OpenAI puts its frontier safety regime on paper for EU and California

OpenAI puts its frontier safety regime on paper for EU and California

OpenAI has published a new Frontier Governance Framework. It is not a product launch. It matters more than most product launches.

The document sets out how OpenAI intends to describe, measure and manage systemic risk as the most capable AI models move into a tighter regulatory phase. OpenAI points to two concrete legal tracks: California’s Transparency in Frontier AI Act and the EU AI Act’s code for general-purpose AI models with systemic risk.

The shift is from safety language to a more formal governance regime. For companies buying AI from US model providers, this is an early signal of what procurement, risk, security and audit teams will need to ask over the next 12 to 18 months.

OpenAI says the framework covers cyber offence, chemical, biological, radiological and nuclear risks, harmful manipulation and loss of control. It also covers model reporting, security risk management, incident response, external expert input and the process for updating the framework itself.

The most concrete part is the definition of severe harm. In the PDF, OpenAI describes systemic risk as a risk that a frontier model could materially contribute to more than 50 fatalities or $1 billion in property damage or losses from a single incident. That is a different level of precision from the standard vendor language about safe, responsible and useful AI.

For CIOs and CISOs, the practical question changes. It is not enough to ask whether a model is safe. The sharper question is: which risk categories has the provider actually assessed, which thresholds does it use, what happens if a threshold may have been crossed, and which parts of the process are visible to customers, regulators and external reviewers?

OpenAI says the new framework builds on its Preparedness Framework, but that the new document is designed to show how its practices meet legal requirements. That distinction matters. The Preparedness Framework is OpenAI’s own operating approach to severe model risk. The Frontier Governance Framework is written for a world in which regulators want traceability, not just principles.

That makes the story relevant outside the United States. The EU AI Act creates specific requirements for general-purpose AI models with systemic risk. Large European buyers will not only ask for data processing terms and ISO certificates. They will ask how the model provider identifies systemic risk, which evaluations are used before and after deployment, how serious incidents are classified, and how changes to the safety framework are approved.

OpenAI says risk assessments may take place across the model lifecycle, during development and after deployment. The company cites internal tests, external research, market analysis, expert consultation, government engagement, incident investigations and post-release monitoring. That is especially relevant for agentic systems. The risk is not only in the model itself. It is in how the model is connected to tools, data, payments, codebases and internal workflows.

The framework also exposes a gap. OpenAI writes that it is still in the early stages of developing an approach for assessing risks from harmful manipulation. That is a useful admission. It is also a point boards should notice. Influence operations, election interference and coordinated manipulation campaigns are not only model problems. They are distribution, product and monitoring problems. That makes them harder to test before deployment than cleaner technical risk categories.

OpenAI also leans on safety margins. The document says the company may treat a model as having crossed a capability threshold when it cannot rule that out, even without direct evidence. That is a conservative standard. It is also commercially important. As models become more capable, providers will have to document why residual risk is still acceptable.

For boards, the implication is simple: AI risk is becoming more measurable, but not necessarily easier. When major model providers publish governance frameworks, customers get a new basis for comparison. They can ask for specific answers on risk modelling, incident reporting, external evaluation and change control. Buyers that do not ask those questions are buying more blindly than they need to.

This also changes the vendor lock-in discussion. If one model platform can document its process for systemic risk, external reporting and regulatory alignment, while another only offers vague safety pages, price per token is not the whole calculation. Legal exposure, auditability and board risk appetite become part of model selection.

For enterprise leaders, three actions follow.

First, AI procurement should include requirements for documented frontier and systemic risk management when a provider’s models are used in critical workflows. Not every use case needs the same level of control. But coding, security, legal work, customer operations, finance, HR and core operations should face a higher bar.

Second, internal AI policies should separate application risk from model risk. Many companies have rules for data sharing and employee behaviour. Fewer have a mature process for assessing whether the underlying model capability, agent setup and tool access change the risk profile.

Third, CISOs and legal teams should own the vendor questions together with technology leaders. AI governance is weak when it sits only inside an innovation programme. OpenAI’s framework shows where this is heading: into ordinary enterprise governance, audit and regulatory dialogue.

OpenAI has not solved frontier risk with one document. That is not the point. The news is that one of the most important model providers is making its safety regime more explicit, tying it directly to EU and California rules, and saying the framework will change as models, evaluations and regulation develop.

That is a stronger governance signal than another benchmark score. For leaders who buy, build or regulate AI, it is also more useful.

Sources and media

• Primary source: OpenAI, “OpenAI’s Frontier Governance Framework”, published May 28, 2026. source_url: https://openai.com/index/openai-frontier-governance-framework/
• Document basis: OpenAI, “Frontier Governance Framework” PDF, linked from the primary source.
• Source credit: OpenAI.
• Thumbnail: OpenAI Image 2 / hogby.ai.