Before Google DeepMind, Microsoft, or Elon Musk’s xAI can release their next frontier AI model to the public, the U.S. government now gets to look under the hood first. In May 2026, all three companies signed agreements with a federal office inside the Commerce Department that grants government evaluators access to their most powerful systems before launch. The deals formalize what was once informal and voluntary, and they arrive just as the Trump administration weighs going further: an executive order that would give an interagency group, including intelligence officials, a structured role in deciding whether a model is safe enough to ship.
The result is a collision that has been building for two years between national security agencies determined to screen AI for catastrophic risks and technology companies under intense pressure to move fast in a global race with Chinese rivals.
From handshake deals to government access
The office at the center of this effort is the Center for AI Safety and Innovation, or CAISI, which sits within the National Institute of Standards and Technology. It was previously known as the U.S. AI Safety Institute but was rebranded in early 2025 under the Trump administration, a name change that signaled a deliberate pivot toward national security.
CAISI’s roots trace to August 2024, when its predecessor signed what NIST called first-of-their-kind agreements with OpenAI and Anthropic covering safety research, testing, and evaluation of frontier models. Those memoranda established a precedent: developers would give federal evaluators an early look at their most capable systems and continue sharing access after deployment. The May 2026 expansion to Google DeepMind, Microsoft, and xAI brought the total to five major signatories and moved the arrangement from experiment to something closer to industry norm.
According to NIST, the agreements cover pre-release testing, post-deployment assessment, and targeted research on AI security and national security. What they do not spell out, at least publicly, is what happens when government reviewers find something alarming. It remains unclear whether CAISI can insist on design changes, request a delay to a product launch, or simply hand over recommendations that a company is free to ignore.
The legal backbone (and its complications)
The voluntary agreements do not operate in a vacuum. In October 2023, the Biden administration issued Executive Order 14110, which directed sweeping federal AI actions and invoked the Defense Production Act to require developers training the largest models to share safety test results with the government. That gave the requirement legal teeth: the DPA can carry penalties for noncompliance, something a handshake deal cannot.
But the legal landscape shifted in January 2025, when President Trump revoked EO 14110 shortly after taking office, calling it an obstacle to American AI leadership. That revocation removed the mandatory reporting framework for frontier model developers, leaving the CAISI agreements as the primary channel for pre-release government access. The distinction matters: without a DPA mandate, the current system depends on companies choosing to cooperate.
Now the administration appears to be reconsidering how much authority it wants. The New York Times reported in May 2026 that senior Trump officials are discussing a new executive order that would create an interagency working group to review and vet AI models before release. The discussions reportedly involve national security stakeholders, meaning intelligence and defense officials would have a formal seat at the table. No draft text has been published, and no named official has used the word “veto” in public, but the trajectory is unmistakable: from informal cooperation toward a potentially binding pre-release gate.
What a security screen would actually look like
The government’s interest is not abstract. Federal officials have grown increasingly concerned that frontier AI models could lower the barrier to conducting cyberattacks, synthesizing dangerous biological agents, or generating sophisticated disinformation at scale. CAISI has framed its work as protecting the private sector from AI security risks while tying its mission to a broader national security action plan.
That framing is strategic. By casting pre-release review as shared defense rather than top-down regulation, CAISI makes cooperation more palatable to companies that worry about losing weeks or months in a launch cycle. But it also opens the door to deeper involvement by agencies whose primary mission is intelligence gathering and threat assessment, not consumer protection.
The practical mechanics remain opaque. None of the five signatory companies have released detailed accounts of how government reviews fit into their internal red-teaming processes. It is not publicly known how often federal feedback has led to concrete changes in a product’s design or release schedule. And no U.S. agency has published an analysis weighing the security benefits of pre-release screening against the competitive costs of slower deployment.
The global race complicates everything
American AI developers do not operate in isolation. They compete directly with Chinese labs, several of which are backed by the state and subject to their own regulatory regime. China’s Interim Measures for the Management of Generative AI Services, in effect since August 2023, already require companies to submit generative AI products for a security assessment before offering them to the public. In practice, Beijing uses that process to enforce content controls and ensure alignment with state priorities.
The comparison cuts both ways. Proponents of U.S. pre-release review argue that structured government testing could help American firms avoid costly security incidents and build trust with allies who are developing their own AI governance frameworks, including the European Union, whose AI Act imposes obligations on high-risk systems. Critics counter that layering national security review on top of an already complex regulatory environment could slow U.S. companies just as Chinese competitors accelerate, handing Beijing a first-mover advantage on capabilities that matter for both commerce and defense.
To date, no company has publicly attributed a specific product delay to CAISI’s involvement. But the concern is forward-looking: if a future executive order gives an interagency group the power to hold up a release, the calculus changes sharply.
The questions Congress and industry are asking
Several unresolved issues will shape how this system evolves. The most immediate is legal authority. If the Trump administration issues a new executive order, the mechanism it invokes will determine whether pre-release review is a request or a requirement. A DPA mandate would give the government enforcement power; a voluntary framework would depend on industry goodwill and the implicit threat of harsher regulation down the road.
Scope is another open question. The current agreements and the now-revoked EO 14110 focused on models above certain compute or capability thresholds, leaving smaller and specialized systems outside the review regime. Policymakers have not said whether they plan to extend oversight to open-source releases, fine-tuned derivatives of major models, or high-risk applications in sectors like health care and critical infrastructure. Where regulators draw that line will determine whether pre-release screening applies to a handful of frontier systems or to a much broader swath of the AI ecosystem.
Civil liberties groups and the open-source community have raised a different set of concerns. Giving intelligence agencies a role in deciding which AI tools reach the public raises questions about prior restraint, transparency, and the potential for mission creep. If a model is blocked or altered based on a classified threat assessment, developers and the public may never learn the full reasoning behind the decision.
Where the fault line runs
The United States has already built the scaffolding for a system in which some of the most capable AI models face government review before broad release, with national security as the central justification. Five of the world’s leading AI developers have signed on. The legal and institutional pieces are in motion. What remains unsettled is how much binding authority security agencies will ultimately wield over commercial timelines, and whether the balance between innovation speed and national defense will be struck through public rulemaking or behind closed doors.
Until a new executive order is signed, implementing rules are published, or the terms of the CAISI agreements are disclosed in greater detail, the answers will keep shifting. For now, the most powerful AI systems in the world sit at the intersection of two competing imperatives, and the people negotiating the outcome are not yet ready to show their hand.
More from Morning Overview
*This article was researched with the help of AI, with human editors creating the final content.
