Share intelligence with relevant nationa…

BackExercise enforcement and investigative authority

This page is still being polished. If you have thoughts, please share them via the feedback form.

Data on this page is preliminary and may change. Please do not share or cite these figures publicly.

Exercise enforcement and investigative authority

Somai (2025)|LLM classified

Mitigation Taxonomy

3Ecosystem

3.1Legal & Regulatory

3.1.5Enforcement Mechanisms

Penalties, sanctions, taxes, incentives, and enforcement powers backed by state authority.

Also in Legal & Regulatory

3.1.1 Legislation & Policy3.1.2 Regulatory Bodies3.1.3 International Agreements3.1.4 Compliance Requirements

Additional Informationp. 5

Stage: Escalation; Stakeholder: National Government: Other Agencies; Additional information: Government stakeholders should consider mandatory reporting mechanisms for AI risks and potential incidents. Governments should consider mandating legal disclosure requirements covering key risk scenarios, including model theft (e.g. stolen weights, unauthorised access), deceptive model behaviour (e.g. models manipulating evaluations to appear weaker) and emergent risky capabilities (e.g. escape or uncontrolled replication of models, and extreme capability breakthroughs). Government actors should clarify how cyber incident reporting mechanisms can be applied to AI-related incidents. Independent safety evaluators, third-party auditors and compute providers could have the authority to report high-risk developments to oversight bodies.

LLM Classification Details

Reasoning

National government agency exercises enforcement and investigative authority over AI systems, applying penalties and sanctions.

Code: 3.1.5Version: v0.6Classified: Jan 27, 2026

Other mitigations from Somai (2025) (38)

Monitor critical capability levels

2.2.2 Testing & Evaluation

Lifecycle:Other (multiple stages)Actor:DeveloperAIRM:Measure

Identify early warning signs and emergent capabilities

2.2.1 Risk Assessment

Lifecycle:Build and Use ModelActor:DeveloperAIRM:Measure

Establish standardised benchmarks and reporting

3.2.1 Benchmarks & Evaluation

Lifecycle:Verify and ValidateActor:DeveloperAIRM:Measure

Implement compute monitoring and anomaly detection

1.2.3 Monitoring & Detection

Lifecycle:Other (multiple stages)Actor:Infrastructure ProviderAIRM:Measure

Enhance hardware and supply chain oversight

2.3.3 Monitoring & Logging

Lifecycle:Other (stage not listed)Actor:Infrastructure ProviderAIRM:Govern

Lead efforts to establish shared criteria for AI LOC

3.2.2 Technical Standards

Lifecycle:Plan and DesignActor:Governance ActorAIRM:Govern

View all 38 mitigations from this source →

Source Document

Strengthening Emergency Preparedness and Response for AI Loss of Control Incidents

Somani, Elika; Friedman, Anjay; Wu, Henry; Lu, Marianne; Byrd, Christopher; van Soest, Henri; Zakaria, Sana (2025)

As artificial intelligence (AI) systems become increasingly embedded in essential infrastructure and services, the risks associated with unintended failures rise. Developing comprehensive emergency response protocols could help mitigate these significant risks. This report focuses on understanding and addressing AI loss of control (LOC) scenarios where human oversight fails to adequately constrain an autonomous, general-purpose AI.

View source DOI: 10.7249/RRA3847-1

Classification

AI Lifecycle Stage

Operate and Monitor

Running, maintaining, and monitoring the AI system post-deployment

Responsible Actor

Governance Actor

Regulator, standards body, or oversight entity shaping AI policy

NIST AI RMF Function

Govern

Policies, processes, and accountability structures for AI risk management