Model Registries
- Quant.Model registry thresholds vary dramatically across jurisdictions, with the EU requiring registration at 10^25 FLOP while the US federal threshold is 10^26 FLOP—a 10x difference that could enable regulatory arbitrage where developers structure training to avoid stricter requirements.S:4.0I:4.5A:4.0
- ClaimMultiple jurisdictions are implementing model registries with enforcement teeth in 2025-2026, including New York's $1-3M penalties and California's mandatory Frontier AI Framework publication, representing the most concrete AI governance implementation timeline to date.S:3.5I:4.5A:4.5
- Counterint.Model registries are graded B+ as governance tools because they are foundational infrastructure that enables other interventions rather than directly preventing harm—they provide visibility for pre-deployment review, incident tracking, and international coordination but cannot regulate AI development alone.S:4.0I:4.0A:3.5
- Links4 links could use <R> components
Overview
Section titled “Overview”Model registries represent a foundational governance tool for managing risks from advanced AI systems. Like drug registries that enable pharmaceutical regulation or aircraft registries that support aviation safety, AI model registries would create centralized databases containing information about frontier AI systems—their capabilities, training details, deployment contexts, and safety evaluations. This infrastructure provides governments with the visibility necessary to implement more sophisticated AI governance measures.
The policy momentum is significant. The U.S. Executive Order on AI (October 2023) mandated quarterly reporting for models trained above 10^26 FLOP. The EU AI Act requires registration of high-risk AI systems and general-purpose AI models. California’s SB 53 (signed September 2025) requires transparency reports and incident reporting for frontier models above 10^26 FLOP. New York’s RAISE Act requires incident reporting within 72 hours. These requirements create the skeleton of a registry system, though implementation remains fragmented and early-stage.
The strategic value of model registries lies in their enabling function. A registry alone doesn’t prevent harm—but it provides the information foundation for safety requirements, pre-deployment review, incident tracking, and international coordination. Without knowing what models exist and what capabilities they possess, governments cannot effectively regulate AI development. Model registries transform AI governance from reactive to proactive by creating visibility into the development pipeline before deployment.
Current Implementation Landscape
Section titled “Current Implementation Landscape”United States
Section titled “United States”Federal Level: The October 2023 Executive Order directed the Bureau of Industry and Security (BIS) to establish reporting requirements for advanced AI models. Under the proposed rule:
- Entities must report models trained with >10^26 FLOP
- Quarterly reporting on training activities
- Six-month forward-looking projections required
- Information includes ownership, compute access, safety testing
State Level:
| State | Legislation | Key Requirements | Status |
|---|---|---|---|
| California | SB 53 | Transparency reports for models above 10^26 FLOP; 15-day incident reporting | Enacted Sep 2025; effective Jan 1, 2026 |
| New York | RAISE Act | 72-hour incident reporting; safety protocol publication; civil penalties up to $1M | Enacted 2024 |
| Colorado | SB 24-205 | High-risk AI system registration; algorithmic impact assessments | Enacted May 2024 |
European Union
Section titled “European Union”The EU AI Act (Regulation EU 2024/1689), which entered into force August 1, 2024, establishes the most comprehensive registry requirements to date:
- General-Purpose AI Models: Registration with EU AI Office if trained above 10^25 FLOP
- High-Risk AI Systems: Registration in EU database before market placement
- Systemic Risk Models: Additional transparency and safety requirements
- Required Information: Technical documentation, compliance evidence, intended use
The EU database will be publicly accessible for high-risk AI systems, with confidential technical documentation available to regulators. Per Article 49, providers must register themselves and their systems before placing high-risk AI systems on the market. High-risk obligations become applicable in August 2026-2027.
China has implemented registration requirements since 2023 under the Interim Measures for Generative AI Services:
- Deep synthesis (deepfake) algorithms must register with CAC
- Generative AI services require registration before public offering
- Algorithmic recommendation services subject to separate registry
- As of November 2025, 611 generative AI services and 306 apps had completed filing
- Apps must publicly disclose which filed model they use, including filing number
- Focus on content moderation and political sensitivity
Comparison Table
Section titled “Comparison Table”| Jurisdiction | Compute Threshold | Pre/Post Deployment | Public Access | Penalties |
|---|---|---|---|---|
| US Federal | 10^26 FLOP | Pre + ongoing | Limited (security) | Under development |
| California | 10^26 FLOP | Pre-deployment | Transparency reports public | Up to $1M/violation |
| New York | Scale-based | Pre + incidents | Protocols public | Up to $1M |
| EU | 10^25 FLOP | Pre-market | Partial | Up to 7% revenue |
| China | Any public AI | Pre-deployment | Limited | Service suspension |
Strategic Assessment
Section titled “Strategic Assessment”Benefits of Model Registries
Section titled “Benefits of Model Registries”| Benefit | Mechanism | Confidence |
|---|---|---|
| Visibility for governance | Know what exists before regulating | High |
| Incident learning | Track failures across the ecosystem | High |
| Pre-deployment review | Enable safety checks before release | Medium-High |
| International coordination | Common information standards | Medium |
| Enforcement foundation | Can’t enforce rules without knowing who to apply them to | High |
| Research ecosystem support | Aggregate data for policy research | Medium |
Limitations and Challenges
Section titled “Limitations and Challenges”| Challenge | Description | Mitigation |
|---|---|---|
| Threshold gaming | Developers structure training to avoid thresholds (research shows model distillation and mixture-of-agents approaches can achieve frontier performance below thresholds) | Multiple thresholds; capability-based triggers |
| Dual-use concerns | Registry information could advantage competitors/adversaries | Tiered access; confidentiality provisions |
| Open-source gap | Registries focus on centralized developers | Post-release monitoring; community registries |
| Enforcement difficulty | Verifying submitted information is accurate | Auditing; whistleblower protections |
| Rapid obsolescence | Thresholds outdated as technology advances | Automatic update mechanisms; sunset provisions |
| International gaps | No global registry; jurisdiction shopping | International coordination (nascent) |
Relationship to Other Governance Tools
Section titled “Relationship to Other Governance Tools”Model registries are necessary but not sufficient for AI governance. They enable but don’t replace:
Implementation Recommendations
Section titled “Implementation Recommendations”Minimum Viable Registry
Section titled “Minimum Viable Registry”For jurisdictions establishing initial AI model registries:
-
Compute-based threshold: 10^25-10^26 FLOP (adjustable)
-
Pre-deployment notification: 30-90 days before public release
-
Required information:
- Developer identity and contact
- Training compute and data sources (categorical)
- Intended use cases and deployment scope
- Safety evaluation summary
- Known risks and mitigations
-
Incident reporting: 72 hours for critical harms
-
Annual updates: Mandatory refresh of all information
-
Tiered access: Public summary + confidential technical details
Best Practices from Research
Section titled “Best Practices from Research”Based on analysis by Convergence Analysis and the Institute for Law & AI:
| Principle | Rationale | Implementation |
|---|---|---|
| Minimal burden | Encourage compliance, reduce resistance | Require only information developers already track |
| Interoperable | Enable international coordination | Align with emerging international standards |
| Updatable | Technology changes faster than regulation | Built-in mechanism for threshold adjustment |
| Complementary | Registry enables other tools, doesn’t replace them | Design for integration with safety requirements |
| Proportionate | Different requirements for different risk levels | Tiered obligations based on capability/deployment |
Avoiding Common Pitfalls
Section titled “Avoiding Common Pitfalls”Don’t:
- Set thresholds so high only 2-3 models qualify (too narrow)
- Require disclosure of trade secrets unnecessarily (industry opposition)
- Create registry without enforcement mechanism (toothless)
- Assume static thresholds will remain appropriate (obsolescence)
- Ignore international coordination from the start (jurisdiction shopping)
Future Trajectory
Section titled “Future Trajectory”Near-Term (2025-2026)
Section titled “Near-Term (2025-2026)”- California SB 53 effective January 2026 (transparency reports, incident reporting)
- EU high-risk AI database operational (August 2026-2027 compliance deadlines)
- GovAI forecasts 103-306 models exceeding 10^25 FLOP (EU threshold) by 2028
- 5-10 jurisdictions with some form of registry
- Initial international coordination discussions
Medium-Term (2027-2030)
Section titled “Medium-Term (2027-2030)”- Potential international registry framework
- Capability-based triggers supplement compute thresholds
- Integration with compute monitoring
- Real-time incident reporting systems
- Cross-border data sharing agreements
Key Uncertainties
Section titled “Key Uncertainties”| Question | Optimistic Scenario | Pessimistic Scenario |
|---|---|---|
| International coordination | Common standards, shared database | Fragmented, incompatible systems |
| Enforcement effectiveness | High compliance, meaningful oversight | Widespread evasion, symbolic only |
| Open-source coverage | Community registries, post-release tracking | Unmonitored proliferation |
| Threshold relevance | Adaptive thresholds track real risks | Outdated, easily gamed |
Quick Assessment
Section titled “Quick Assessment”| Dimension | Assessment | Notes |
|---|---|---|
| Tractability | High | Active legislation in multiple jurisdictions |
| If AI risk high | High | Essential infrastructure for any governance |
| If AI risk low | Medium | Still useful for transparency and accountability |
| Neglectedness | Low-Medium | Active policy area but implementation gaps |
| Timeline to impact | 1-3 years | Requirements taking effect 2025-2026 |
| Grade | B+ | Foundational but not transformative alone |
Risks Addressed
Section titled “Risks Addressed”| Risk | Mechanism | Effectiveness |
|---|---|---|
| Racing DynamicsRiskRacing DynamicsRacing dynamics analysis shows competitive pressure has shortened safety evaluation timelines by 40-60% since ChatGPT's launch, with commercial labs reducing safety work from 12 weeks to 4-6 weeks....Quality: 72/100 | Visibility into development timelines | Low-Medium |
| Misuse RisksMisuse RisksComprehensive analysis of 13 AI misuse cruxes with quantified evidence showing mixed uplift (RAND bio study found no significant difference, but cyber CTF scores improved 27%→87% in 4 months), deep...Quality: 65/100 | Know what capabilities exist | Medium |
| Regulatory arbitrage | Harmonized international requirements | Low (currently) |
| Incident learning gaps | Mandatory reporting creates database | Medium-High |
Complementary Interventions
Section titled “Complementary Interventions”- Compute Governance - Hardware-based verification complements software registration
- Export ControlsPolicyUS AI Chip Export ControlsComprehensive empirical analysis finds US chip export controls provide 1-3 year delays on Chinese AI development but face severe enforcement gaps (140,000 GPUs smuggled in 2024, only 1 BIS officer ...Quality: 73/100 - Control inputs to models in registry
- AI Safety InstitutesPolicyAI Safety Institutes (AISIs)Analysis of government AI Safety Institutes finding they've achieved rapid institutional growth (UK: 0→100+ staff in 18 months) and secured pre-deployment access to frontier models, but face critic...Quality: 69/100 - Institutions to review registered models
- Responsible Scaling PoliciesPolicyResponsible Scaling Policies (RSPs)RSPs are voluntary industry frameworks that trigger safety evaluations at capability thresholds, currently covering 60-70% of frontier development across 3-4 major labs. Estimated 10-25% risk reduc...Quality: 64/100 - Industry commitments that registries can verify
Sources
Section titled “Sources”Policy Analysis
Section titled “Policy Analysis”- Convergence Analysis (2024): “AI Model Registries: A Foundational Tool for AI Governance” - Comprehensive design framework developed in collaboration with Gillian Hadfield; influenced US BIS consultation and EU GPAI Code of Practice
- Institute for Law & AI (2024): “The Role of Compute Thresholds for AI Governance” - Threshold design considerations
- GovAI (2024): “Trends in Frontier AI Model Count: A Forecast to 2028” - Projects 45-148 models exceeding 10^26 FLOP by 2028
- Heim et al. (2024): “Training Compute Thresholds: Features and Functions in AI Regulation” - Analysis of compute thresholds as governance metrics
- Hooker (2024): “On the Limitations of Compute Thresholds as a Governance Strategy” - Critiques threshold gaming via distillation and MoA approaches
Legislation and Regulation
Section titled “Legislation and Regulation”- US Executive Order 14110 (October 2023): “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence” - Established 10^26 FLOP reporting threshold
- EU AI Act (2024): Regulation (EU) 2024/1689 - Article 49 covers registration requirements
- California SB 53 (2025): Transparency in Frontier Artificial Intelligence Act - First US state frontier AI safety law; effective January 2026
- New York RAISE Act (2024): Requiring AI Safety and Excellence - 72-hour incident reporting
Implementation Resources
Section titled “Implementation Resources”- NIST: AI Risk Management Framework integration guidance
- EU AI Office: High-risk AI system registration requirements
- Future of Privacy Forum (2025): “California’s SB 53: The First Frontier AI Law, Explained”
AI Transition Model Context
Section titled “AI Transition Model Context”Model registries improve the Ai Transition Model through Civilizational CompetenceAi Transition Model FactorCivilizational CompetenceSociety's aggregate capacity to navigate AI transition well—including governance effectiveness, epistemic health, coordination capacity, and adaptive resilience.:
| Factor | Parameter | Impact |
|---|---|---|
| Civilizational CompetenceAi Transition Model FactorCivilizational CompetenceSociety's aggregate capacity to navigate AI transition well—including governance effectiveness, epistemic health, coordination capacity, and adaptive resilience. | Regulatory CapacityAi Transition Model ParameterRegulatory CapacityEmpty page with only a component reference - no actual content to evaluate. | Provides information foundation for any governance interventions |
| Civilizational CompetenceAi Transition Model FactorCivilizational CompetenceSociety's aggregate capacity to navigate AI transition well—including governance effectiveness, epistemic health, coordination capacity, and adaptive resilience. | Institutional QualityAi Transition Model ParameterInstitutional QualityThis page contains only a React component import with no actual content rendered. It cannot be evaluated for substance, methodology, or conclusions. | Enables pre-deployment review and incident learning |
| Civilizational CompetenceAi Transition Model FactorCivilizational CompetenceSociety's aggregate capacity to navigate AI transition well—including governance effectiveness, epistemic health, coordination capacity, and adaptive resilience. | International CoordinationAi Transition Model ParameterInternational CoordinationThis page contains only a React component placeholder with no actual content rendered. Cannot assess importance or quality without substantive text. | Common standards facilitate cross-border coordination |
Registries are necessary but not sufficient infrastructure; they enable rather than replace safety requirements, evaluations, and enforcement mechanisms.