State of AI Regulation and Safety 2026

AI governance is expanding fast but unevenly: 47 countries now have active AI-specific legislation, yet enforcement mechanisms lag, model transparency scores have slipped, and reported AI incidents rose to a record 362 in 2025. The EU AI Act is the most concrete framework, phasing in obligations through 2028 while Brussels weighs simplifications and the US relies on a fragmented patchwork of bills.

The EU AI Act is the global reference point

The EU AI Act entered into force on 1 August 2024 and applies in stages: bans on prohibited practices and AI-literacy duties from February 2025, general-purpose AI obligations from August 2025, and the bulk of high-risk rules by August 2026, with product-embedded high-risk systems given until August 2028. Penalties are steep, reaching up to EUR 35 million or 7% of global annual turnover for the most serious breaches. This tiered, risk-based design has become a template that other jurisdictions reference. Whether it proves workable depends heavily on enforcement capacity and forthcoming guidance.

Even the EU is hedging on enforcement timing

Regulation is not a one-way ratchet. In November 2025 the European Commission signaled a simplification procedure that could soften enforcement for high-risk systems and delay fines for transparency violations from 2026 to 2027. The July 2025 General-Purpose AI Code of Practice is voluntary, giving developers a lighter-touch route to demonstrate compliance. These moves reflect genuine tension between protecting the public and avoiding rules that outpace technical and administrative readiness. The balanced reading is that AI law is still being calibrated in real time rather than settled.

The US remains a fragmented patchwork

Unlike the EU, the United States has no single comprehensive federal AI law, relying instead on existing-agency enforcement, executive orders and voluntary standards. The result is a sprawling landscape, with roughly 1,200 AI-related bills introduced across federal and state levels and many state laws taking effect from January 2026. This creates uncertainty for companies operating across states and has prompted debate over federal preemption of state rules. Globally, Stanford's AI Index notes that while 47 countries have AI legislation, only a fraction have built real enforcement mechanisms.

Safety metrics are moving in the wrong direction

Stanford's 2026 AI Index recorded 362 reported AI incidents in 2025, up from 233 in 2024, which itself was a 56% jump over 2023. Model transparency also regressed: the average Foundation Model Transparency Index score fell to 40 in 2025 after climbing to 58 in 2024. There is some good news, as AI-specific governance roles grew 17% and the share of firms with no responsible-AI policy fell from 24% to 11%. The picture is mixed: institutional governance is maturing even as incident counts and disclosure gaps worsen.

FAQ

More reports

Compiled by ToolGlance from publicly reported data; figures link to their sources. Updated 2026-05-30.