top of page

The AI Risk Assessment Your Board Approved Was Built for a Market That No Longer Exists

Until June 2026, frontier AI was governed by terms of service and commercial availability. The US government is now approving customers one by one, pulling models offline, and requiring pre-release vetting for national security risks. The risk framework that governs your organisation's AI infrastructure needs to be updated for the market that currently exists — not the one that existed twelve months ago.



Sign up for my Substack daily AI newsletter here.


See my AI Training course portfolio for corporate Business Leaders here.




On 12 June 2026, the US Commerce Department issued a directive that made Anthropic’s Fable 5 and Mythos 5 models unavailable to every user in every country simultaneously. No advance notice. No published criteria. No recourse. An AI legal startup subsequently sued the US government, claiming the shutdown caused immediate, irreparable, and existential harm to its business. The NSA, which had been testing Mythos for its own offensive cybersecurity operations, was shut out alongside everyone else.


On 26 June 2026, OpenAI announced it is restricting access to its new GPT-5.6 Sol model — its most capable model yet in agentic coding, biology, and cybersecurity — to approximately 20 customers approved by the Trump administration. CEO Sam Altman told staff in an internal memo that the company had made clear to the US government that this was not its preferred long-term model. Hours later, Anthropic announced the Trump administration had approved limited release of Mythos — two weeks after the global shutdown — while Fable remained offline.


The market your AI risk assessment was designed for assumed that the primary risk to AI availability was technical failure. That assumption is no longer adequate. The primary risk to frontier AI availability in 2026 is political.


CONTEXT AND BACKGROUND

On 2 June 2026, President Trump signed an executive order titled Promoting Advanced Artificial Intelligence Innovation and Security. The order established a framework for the federal government to vet the national security risks of the most advanced AI systems for up to 30 days before their public release. The White House described participation by AI developers as voluntary. The order directed the National Security Agency to run a classified benchmarking process to determine which models qualify as covered frontier models subject to review. The criteria for trusted partner selection were not published. The process for determining which models require review is classified.


The executive order’s voluntary characterisation requires examination against the events that preceded and followed it. The sequence that produced the Anthropic shutdown reveals the mechanism precisely. Anthropic CEO Dario Amodei visited Washington in April 2026 and warned officials that Mythos had advanced cybersecurity capabilities that could be weaponised. Amazon researchers subsequently discovered a specific jailbreak in Fable and its CEO personally alerted federal officials. The Commerce Department issued a directive. Anthropic complied. David Sacks, co-lead of Trump’s technology advisory council, described the sequence directly on a podcast: “Dario came to Washington a few months ago, back in April, and basically said that he had created a cyber weapon called Mythos. He spiked the cortisol level, got everyone really worried.” The company that disclosed its most capable model’s risks was shut down, designated a national security risk by the Pentagon, and had Trump order federal agencies to stop using its products. The company that said less and negotiated more is now releasing its new model through an approved partner programme. The lesson the episode teaches about the relationship between AI safety transparency and regulatory consequence is not the one the governance community hoped to teach.


US Representative Lori Trahan named the governance failure precisely: the Trump administration is deciding company by company who gets access to the newest AI model — no law, no process, no oversight, just appointees in Washington deciding who is in and who is out. Stanford cybersecurity expert Alex Stamos reviewed Amazon’s analysis of Fable and found no risks not present in other publicly available AI models, including those made in China. The model has been unavailable for two weeks. The expert community’s assessment and the government’s action are not reconcilable. The governance framework that should mediate between them does not exist.


The episode has a specific and underexamined financial dimension. Treasury Secretary Scott Bessent raised alarms that frontier AI models could exploit vulnerabilities in the global financial system — not merely in military infrastructure but in the digital and financial architecture on which global commerce depends. The South African Reserve Bank’s June 2026 Financial Stability Review placed frontier AI in the same severe risk tier as the US-Iran war, citing cyber risk as having shifted from episodic and largely manageable events to continuous and compounding. Both assessments are now more precise than they were when they were written. The Anthropic shutdown demonstrated that AI infrastructure risk is not only about what the technology can do. It is about who controls the switch.


INSIGHT AND ANALYSIS

The Council on Foreign Relations assessment of the executive order identifies the central governance challenge precisely: the order asks the right question — how does the United States evaluate the most powerful AI systems for national security risk while preserving the innovation advantage that produced them — but the answer will be written in the benchmarking methodology, the quality of the lab-government collaboration, and whether the national security community treats this moment as an opportunity to master frontier AI capabilities rather than simply to restrict them. The June 2026 events suggest the answer is not yet settled.


The Anthropic paradox is the most important governance observation in the entire episode. The company that conducted responsible AI development — that warned governments about the risks of its own most capable model, that disclosed the cybersecurity implications of Mythos before release, that built safety into its product design — was the company that was shut down, designated a risk, and excluded from federal use. The company that disclosed less is releasing to approved partners. The incentive this creates for future AI safety transparency is deeply troubling. The governance community has spent years arguing that AI safety requires AI companies to be honest about what their most capable models can do. The June 2026 episode is the most concrete data point yet about what that honesty costs when the regulatory response is driven by national security instinct rather than evidence-based process.


The frontier AI model is no longer simply a capability. It is a credentialled access system in which the government has a role in determining who receives which version of what the technology can do. OpenAI has built tiered identity verification directly into its model architecture — a Trusted Access for Cyber framework that forces verified enterprise users to undergo identity verification to receive different classifier-based refusal rates for sensitive tasks. This is not governance layered on top of a product. It is bureaucracy engineered into the architecture itself. The implications for organisations that rely on those capabilities for legitimate professional purposes — legal research, security analysis, code review, clinical decision support — are significant and have not yet been worked through in any published framework.


IMPLICATIONS

For boards and executives responsible for AI strategy, the June 2026 events carry three specific governance implications that most current risk frameworks have not yet incorporated.


The first is about vendor dependency modelling. The AI risk assessments most organisations have approved evaluate vendor risk in terms of financial stability, service level agreements, data security, and regulatory compliance. None of those frameworks adequately addresses the scenario that materialised in June 2026 — a government directive making a model unavailable to all users simultaneously, without advance notice, without published criteria, and without recourse in any contract or service level agreement currently written. The organisations that built workflows, customer-facing products, and operational infrastructure on Anthropic’s models discovered their dependency when the models were already offline. The risk was always present. The framework for identifying it was not.


The second is about the geopolitical dimension of AI procurement. The US government’s vetting regime has introduced a new category of risk into AI procurement decisions that sits above vendor capability, pricing, and compliance — the risk of political inaccessibility. A frontier AI model hosted in the United States is subject to US national security law, US export control regimes, and US executive orders. The decision about which of those apply, and when, is made by intelligence agencies using classified criteria with no published accountability. For South African organisations, this is not a theoretical consideration. It is the operational reality that the June 2026 shutdown demonstrated. Any organisation that has embedded US-hosted frontier AI infrastructure into its operations without modelling political inaccessibility as a risk category has an incomplete risk assessment.


The third is about the governance gap at every level simultaneously. The US framework is voluntary in name and compulsory in practice, classified in criteria, and absent in accountability. South Africa’s national AI policy was withdrawn in April 2026 after fabricated citations were discovered. The EU AI Act addresses many AI risks but does not govern US government decisions about model availability. No international framework determines what recourse an organisation in Johannesburg has when a US intelligence agency decides that the model powering its operations should be made unavailable. The governance gap is not in one jurisdiction. It is in the space between jurisdictions — and it is precisely the space where the most consequential AI decisions of 2026 are being made.


CLOSING TAKEAWAY

The AI risk assessment your board approved was built for a market in which the primary risks to AI availability were technical — model failure, data breach, vendor insolvency, regulatory non-compliance. Those risks are real and the frameworks designed to address them remain necessary. They are no longer sufficient.


The market that exists in June 2026 is one in which the availability of frontier AI models is determined by classified government processes, in which the company that disclosed its most capable model’s risks was shut down and the company that disclosed less was rewarded with an approved partner programme, and in which the organisations most dependent on US-hosted AI infrastructure have no representation in the decisions that determine their access. The risk assessment that adequately describes that market has not yet been written for most South African organisations. Writing it is now a governance obligation, not a future consideration.


Johan Steyn is a prominent AI thought leader, speaker, and author with a deep understanding of artificial intelligence’s impact on business and society. He is passionate about ethical AI development and its role in shaping a better future. Find out more about Johan’s work at https://www.aiforbusiness.net


 
 
 

Comments


Leveraging AI in Human Resources ​for Organisational Success
CTU Training Solutions webinar

bottom of page