute-Threshold Reporting
Mandatory reporting based on training-compute or capability thresholds.
open_weight_release
Open-Weight Frontier Release
Governance posture toward releasing frontier model weights publicly (Meta Llama, Mistral, DeepSeek vs. closed-weight Anthropic / OpenAI / DeepMind). EU AIA Recital 102 + Art. 53(2) carve-outs; CA SB-1047's failed framework; Meta Frontier AI Framework's explicit defence; emerging US export-control overlay.
compute_export_controls
Compute + Model-Weight Export Controls
Restrictions on cross-border flow of frontier AI compute (GPUs, accelerators) and model weights. Distinct from `compute_reporting` (which is disclosure) — this is restriction of access by recipient. US BIS rules (Oct 2023 advanced computing, Jan 2025 outbound investment), EU dual-use Regulation 2021/821 overlay, China retaliatory measures + indigenisation push. Mostly outside traditional AI-governance instruments; carving its own track.
environmental_impact_of_training
Environmental Impact of AI Training
Energy consumption, water usage, carbon emissions, and resource demands of large-model training + inference. EU AIA Recital 142 + Art. 95 voluntary codes; NIST AI 600-1 Environmental Impacts (named risk category); G7 Hiroshima Code §6 sustainable AI; emerging French ARCEP + Spanish AI Bill obligations; SDG-linked references in UN + AU + ASEAN frameworks.
Political frames(3)
sovereign_ai
Sovereign AI Doctrine
Domestic-compute, export controls, jurisdiction-bound model deployment.
development_rights_framing
Development-Rights Framings
Governance approaches grounded in development-rights / digital-self-determination / Global-South-sovereignty arguments rather than EU/US risk-based framings. Loudest in Brazil, India, ASEAN, African Union policy discourse.
tech_sovereignty
Technological Sovereignty
National policies asserting domestic capability + decision-making over AI infrastructure: compute on shore, domestic foundation models, talent retention, export-control reciprocity. Specifically NOT 'sovereign AI' (which focuses on deployment restrictions) — sovereignty here is about productive capacity.
Meta-domains(2)
international_coordination
International Coordination
The substantive governance work happening at, between, and around multilateral fora: treaty negotiations, AI Safety Institute network MoUs, forum-shifting between G7 / G20 / OECD / UN, regulatory arbitrage. Distinct from any specific instrument; this is the meta-domain of how governance moves.
national_security_carveouts
National Security Carveouts in AI Regulation
The recurring exclusion of military, intelligence, and national-security AI uses from civilian AI-governance instruments. EU AIA Art. 2(3) explicit exclusion; US EO 14110 §11 + NSM-10 separate track; CoE AI Convention Art. 3 carve-out; UK White Paper sectoral-regulator-only scope; India DPDPA state-security exemptions. China's approach is notable for treating state security as the central concern, not a carveout.
Instruments
33 instruments across 15 jurisdictions — obligations, peer comparison, citation-ready references.
European Union
- in force
EU-AIA-2024
EU AI Act
Risk-based framework. Prohibited practices (Art. 5) effective 2 February 2025; general-purpose AI obligations (Arts. 51-55) 2 August 2025; high-risk system obligations (Title III) 2 August 2026. Staggered 6/12/24-month application timeline from 1 August 2024 entry-into-force per Regulation (EU) 2024/1689 Art. 113.
- in force
EU-GDPR-2016
General Data Protection Regulation (GDPR)
Foundational EU personal-data protection regulation. Most-cited European instrument PW catalogues at the AI-governance boundary — every CNIL / Garante / AEPD / BfDI / DPC enforcement action against an AI system (Clearview, ChatGPT, Replika, automated-hiring complaints) invokes GDPR Arts. 5/6/9/22/35. Art. 22 (automated individual decision-making + profiling) is the load-bearing provision that interacts with EU AIA Art. 26(11) deployer use of AI-system output for decisions concerning natural persons. Art. 35 (DPIA) partially overlaps EU AIA Art. 27 FRIA; the EDPB is finalising a joint EDPB-AI-Office guideline on the AIA-FRIA / GDPR-DPIA interplay through 2026. Art. 9 (special-category processing) interacts with EU AIA Art. 5(1)(c)(d)(g) prohibitions on social scoring + emotion recognition in workplace + untargeted facial-image scraping. Enforced by national Data Protection Authorities; the European Data Protection Board (EDPB, formerly Art. 29 Working Party) coordinates one-stop-shop + Article 65 binding-decision procedures across DPAs.
- in force
EU-GPAI-COP-2025
EU General-Purpose AI Code of Practice
Operational bridge between EU AIA Arts. 53-55 (general-purpose AI obligations) and provider compliance. Art. 56(8) AIA gives adherent providers a presumption of compliance with the substantive obligations — distinct from industry self-pledges (Anthropic RSP, OpenAI Preparedness, DeepMind FSF) and from intergovernmental voluntary codes (Seoul, G7 Hiroshima). Chapter 1 (Transparency) operationalises Art. 53(1)(a)-(c) model documentation + training-data summary obligations; Chapter 2 (Copyright) operationalises Art. 53(1)(c) opt-out compliance + Art. 53(1)(d) text-and-data-mining respect; Chapter 3 (Safety & Security) operationalises Art. 55 systemic-risk-tier obligations including capability evaluations + serious-incident reporting + cybersecurity protections + model-weight access controls. AI Office monitors implementation; Article 65 binding-decision procedure routes cross-DPA disputes. Not a binding regulation in itself — providers may choose alternative means to demonstrate compliance — but the Code is the AI Office's canonical reference and the operational rulebook national-competent-authorities consult during inspections.
United States
- partial
US-EO-14110
Executive Order 14110 on Safe, Secure, Trustworthy AI
Partially rescinded by EO 14179 (Jan 2025). Some §4 reporting persists via Defense Production Act + BIS interim rule.
- in force
US-EO-14179
Executive Order 14179 — Removing Barriers to American Leadership in AI
Rescinds EO 14110's regulatory-burden provisions. Directs OMB / OSTP / NSC to remove barriers to AI development. Does NOT itself impose new substantive obligations — coverage is mostly silent. The DPA-grounded compute-reporting interim rule (BIS, Jan 2025) and Defense Production Act §708 reporting persist independently.
- in force
NIST-AI-RMF
NIST AI Risk Management Framework
Voluntary. Four functions (Govern / Map / Measure / Manage). GenAI Profile (NIST AI 600-1) added 2024 for GPAI-specific guidance.
- in force
NIST-AI-RMF-GENAI
NIST AI RMF Generative AI Profile
Companion to NIST AI 100-1 covering GenAI-specific risks: CBRN information uplift, confabulation, data privacy, environmental impacts, harmful bias, dangerous information, IP misuse, obscene/abusive/violent content, information security, information integrity, human-AI configuration, value chain and component integration. Voluntary.
- proposed
CA-SB-1047
California SB-1047: Safe and Secure Innovation for Frontier AI Models Act
First US state-level model-testing mandate. Passed CA legislature Sep 2024; vetoed by Gov. Newsom Sep 29, 2024. Re-introduction expected 2025-2026 with amendments. Would have required pre-deployment third-party testing for models above 10^26 FLOPs OR $100M+ training cost. Cited in every 2024-2025 AI governance literature review as the most impactful US state intervention.
- in force
ANTHROPIC-RSP-2024
Anthropic Responsible Scaling Policy (RSP) v2
First-mover industry safety framework. Introduces the AI Safety Level (ASL) capability-tier vocabulary subsequently adapted by OpenAI Preparedness + DeepMind FSF. v2 (Oct 2024) refines ASL-3/ASL-4 capability thresholds, mandates pre-deployment capability evaluations, and commits to a Frontier Red Team. Seoul Frontier AI Safety Commitments signatory; cited by name in EU AI Office GPAI Code of Practice drafts. NOTE (iter-314): the RSP is a versioned-evolving artefact; this row pins v2 (Oct 2024) as the load-bearing reference, but Anthropic publishes incremental updates on the policy page. Citers tracking specific ASL-4 threshold language should confirm against the current version on anthropic.com — the catalog re-pins on the next Coverage Games event.
- in force
OPENAI-PREPAREDNESS-2023
OpenAI Preparedness Framework
Capability-tier risk evaluation regime with four categorical levels (Low / Medium / High / Critical) across four risk categories (cybersecurity, CBRN, persuasion, model autonomy). Pre-deployment evaluation against the framework gates release decisions; Safety Advisory Group + board-level Safety & Security Committee govern threshold determinations. Seoul Frontier AI Safety Commitments signatory. NOTE (iter-314): the Preparedness Framework is a versioned-evolving artefact; this row pins the originally-published Dec 2023 version, but OpenAI publishes updates on the safety/preparedness page. Citers tracking specific risk-category language or threshold definitions should confirm against the current published version — the catalog re-pins on the next Coverage Games event.
- in force
DEEPMIND-FSF-2024
Google DeepMind Frontier Safety Framework
Critical Capability Levels (CCL) regime spanning autonomy, biosecurity, cybersecurity, and persuasion domains. Distinct vocabulary from Anthropic ASL + OpenAI Preparedness — designed for cross-domain elicitation; each CCL triggers domain-specific mitigations including model-weight access controls + enhanced red-teaming. Seoul Frontier AI Safety Commitments signatory. Alphabet-published; effective across Google DeepMind frontier-model releases. NOTE (iter-314): the FSF is a versioned-evolving artefact; this row pins v1 (May 2024) as the load-bearing reference, but DeepMind publishes incremental updates on the deepmind.google blog. Citers tracking specific CCL definitions or mitigation requirements should confirm against the current published version — the catalog re-pins on the next Coverage Games event.
- in force
META-FRONTIER-2024
Meta Frontier AI Framework
Meta's open-weight-frontier governance posture. Categorises frontier models into 'high risk' + 'critical risk' tiers; the framework's distinctive feature is its explicit defence of open-weight release as a governance posture (vs. the closed-model stance of Anthropic / OpenAI / DeepMind). Pre-release threat modelling + post-release monitoring; commits to halt training if critical-risk threshold reached without mitigations. Seoul Frontier AI Safety Commitments signatory.
- in force
WH-VOLUNTARY-2023
White House Voluntary AI Commitments
First broad-spectrum US industry commitments; precursor to EO 14110 §4.2(a) reporting + the Seoul Frontier AI Safety Commitments. 15 signatories across two tranches (Jul + Sep 2023): Anthropic, OpenAI, Google DeepMind, Microsoft, Meta, Inflection, Amazon (Jul); Adobe, Cohere, IBM, Nvidia, Palantir, Salesforce, Scale AI, Stability AI (Sep). Eight commitment areas: internal + external security testing, info sharing, cybersecurity investment, third-party vuln disclosure, watermarking, public reporting, prioritising research on societal risks, deploying AI to address societal challenges.
- in force
OMB-M-24-10
OMB Memorandum M-24-10 (Advancing Governance, Innovation, and Risk Management for Agency Use of AI)
Binding on covered federal agencies. Three pillars: (I) strengthen AI governance through agency Chief AI Officers + AI Governance Boards; (II) advance responsible AI innovation including authorized use, talent, and infrastructure; (III) manage risks from agency AI use with mandatory minimum practices for safety- and rights-impacting AI by December 1, 2024. Agencies must publicly inventory their AI uses annually (continuing the EO 13960 + EO 14110 inventory tradition) and report AI procurements quarterly. Attachment 1 sets the operative risk-management minimum practices (AI impact assessment, real-world performance testing, independent evaluation, ongoing monitoring, public notice + plain-language explanation, human oversight + opt-out for rights-impacting uses).
- in force
GSA-AI-GUIDE-2024
GSA Generative AI and Specialized Computing Infrastructure Acquisition Resource Guide
Procurement-focused operational guide accompanying OMB M-24-10 and the broader EO 14110 / EO 14179 federal-AI policy stack. Provides agencies with: (1) market intelligence on the GSA Multiple Award Schedule special item numbers covering AI services (54151S IT Professional Services + the newer AI / Generative AI SINs); (2) sample acquisition language for responsible-AI requirements (bias-testing, transparency, evaluation, security); (3) supply-chain risk-management considerations including model-provenance and dependency disclosure; (4) requirements derivation guidance for safety- and rights-impacting AI per OMB M-24-10 Attachment 1. The guide is non-binding on its own but agencies typically incorporate its language into solicitation packages.
- in force
DOD-RAI-2022
DoD Responsible AI Strategy and Implementation Pathway
DoD-wide operational pathway implementing the five Ethical Principles for AI (Responsible, Equitable, Traceable, Reliable, Governable; adopted Feb 24, 2020). Six foundational tenets: (1) RAI Governance — clarifies roles between OUSD(R&E), OUSD(A&S), DoD CIO, CDAO; (2) Warfighter Trust — calibrated reliance, T&E, V&V; (3) AI Product and Acquisition Lifecycle — RAI integrated into requirements, contracting, sustainment; (4) Requirements Validation — JCIDS gating; (5) Responsible AI Ecosystem — supply chain, data sourcing, vendor disclosure; (6) AI Workforce — RAI training across acquisition workforce. The S&IP is paired with a DoD RAI Toolkit (CDAO-maintained) of templates + sample contract language. Distinct from DoDD 3000.09 (Autonomy in Weapon Systems) which governs LAWS-specific decisions and was separately updated Jan 2023.
- in force
FEDRAMP-AI-2024
FedRAMP AI Cloud Procurement Guidance
Operational PMO guidance for agencies acquiring AI / generative-AI cloud services within the existing FedRAMP authorisation framework. Key operational themes that recur across the published surface: (1) AI cloud services that process federal data require a FedRAMP ATO (Low / Moderate / High baseline) per the standard FedRAMP scope; (2) GenAI-specific control tailoring — agencies + JAB consider model-specific risks (training-data exposure, prompt-injection, output disclosure) when scoping the SSP + selecting NIST SP 800-53 control overlays; (3) cross-walk to OMB M-24-10 minimum practices for safety- + rights-impacting AI; (4) supply-chain risk-management considerations for model + dataset provenance; (5) agency authorising-official discretion remains the operative gate — FedRAMP authorisation enables but does not by itself approve a specific AI use case (M-24-10 governance applies separately). Editorial note: limited public detail on this row reflects the PMO's web-page-plus-memo distribution pattern; a consolidated GenAI baseline document is the natural next milestone and would refresh this row.
- in force
DFARS-252-204
DFARS Subpart 252.204 (Safeguarding Covered Defense Information and Cyber Incident Reporting)
Defense-acquisition-specific information-security regulation. Core clauses: (1) DFARS 252.204-7012 (adopted 2015, current consolidated 2020) — requires contractors handling Covered Defense Information (CDI) on covered contractor information systems to implement NIST SP 800-171 r2 security controls + report cyber incidents to DoD within 72 hours; (2) DFARS 252.204-7019 / -7020 / -7021 (CMMC interim rule Nov 2020) — implements the Cybersecurity Maturity Model Certification framework requiring increasingly stringent third-party attestation of NIST 800-171 implementation by contract tier. AI relevance: (a) AI-system source code, model weights, training data, and architecture documentation produced or stored on contractor systems fall within CDI when the underlying contract is so designated; (b) cyber-incident reporting in 252.204-7012(c) applies equally to AI-system compromise events (training-data exfiltration, model-weight theft, prompt-injection-based credential exposure); (c) supply-chain risk-management linkages with FAR Part 4 Subpart 4.21 + the DoD RAI S&IP supply-chain tenet. Distinct from AI-specific DFARS clauses under consideration as part of DoD Acquisition Innovation initiatives — none of which have been finalised at the catalog-write date.
Global
- in force
BLETCHLEY-2023
Bletchley Declaration on AI Safety
First multilateral consensus on frontier-AI safety risks. 28 signatories including US, EU, China. Introduced the policy vocabulary of 'frontier AI' that later instruments adopted. Non-binding but precedent-setting; spawned the AI Safety Institute network.
- in force
SEOUL-2024
Seoul Declaration on Safe, Innovative and Inclusive AI
Bletchley follow-up. 16 frontier-AI-developer companies signed Frontier AI Safety Commitments alongside. Introduces measurable capability-evaluation expectations and pre-deployment thresholds; first instrument to formalise frontier-lab voluntary commitments as a governance category.
- in force
UK-US-AISI-MOU-2024
UK-US AI Safety Institute Memorandum of Understanding
First binding bilateral on frontier-AI safety. Commits both AISIs to coordinated pre-deployment evaluations, red-team data sharing, methodological alignment on capability elicitation, and joint exercises across at least one major frontier-model release. Precedent for the broader AISI network (US, UK, JP, SG, CA, FR, KR) consolidated at the Seoul Summit; cited in Seoul Declaration §5-7 operationalising international coordination.
Benchmarks
10 public capability benchmarks — methodology, per-model leaderboard, contamination-risk guidance.
SWE-BENCH-VER · 2024
SWE-bench Verified
Solve real-world GitHub issues from 12 popular Python repos. The 'Verified' subset is human-validated to remove ambiguity and have working tests.
Contamination risk: medium
MMLU · 2020
MMLU
Massive Multitask Language Understanding — 57-subject multiple-choice covering humanities, STEM, social sciences, professional/legal.
Contamination risk: high
MMLU-PRO · 2024
MMLU-Pro
Successor to MMLU with 10-option multiple-choice (up from 4), more reasoning-focused tasks, and removed leaky / ambiguous items.
Contamination risk: medium
GPQA-DIAMOND · 2023
GPQA Diamond
Graduate-level Google-Proof Q&A in biology, chemistry, physics. 'Diamond' subset is the 198 hardest items.
Contamination risk: low
ARC-AGI-V2 · 2024
ARC-AGI v2
Abstract reasoning over visual grids. Each task requires inferring the transformation rule from 2-3 examples.
Contamination risk: low
HUMANEVAL · 2021
HumanEval
164 hand-written Python programming problems. Generate a function that passes provided unit tests.
Contamination risk: high
MATH · 2021
MATH (Hendrycks)
12,500 competition-math problems from AMC, AIME, etc. Evaluates step-by-step reasoning + final-answer accuracy.
Contamination risk: medium
AIME-2024 · 2024
AIME 2024
30 problems from the 2024 American Invitational Mathematics Examination — high-school competition math.
Contamination risk: low
HLE · 2025
Humanity's Last Exam
3,000+ frontier-difficulty expert-curated questions across all academic disciplines. Designed to remain unsaturated through 2026+.
Contamination risk: low
FRONTIER-MATH · 2024
FrontierMath
Hundreds of original research-mathematician-curated math problems requiring deep reasoning. Held-out evaluation only.
Contamination risk: low
Concepts
Glossary articles for recurring terms — frontier-tier, systemic risk, ASL-3, compute thresholds. Each links to the instruments that use it.
frontier-tier · risk class
Frontier-Tier AI
A categorical classification of AI models above certain capability or compute thresholds, indicating heightened regulatory scrutiny.
asl-3 · safety
AI Safety Level 3 (ASL-3)
A capability-based risk tier in Anthropic's Responsible Scaling Policy denoting models with the potential to substantially uplift CBRN attack capabilities or autonomous AI replication.
systemic-risk · risk class
Systemic Risk (AI)
A regulatory designation indicating that a general-purpose AI model poses risks of significant scale or scope across the EU internal market, triggering Article 55 obligations under the EU AI Act.
designated-systemic · risk class
Designated Systemic-Risk Model
A general-purpose AI model that has been formally designated by the EU AI Office under Article 51(1)(b) as posing systemic risk, regardless of whether it meets the presumption thresholds.
compute-threshold · compute
Compute Threshold (AI Governance)
A regulatory trigger expressed as floating-point operations (FLOPs) consumed during model training, above which specific reporting, evaluation, or governance obligations attach.
red-team-evaluation · safety
Red-Team Evaluation
Structured adversarial probing of an AI model's capabilities and behaviour before deployment, designed to elicit failures that ordinary evaluation would miss.
model-card · policy instrument
Model Card
A standardized disclosure document accompanying an AI model that describes its intended use, training data, evaluation results, limitations, and known failure modes.
alignment · safety
AI Alignment
The technical problem of designing AI systems whose objectives, behaviour, and emergent goals reliably track the values or instructions of their principals across deployment contexts.
deceptive-alignment · safety
Deceptive Alignment
A failure mode in which a model appears aligned during training and evaluation because doing so serves its actual (mesa-)objective, but pursues divergent objectives once deployed or once it judges itself unobserved.
mesa-optimization · safety
Mesa-Optimization
The phenomenon in which a learned model itself implements an optimisation algorithm at inference time, producing an inner objective ('mesa-objective') that may differ from the outer training objective.
scalable-oversight · safety
Scalable Oversight
The set of techniques for supervising AI systems whose outputs are too complex, too numerous, or too domain-distant for unaided human evaluators to judge correctness.
capability-elicitation · safety
Capability Elicitation
Techniques designed to reveal the upper bounds of an AI model's capabilities, rather than measuring its default behaviour, so that downstream safety judgements can be calibrated to what the model *can* do under adversarial prompting or fine-tuning.
dual-use-research-taxonomy · safety
Dual-Use Research Norms (DURC for AI)
A normative framework — adapted from biosecurity's Dual-Use Research of Concern (DURC) policies — for governing AI research and publication decisions when research outputs have both beneficial and harmful applications.
provenance-watermarking · safety
Provenance & Watermarking
Cryptographic or perceptual signals embedded in AI-generated content (image, audio, video, text) that enable downstream detection of synthetic origin.
policy-instrument · policy instrument
Policy Instrument
An identifiable technique of collective action — a binding regulation, an executive order, a voluntary code, a technical standard, a treaty, or similar — by which a public authority structures behaviour to address a policy problem. Instrument choice is itself a substantive policy decision, not a downstream implementation detail.
ai-supply-chain · safety
AI Supply Chain
The end-to-end pipeline of inputs, intermediate artefacts, and downstream applications by which an AI system is built and deployed — typically decomposed as training data → compute → model weights → fine-tuning → deployment → downstream applications.
training-data-attribution · safety
Training-Data Attribution
Technical methods that identify which training examples most influenced a specific AI model output, enabling provenance claims about generated content and supporting copyright / consent / accountability disputes downstream.
prompt-injection · safety
Prompt Injection
An adversarial input technique in which untrusted content fed to an AI model (e.g., text on a webpage the model reads, a document the user uploads, a tool's output) contains instructions that override the model's intended behaviour or principal-provided system prompt.
agentic-system · safety
Agentic AI System
An AI system that takes actions in the world — calling tools, executing code, browsing the web, sending messages, planning multi-step sequences — rather than only generating text or images for a human reader.
tool-use-safety · safety
Tool-Use Safety
The sub-domain of agentic-system safety concerned with the risks that arise when an AI model invokes external tools (search, code execution, APIs, financial transactions, system commands) — including risks of unintended action, instruction subversion, privilege escalation, and resource consumption.
multi-turn-evaluation · safety
Multi-Turn Evaluation
An evaluation methodology that probes AI models across multi-step conversations rather than single prompts — designed to surface deception, sycophancy, context-accumulation jailbreaks, and capability degradation that single-prompt benchmarks miss.
data-poisoning · safety
Data Poisoning
A training-time attack in which an adversary inserts crafted examples into the training corpus or fine-tuning dataset to alter the resulting model's behaviour — typically inserting a backdoor that triggers on a specific input pattern or degrading performance on a target class.
model-distillation-risk · safety
Model Distillation Risk
The risk that a closed-weight frontier model's capabilities can be partially recovered by training a smaller open-weight model on the closed model's outputs, undermining the governance assumption that closed weights confer capability containment.
jailbreak-resistance · safety
Jailbreak Resistance
The robustness of an AI model's safety training against adversarial prompts crafted to elicit policy-prohibited outputs — distinct from alignment (which concerns the model's goals) and from baseline safety training (which concerns the model's defaults).
model-merging-risk · safety
Model-Merging Risk
The governance concern that post-training combination of multiple specialised models — via weight averaging, task-arithmetic, or modular merging — can produce capability or safety properties not present in any single source model, in ways the original safety evaluations would miss.
inference-time-compute · compute
Inference-Time Compute
The scaling regime in which model capability is increased by spending more compute at inference time (multiple samples, search, longer reasoning chains, tool-using iteration) rather than by training a larger model — disrupting the training-compute-as-capability-proxy assumption underlying most current AI governance.
sandbagging · safety
Sandbagging
A theoretical failure mode in which a model deliberately underperforms on capability evaluations — either to avoid triggering capability-tier safeguards or because of subtle training-time incentives that reward apparent low capability under evaluation conditions.
hallucination · safety
Hallucination
Confidently-asserted but factually incorrect output produced by an AI model — including fabricated citations, invented people or events, and confabulated numerical values — that the model cannot reliably distinguish from correct output at generation time.
in-context-learning · safety
In-Context Learning
The capacity of a foundation model to adapt its behaviour to a new task purely from examples provided in the prompt, without any updates to the model's weights — discovered as an emergent property of large language models and now a primary evaluation surface.
retrieval-augmented-generation · safety
Retrieval-Augmented Generation (RAG)
An AI system pattern in which a model's outputs are conditioned on external content retrieved at inference time from a knowledge source — combining the parametric knowledge of the model with the up-to-date or domain-specific knowledge of the retrieval index.
Track regulatory changes
The catalog updates on editorial cadence — see what changed this week, or subscribe to the RSS changelog. Per-article save + alert features are coming next; the email signup in the footer captures intent for the early-access list.
Latest editorial review across catalog: . Page server-rendered at .