OPENAI PUBLISHES EU COMPLIANCE FRAMEWORK — CRITICS SAY IT MAPS OLD POLICIES TO NEW LAWS AND CALLS IT PROGRESS
OpenAI released its Frontier Governance Framework on May 28, positioning the document as a public accounting of how its internal safety practices line up with incoming regulatory requirements, specifically California’s Transparency in Frontier AI Act and the EU AI Act’s Code of Practice for General Purpose AI. The EU rules become fully enforceable on August 2, 2026, giving OpenAI about two months to get its story straight.
The framework covers risk assessment across cyber offense capabilities, CBRN threats, manipulation risks, and loss-of-control scenarios. It also addresses model reporting, external expert input, incident response, and security practices. On paper it looks thorough. In practice it is largely a translation document, mapping OpenAI’s existing Preparedness Framework onto regulatory language.
That is where the skepticism comes in. The company did not announce new safety measures, did not commit to third-party audits beyond what it already does, and did not set any thresholds that would trigger it to withhold a model from release. It published a document that says here is what we do, matched to what the law requires us to show.
Whether this satisfies regulators in Brussels and Sacramento remains to be seen. The EU AI Act has enforcement teeth in ways the US does not. For OpenAI, releasing this now is smart politics. It signals compliance before the deadline arrives and before competitors are forced to follow.
Keywords: OpenAI EU AI Act compliance, Frontier Governance Framework, OpenAI regulation, AI safety 2026