America Is Improvising Its Way Through AI Governance

www.aei.org

The last few weeks should end any illusion that the United States can improvise its way through frontier AI policy. What we have witnessed was not serious governance. It was vibe policymaking: ad hoc, deal-by-deal reactions with no clear standard, public explanation, or predictable process. The result was not just confusion. It exposed a deeper weakness: the United States has no reliable way to measure frontier AI risk, no agreed process for acting on it, and no institution built to do either.

In early June, Anthropic released Mythos 5 and its restricted consumer version, Fable 5, models that write complex code and find software vulnerabilities with minimal prompting. Days later, the Administration ordered Anthropic to cut off access to all foreign nationals, effective immediately. Unable to verify nationality in real time, Anthropic pulled the models entirely. OpenAI, meanwhile, held back its own GPT-5.6 series at the government’s request.

Weeks later, we still have no official notice of what triggered the action or what led to the lifting of the restrictions, including GPT 5.6 a few days later. Anonymous officials and surrogates suggested it was an Amazon finding that bypassed Fable’s safeguards. But that same vulnerability was also in weaker models that had been publicly available since October 2025.

That is the danger of vibe policymaking. Without a shared understanding of risk, the government cannot tell a breakthrough risk from an old vulnerability in a more powerful wrapper. A government that cannot explain why one model is restricted while similar capabilities remain available elsewhere will struggle to sustain public trust, industry cooperation, or international credibility, and will make the next crisis harder to manage.

While Washington improvises, states are stepping into the void. Illinois, for example, became the first state last week to require a third-party audit of AI models. That is the hidden cost of federal incoherence. It does not produce light-touch national policy; it produces a fragmented fifty-state patchwork, precisely the outcome industry, policymakers, and states say they want to avoid.

Nor is this a one-time problem. Mythos-class models are already helping write the next generation. Anthropic has said Claude wrote more than 80 percent of it’s own code, up from low single digits a year earlier, and researchers believe it is plausible that within a few years we will see three years of progress compressed into one. Whether or not that exact timeline proves right, the direction is clear: The governance gap is not static; it compounds.

Every safety question we struggle to answer today gets harder as capabilities accelerate, and every delay in building institutional capacity gets more costly. Each ad hoc intervention sets a precedent that either builds toward a predictable process or makes the next one more arbitrary. The United States cannot wait until models are writing their successors at scale to decide how it wants to evaluate, classify, and govern frontier capabilities.

So what should we actually do?

First, the federal government needs real collaboration with frontier labs, especially the national security and intelligence communities. Agencies need genuine visibility into what is coming over both the near and far horizons. That does not mean seizing control of releases. It means structured, ongoing pre-release access so the government can assess risks honestly and prepare for capabilities adversaries will eventually field. Surprise restrictions are not collaboration. They are proof it failed.

Second, the country needs shared standards. The good news is that the technical core already exists in draft. Anthropic, with Amazon, Microsoft, and Google, has proposed scoring model risks in a manner analogous to how the security world scores software vulnerabilities. That scoring should feed a response ladder that maps each severity level to a predefined action, so responses are predictable rather than improvised. We need a national standard for independent third-party audits and some standardization of transparency through system and model cards.  Continuous post-deployment monitoring is needed because risk does not end at release. Underneath all of it, the country needs clear lines of authority: who decides, on what evidence, with what notice, and with what recourse. The absence of any documented process is precisely what made the recent shutdown look arbitrary.

Third, the government needs deeper technical expertise. The uncomfortable truth beneath this episode is that the federal government may not yet have the in-house capacity to evaluate frontier AI risks at the speed and sophistication the moment requires. The Center for AI Standards and Innovation (CAISI) should be strengthened, adequately funded, and connected directly to the national security agencies that will have to make these judgments under pressure.

The ideas for governing this technology are maturing fast. The institution capable of holding them is not. Closing that gap, before the models write the next models, is the real work ahead.