Google DeepMind CEO Demis Hassabis is calling for a U.S.-led standards body that could evaluate the world’s most capable AI models before release and coordinate an industry-wide slowdown if dangerous capabilities outpace available safeguards.
The proposal, made public on July 14, borrows its institutional model from the Financial Industry Regulatory Authority. FINRA is funded by the securities industry but operates under government oversight. Hassabis argues that frontier AI needs a similarly technical body: independent enough to evaluate competing laboratories, fast enough to update tests as capabilities change, and accountable to public authority.
The idea is more concrete than another voluntary safety pledge. It is not yet law, does not have an agreed enforcement mechanism, and leaves major questions about open models and international participation.
What the proposal would create
Hassabis describes a Frontier AI Standards Body led by the United States in cooperation with democratic allies. The organization would be funded by industry, staffed by high-level technical experts, and overseen by the federal government.
Its scope would be based on capability rather than company size or a fixed compute threshold. Models that cross regularly updated benchmarks would be classified as frontier models, and their developers would become frontier labs subject to additional expectations.
Those expectations could include:
- Sharing qualifying models for independent review up to 30 days before release.
- Publishing model cards with meaningful technical and safety information.
- Maintaining stronger internal cybersecurity around model weights and research systems.
- Vetting personnel with access to the most sensitive capabilities.
- Funding safety, security, interpretability, and evaluation work at a level proportionate to capability.
- Coordinating a temporary slowdown if testing reveals risks that labs cannot adequately mitigate.
Axios reports that Hassabis wants the framework to cover qualifying models regardless of country of origin and regardless of whether they are open or closed. Smaller models, startups, and academic projects would remain outside the frontier tier until their measured capabilities crossed the threshold.
The strongest part is the moving threshold
AI regulation built around model names, parameter counts, or one generation of benchmarks ages quickly. A smaller model can inherit capabilities through better data, post-training, tools, or inference-time computation. A large base model may also be less operationally dangerous than a smaller agent connected to code execution and sensitive systems.
A capability-triggered framework is therefore directionally stronger than a rule that says every model above a fixed training-compute level receives identical treatment.
The difficult part is measurement. Benchmarks can saturate, leak into training data, or fail to represent real-world tool use. A frontier designation would need test families for cyber capability, biological assistance, autonomous replication, deception, long-horizon agency, and safeguards under adversarial pressure. The body would also need authority to update those tests without turning every revision into a multiyear rulemaking process.
That is the practical appeal of the FINRA analogy: technical standards can move faster inside a specialized self-regulatory organization than through ordinary legislation. The analogy does not solve who writes the standards or how failures are punished.
Five unresolved engineering and governance questions
1. What makes a test result binding?
The proposal begins with voluntary pre-release access. A voluntary system works only while every leading lab believes cooperation is strategically preferable to shipping first. A credible slowdown mechanism eventually needs a legal trigger, procurement consequence, cloud-compute agreement, or market-access rule.
2. Can 30 days support meaningful evaluation?
Thirty days may be enough to run established tests. It is short for developing novel evaluations, reproducing surprising behavior, testing mitigations, and resolving disagreement between a lab and the evaluator. Labs may also continue post-training during the review period, creating ambiguity about whether the tested build matches the released build.
3. How would open weights be handled?
The proposal says the capability threshold should apply to open and closed models. Once weights are publicly distributed, however, later restrictions are difficult to enforce and safety layers can be removed. A review system would need a decision point before publication and a clear policy for foreign releases that become available online.
4. Who audits the auditor?
Industry funding creates access to talent and resources, but also a risk of regulatory capture. Frontier labs could shape benchmarks around capabilities they already measure well or use confidential information asymmetrically. Independent researchers, open-source representatives, security engineers, and civil-society experts would need durable authority rather than advisory seats.
5. What exactly triggers a slowdown?
“Dangerous capability” is not a sufficient operational rule. The standards body would need published escalation levels, evidence requirements, appeal procedures, and conditions for restarting development or deployment. Otherwise, a slowdown could become either impossible to invoke or vulnerable to political pressure.
What developers and AI companies would notice
If a framework like this became enforceable, its effects would reach beyond frontier labs.
Model releases could become more staged. Providers might separate internal evaluation builds, limited research previews, enterprise deployments, and broad public access. API customers would need stronger version pinning and clearer notice when a model changes after review.
Evaluation artifacts could also become part of the product surface. Model cards, cyber test results, known failure modes, tool-use restrictions, and provenance records would matter to procurement teams in the same way security certifications matter today.
Open-source developers would face the hardest boundary question. Most open models would remain below the frontier threshold, but a highly capable open release could encounter pre-publication obligations that conflict with the norms of permissionless distribution. The representation of open-source researchers inside the proposed body would therefore affect whether the framework protects public research or primarily reinforces incumbent labs.
Proposal, not policy
Hassabis has reportedly briefed U.S. officials, other AI lab leaders, and European policymakers. The Trump administration is already developing a voluntary process under which developers could provide models to government evaluators before release. A new standards body would formalize and broaden that approach, but no such regulator currently has the authority described in the proposal.
The distinction matters. There is no announced release pause, mandatory 30-day waiting period, or globally accepted frontier-model definition. Those are design elements being advocated, not current requirements.
The signal
The AI governance debate is shifting from general principles toward release infrastructure: who receives a frontier model first, which tests it must pass, what evidence is public, and who can delay deployment.
Hassabis’s proposal is significant because it comes from the leader of a frontier lab and includes a mechanism that could constrain the entire competitive field. Its moving capability threshold is technically sensible. Its legitimacy will depend on enforcement, international participation, protection against capture, and whether independent evaluators can test models deeply enough before the next release clock expires.


