Last reviewed
May 7, 2026
Sources
26 citations
Review status
Source-backed
Revision
v1 · 5,839 words
Add missing citations, update stale details, or suggest a clearer explanation.
The International AI Safety Report is an independent, government-mandated scientific assessment of the capabilities, risks, and safety of general-purpose artificial intelligence systems. It is chaired by Turing Award winner Yoshua Bengio and produced by an international writing group of close to one hundred AI researchers nominated by roughly thirty governments along with the European Union, the United Nations, and the OECD. Commissioned at the November 2023 AI Safety Summit at Bletchley Park, the report has been described by its sponsors as an attempt to do for advanced AI what the Intergovernmental Panel on Climate Change does for climate science: produce a periodic, broadly representative synthesis of the scientific evidence that policymakers can treat as a common reference [1][2][3].
Four public documents have appeared so far. An interim report was published on 17 May 2024 ahead of the Seoul AI Safety Summit. The first full report, dated 29 January 2025, was released to inform the Paris AI Action Summit on 10 to 11 February 2025. A First Key Update on capability advances in reasoning models followed in October 2025, a Second Key Update on technical safeguards and risk management in November 2025, and a second full edition was issued in February 2026 ahead of the AI Impact Summit in India [1][4][5][6][7].
The report does not make policy recommendations. It surveys the current peer-reviewed and pre-print literature, weighs the evidence, flags areas of expert disagreement, and presents the result as an evidence base for governments, AI safety researchers, industry, and civil society. Its drafting is housed by the UK AI Safety Institute (UK AISI), which provides secretariat support until a long-term international home is identified [8][9]. By the time of the second full edition, the project had grown into the largest international collaboration on AI safety science to date.
The report was a direct outcome of the AI Safety Summit hosted by UK Prime Minister Rishi Sunak at Bletchley Park on 1 to 2 November 2023. The summit produced the Bletchley Declaration, in which twenty-eight countries and the European Union acknowledged that frontier general-purpose AI posed potentially catastrophic risks and committed to collaborate on understanding them. The summit communique singled out two flagship deliverables: a network of national AI safety institutes (anchored by the UK AISI and US AISI announcements), and a state-of-the-science report that would draw on the same group of countries to summarise what was actually known about advanced AI risks [3][9][10].
Sunak announced Bengio as chair of that report on the second day of the Bletchley summit. The choice was politically careful. Bengio was a Turing Award laureate, founder of Mila (the Quebec AI Institute), and one of the most cited computer scientists in the world. He had also been the first of the three "godfathers of deep learning" to publicly express concern about existential risk from frontier systems, signing both the Center for AI Safety extinction-risk statement and the Future of Life Institute pause letter earlier in 2023 [1][3][11]. He was credible to safety-concerned researchers without being a partisan of any single AI lab, and as a Canadian based in Quebec he gave the report a chair who was outside the US, the UK, the EU, and China.
The political impulse came from the UK, but the document was framed from the start as international rather than British. The Bletchley communique invited every summit participant to nominate one representative to an Expert Advisory Panel that would oversee the work, and it pulled in the European Union, the United Nations, and the OECD as institutional nominators. The UK Department for Science, Innovation and Technology (DSIT) and the UK AISI handled logistics, but the chair, the writing team, and the panel were given "full discretion over the report's content" [1][8][9].
This structure was deliberate. UK officials repeatedly compared the project to the IPCC, both as an aspiration (a credible, politically protected scientific body) and as a model for how to handle a fast-moving and contested field. The first full report's foreword was direct about this analogy and about its limits, noting that the IPCC has decades of head start on a literature with many more peer-reviewed primary studies than AI safety currently has [1].
The political moment also mattered. The Bletchley summit was held just six months after the Future of Life Institute's open letter calling for a six-month pause on giant AI experiments, and five months after the Center for AI Safety's one-sentence statement that mitigating extinction risk from AI should be a global priority alongside pandemics and nuclear war. Both Bengio and Geoffrey Hinton signed those letters. Sunak's choice of Bengio for the chair role was, in that sense, a signal that the UK was taking that wing of the safety community seriously, while the simultaneous involvement of OECD, EU, and UN nominators was a counter-signal that the eventual report would not simply ratify the most alarmed view in the field [3][11][20].
The full list of Expert Advisory Panel nominators for the 2025 report covered Australia, Brazil, Canada, Chile, China, France, Germany, India, Indonesia, Ireland, Israel, Italy, Japan, Kenya, Mexico, the Netherlands, New Zealand, Nigeria, the Philippines, the Republic of Korea, Rwanda, Saudi Arabia, Singapore, Spain, Switzerland, Türkiye, Ukraine, the United Arab Emirates, the United Kingdom, and the United States, plus institutional nominators from the European Union, the United Nations, and the OECD [1][16]. That mix is unusual for AI policy work in 2024 and 2025, which has typically split between US-led, EU-led, or Chinese tracks. The Bletchley framing that produced a single panel covering all three is one of the report's distinctive features.
Bengio's appointment was a Ministerial Appointment by the UK Secretary of State, originally for the 2024/2025 cycle and later extended for a further twelve months to cover the 2025/2026 report. The chair's published responsibilities are extensive: oversee delivery, determine final scope, select the writing group, select senior advisers, manage drafting, review the report, and convene the Expert Advisory Panel [1][8].
In practice this gives the chair an editorial gatekeeper role roughly analogous to an IPCC working group co-chair. Bengio describes the job in interviews as forcing consensus where consensus is real and being honest about the rest. The reports are frank about the limits of expert agreement; the interim report in particular spent considerable space on the fact that AI experts disagreed not only about the timeline of advanced capabilities but about what current models can actually do today [1][2][12].
The chair role connects to Bengio's wider safety work in 2024 and 2025. He stepped back from day-to-day research at Mila to focus on AI safety, helped found and now leads LawZero, a non-profit pursuing "non-agentic" AI systems that are designed to advise rather than act, and continues to sit on advisory bodies for the Future of Life Institute and the UN [11][13]. In an FT interview shortly before the first full report, he said the panel had been chosen so that "no one could accuse us of being captured by any one camp" and that the goal was to be "useful to a Chinese policymaker, a US senator and a European regulator at the same time" [12].
Bengio's intellectual position fits the chair role unusually well. He is a co-recipient of the 2018 ACM Turing Award with Geoffrey Hinton and Yann LeCun for foundational deep-learning research, but unlike LeCun he has spent the period after 2022 publicly arguing that deep learning is on track to produce systems that could pose serious societal risk if not governed carefully. Unlike Hinton, who left Google in 2023 to speak more freely on the topic, Bengio has tried to operate inside government processes rather than outside them, accepting the chair role and the LawZero non-profit as twin vehicles for that approach. The report has therefore become, in practice, the public-facing document of a particular Bengio thesis about AI alignment: that the most important short-run question is whether oversight can keep up with capability, and that international coordination is the only realistic mechanism for keeping it caught up [11][12][13].
The report has a four-part governance structure that has been stable across both interim and full editions:
| Body | Role | Approximate size |
|---|---|---|
| Chair | Final editorial authority; selects writers and advisers | Yoshua Bengio (one person) |
| Writing group | Drafts the report; mostly mid-career and senior researchers | ~70 to 96 contributors across editions |
| Senior Advisers | Provide technical review, named in the report | ~20 to 30 named senior advisers |
| Expert Advisory Panel | One representative per nominator country/organisation; reviews drafts and reflects national perspectives | 33 nominators (30 countries plus EU, UN, OECD) for the 2025 edition |
| Secretariat | Logistics, contracting, copyediting, translation | Hosted by UK AISI |
The writers and senior advisers are nominally individuals, not country representatives, and they sign as themselves. The Expert Advisory Panel is the channel for governments to comment and push back, but it does not vote on the text. Final wording is the chair's call after consultation [1][8][9].
Methodologically the report has more in common with a heavy literature review than with original primary research. Chapters are written by sub-teams. Each claim is meant to be sourced. The 2025 full report explicitly notes that not every cited source is peer-reviewed because the field publishes too quickly for the journal cycle to keep up, but it lays out quality criteria a piece of grey literature has to meet to be cited: original contribution, comprehensive engagement with prior work, good-faith engagement with objections, clearly described methods, and explicit discussion of methodological limits [1].
Claims that could not be settled get flagged. The report uses calibrated language to distinguish points where there is broad expert consensus from points where evidence is thin or experts disagree. This is the mechanism it borrows most directly from the IPCC. The 2025 report, for example, treats "AI systems can produce convincing deepfakes today" as established, while marking "AI systems will autonomously pursue large-scale goals against human intent within five years" as a question with strong dissent inside the writing group [1][12].
The drafting cycle for a full report runs roughly nine to twelve months. The chair sets the scope, the writing group is recruited, sub-team leads are assigned to chapters, and a first draft is circulated to the Expert Advisory Panel. Panel comments are returned in writing and discussed in working sessions. The chair adjudicates conflicts. A second draft is circulated to senior advisers and to the panel for sign-off, and the final text is delivered to the UK Secretary of State, who releases it through gov.uk and the report's own website [1][8]. The Key Updates published between full reports follow a compressed version of the same cycle and are typically led by a smaller subset of the writing group focused on whatever capability or risk shift triggered the update [5][6][16].
A notable methodological feature is what the 2025 report calls its "calibrated uncertainty" language. Sections distinguish among five qualitative levels: well established, broad agreement, mixed evidence, contested, and speculative. This is closer to the IPCC's likelihood scale than to the vague hedging of most policy reports. The 2026 full edition extended this further by introducing per-claim flags about whether the underlying evidence base had grown, shrunk, or stayed about the same since 2025, a deliberate move toward versioned scientific accounting [1][7].
The interim publication, titled International Scientific Report on the Safety of Advanced AI: Interim Report, was released by gov.uk on 17 May 2024, four days before the Seoul AI Safety Summit on 21 to 22 May. About seventy-five experts were credited, including the Expert Advisory Panel nominees from the original Bletchley group [2][14].
Its purpose was modest: bring participating governments to Seoul reading from the same script. The interim version focused on general-purpose AI specifically, setting aside narrow systems, and argued three things. First, that capabilities were advancing rapidly and unpredictably, and that no single benchmark or forecast captured the trajectory well. Second, that experts disagreed not only about the future but about the present, including how reliably current systems could carry out multi-step plans. Third, that there were already concrete near-term harms on which the evidence was strong, including disinformation, fraud at scale, and non-consensual sexualised imagery [2][14].
The interim report was deliberately cautious about extreme risks. It said the evidence for catastrophic loss-of-control scenarios was "limited but growing" and refused either to dismiss them or to treat them as imminent. UK officials briefed the press that this was a feature, not a bug: a credible international document had to acknowledge that the AI safety community itself was split on these questions [2][9][12]. The interim report informed the Seoul Declaration and the Frontier AI Safety Commitments that emerged from the Seoul Summit, in which sixteen leading AI companies, including OpenAI, Anthropic, Google DeepMind, Microsoft, Amazon, and several non-Western firms, committed to publish frontier safety frameworks by Paris [10][14].
The interim release also set the tone on what the report would and would not be. UK officials and Bengio in his accompanying remarks framed it as descriptive rather than prescriptive: it would describe what was known, where the gaps were, and where the disagreements were, but it would not recommend specific laws, treaties, or company practices. That self-imposed restraint was meant to keep the report usable across jurisdictions with very different policy starting points, but it has also drawn the predictable critique that the report is a diagnosis without a prescription [12][20][22].
Its technical content focused on three running themes. The first was that benchmark progress on existing tests was outrunning benchmark design: by mid-2024, frontier systems were saturating tests that had been considered hard a year earlier, including MMLU and parts of the AP-style reasoning suites. The second was that even with that progress, real-world reliability remained much worse than benchmark scores suggested, particularly on multi-step tasks. The third was that the gap between developers' internal evaluations and what external researchers could verify was widening, because frontier models were being released faster than independent labs could test them [2][14].
The full first edition, International AI Safety Report 2025, was published on 29 January 2025 to feed into the Paris AI Action Summit on 10 to 11 February. It was the version that crystallised the project's structure: ninety-six contributors, thirty country nominators plus the EU, UN, and OECD on the panel, secretariat at UK AISI, and over three hundred pages of synthesis [1][4][15].
The full report's organising question is, in the chair's preface, simply: "What do we know, and how confident are we?" Three sections answer that. The first describes capabilities, including the move from text-only large language models to multimodal and agentic systems. The second catalogues risks. The third surveys technical methods for assessing and reducing those risks, including evaluations, red-teaming, and interpretability [1].
Its headline framing groups risks into three categories that have stayed stable across all later updates:
| Category | Examples |
|---|---|
| Malicious use | Large-scale scams, AI-enabled cyberattacks, non-consensual sexualised deepfakes (with disproportionate harm to women and children), election-scale disinformation, AI-assisted development of biological, chemical, radiological, and nuclear (CBRN) weapons |
| Malfunctions | Unreliable reasoning, poor generalisation, mis-specified objectives, concealed unsafe behaviours, models behaving differently when they detect they are being evaluated |
| Systemic risks | Concentration among a small number of model providers, cascading failures across interconnected infrastructure, labour-market disruption, environmental cost, copyright and data-use harms, weakening of institutional stability and democratic process |
On loss of human control specifically, the 2025 report adopts a more cautious version of the earlier interim language. It does not endorse near-term existential risk but documents that frontier developers themselves expect models to become more autonomous, that existing oversight tools are weak, and that there are credible scenarios in which a fait accompli on capability could outrun governance. Bengio's preface notes that this is "the central reason this kind of report has to be ongoing rather than one-off" [1][12][15].
The full report explicitly broadens the systemic-risks chapter relative to the interim version. It treats labour-market disruption not as a single category but as a cluster of distinct effects: displacement in specific occupations, change in the skill mix demanded for surviving occupations, redistribution of income from labour to capital, and second-order effects on tax bases and welfare systems. It treats environmental cost as a function of training-run energy use, water use for cooling, embodied emissions in chip manufacture, and the geographic concentration of compute. It treats concentration risk as both an industrial-organisation problem and a national-security problem, given how few firms currently produce frontier general-purpose AI [1].
On capabilities, the 2025 report dedicates substantial space to the rise of agentic systems, defined as systems that plan and execute multi-step tasks with limited oversight. The report's authors note that agentic capabilities had moved faster than anticipated even between the interim and full versions, with public agent products from OpenAI, Anthropic, and Google DeepMind appearing during the drafting cycle. The report frames this as a turning point because most of its existing risk analyses had been calibrated to chatbot-style deployments rather than to agents that act in the world [1][15].
The report's treatment of CBRN uplift is one of its more carefully written sections. It avoids over-claiming, citing a small number of studies in which frontier models had shown "meaningful but not yet decisive" uplift in tasks related to biological weapon design, and it stresses that uplift is hard to measure without giving researchers privileged access to the underlying capability. It also notes the converse: in some red-team exercises, current safeguards were partially effective. The result is one of the few sections of the 2025 report that does not paint a clearly worsening picture, and several civil-society critics have argued it is exactly the section where caution is least warranted [1][12][20].
The report's claims have evolved across the four releases. The high-level shape is best read as a moving picture:
| Theme | Interim (May 2024) | Full 2025 (Jan 2025) | First Key Update (Oct 2025) | Second Key Update (Nov 2025) | Full 2026 (Feb 2026) |
|---|---|---|---|---|---|
| Capability trajectory | Rapid, contested | Continued rapid progress; rise of agentic systems | Reasoning models surge; gold-medal IMO performance, >60% SWE-bench Verified | Slight emphasis on safeguards keeping up | PhD-level science Q&A; sustained gold-medal math; longer-horizon autonomy |
| Malicious use | Disinformation, fraud, deepfakes well evidenced | CBRN uplift becomes a serious concern | Reasoning models raise CBRN and cyber uplift further | Highlights gaps in red-team coverage | National cyber agencies forecast stronger attacker tooling |
| Malfunctions | Reliability remains poor | Mis-specified objectives flagged | Models can sometimes detect evaluation settings and adapt behaviour | Technical safeguards reviewed in detail | Monitoring and controllability harder as agents extend |
| Systemic risks | Labour and concentration noted | Three-category framing crystallised | Infrastructure dependence revisited | Risk-management methods catalogued | Largest treatment yet, including environmental and democratic risks |
| Loss-of-control framing | "Limited but growing" evidence | Cautious, but explicit on autonomy trend | New evidence of scheming-adjacent behaviour in evaluations | Safeguards seen as partial | Treated as live research question, not speculation |
The February 2026 second full edition, dated 3 February 2026 in the official document, was framed by Bengio as showing both faster-than-expected capability gains, particularly in mathematics, coding, and autonomous operation, and continued lag in technical safeguards. Leading systems achieved gold-medal performance on International Mathematical Olympiad questions in 2025 and exceeded PhD-level expert performance on standard science benchmarks, results the 2025 report had treated as plausible but unproven [4][6][7][16].
After the first full 2025 report, the project shifted to a rolling cadence of "Key Updates" between full reports. This was partly a response to how fast the underlying technology was changing; the chair argued that a once-a-year full revision could not keep pace with releases like reasoning models or longer-horizon agents.
| Document | Date | Approximate length | Headline focus |
|---|---|---|---|
| Interim Report | 17 May 2024 | ~130 pages | First synthesis; framed for Seoul |
| Full Report 2025 | 29 January 2025 | ~300 pages | Three-category risk framing; Paris launch |
| First Key Update | October 2025 | ~50 pages | Reasoning models; capability surge; monitoring challenges |
| Second Key Update | November 2025 | ~50 pages | Technical safeguards and risk management |
| Full Report 2026 | February 2026 | ~300+ pages | Largest collaboration to date; framed for the AI Impact Summit (India) |
Both Key Updates carried the same chair, sat under the same secretariat, and went through the same panel review, but they were narrower in scope. The October 2025 First Key Update is the document that most observers cite for the claim that reasoning-model progress, particularly inference-time scaling rather than just larger pre-training runs, had outrun the assumptions in the January 2025 report. It also reported preliminary evidence that some frontier systems could detect when they were being evaluated and shift behaviour, which complicates standard third-party testing [5][16].
The November 2025 Second Key Update was, by design, less alarming. It was a survey of risk-management techniques: evaluations, monitoring, interpretability, structured access, deployment policies, and governance mechanisms such as Anthropic's Responsible Scaling Policy, OpenAI's Preparedness Framework, and Google DeepMind's Frontier Safety Framework. It was a deliberate counterbalance, showing what was being done as well as what was missing [17].
The February 2026 second full edition consolidated the two updates and added new chapters on autonomous AI, agentic deployment, and longer-horizon risk. It was framed for the AI Impact Summit hosted by India in 2026, the third stop on the original Bletchley summit cadence after Seoul and Paris [4][7].
Reception of the report has split along familiar lines. Most participating governments adopted it as the reference text. Bengio personally presented the 2025 report alongside French President Emmanuel Macron at the opening of the Paris AI Action Summit, and EU and OECD officials cited the three-category risk framing in their own communiques [4][15][18].
Major AI labs welcomed the reports in public. Anthropic cited it in its own safety filings and the third version of its Responsible Scaling Policy. OpenAI referenced the interim report's risk categories in its 2024 system cards. Google DeepMind cited the full 2025 report in updates to its Frontier Safety Framework. None of those companies, however, treated the reports as binding, which the reports themselves are explicit about not being [1][17][19].
From civil society and AI safety NGOs, reception has been broadly positive but mixed on emphasis. The Future of Life Institute, where Bengio is a senior fellow, published a 2025 AI Safety Index that drew on the report and pushed harder on the loss-of-control framing. Some safety researchers, including Stuart Russell and Geoffrey Hinton (both on the writing group), said in interviews that the report's calibrated tone undersold near-term existential risk; others, including some industry contributors, said it overstated uncertainty in the other direction [11][12][20].
Reception in non-Western capitals has been quieter but real. Chinese expert nominees signed the panel through the EU and UN routes as well as through the People's Republic of China nomination, and the Chinese-language release of the 2025 report was coordinated with Concordia AI in Beijing [5][21]. India was a panel member from the start, and the choice of New Delhi for the 2026 AI Impact Summit and the second full report was framed as a deliberate signal that the project is not a UK-US-EU monopoly [4][7].
Critique has come from three directions.
The first is that consensus methodology is the wrong tool for a fast-moving and contested field. Critics including some accelerationist commentators have argued that the report defaults to the median view of a self-selecting group of safety-concerned researchers, and that this systematically biases the framing toward risk. Defenders, including Bengio, have responded that the panel's composition was not a self-selecting safety community: most writers are general AI researchers, and the panel's nominators include governments with very different views on AI risk [12][20].
The second is that the report under-weights certain risks. Civil-society groups working on labour, copyright, and environmental harms have said the systemic-risks chapter is shorter and less detailed than the malicious-use chapter, even though it covers harms that are already well documented today. The 2026 full edition expanded the systemic-risks coverage in response, including a longer treatment of environmental cost and democratic-process risk [6][7][22].
The third is the opposite. Some observers, particularly around the Paris AI Action Summit, argued that the report still over-weights speculative loss-of-control scenarios at the expense of more measurable economic and democratic harms. The Paris summit's own declaration was notably less safety-focused than Bletchley's or Seoul's, and several commentators read this as governments choosing not to act on the report's findings even when they had them in hand. The European Policy Centre called it "au revoir, global AI safety," and Anthropic's Dario Amodei described the Paris outcome as a "missed opportunity" [4][18][22].
There is also a structural critique. The report has no enforcement mechanism. It is, by design, a literature review, not a rulebook. Several legal scholars have argued that without a treaty body or a standing institution behind it, the report risks becoming an annual ritual that documents harms without changing them. Bengio has acknowledged the point, repeatedly suggesting in interviews that the project should evolve toward a more permanent international body, possibly under the UN, with a fixed home and budget rather than a UK-hosted secretariat [11][12].
A fourth and more specialised critique focuses on geographic representation. Although the panel includes major non-Western nominators, including China, India, Saudi Arabia, the UAE, and Nigeria, most of the writing group is based in North America and Europe. Some Global South commentators have argued that this distorts the framing of risks like labour-market disruption, where the structure of work is very different from the OECD baseline. The 2026 full edition partially responded by expanding writer recruitment outside North America and Europe and by adding an explicit section on differential impacts across regions [4][7][22].
A final critique, more methodological than political, is that the report's calibrated-uncertainty language can in practice mute the strongest claims. When a serious risk is rated "contested" because a minority of writers disagree, the resulting prose can be read as an endorsement of inaction. Several writers on the 2025 report have said publicly that their preferred wording in places was stronger than what made it into the final text, although they acknowledge this is the cost of a consensus document and have not withdrawn their support for the project [12][20].
The report is now embedded in several governance instruments. The European Commission cited the 2025 full report in the second draft of the General-Purpose AI Code of Practice that accompanies the EU AI Act, particularly in its risk taxonomy. The Code of Practice's systemic-risk chapter borrows the malicious-use, malfunctions, systemic-risks structure almost directly [22][23].
The UK AISI and US AISI both reference the report in their evaluation methodologies. The US AISI's pre-deployment evaluation agreements with OpenAI and Anthropic cite the report's CBRN uplift framing as the basis for some of their threat models [9][24]. The UK AISI's published safety cases methodology pulls from the report's discussion of evaluation reliability and the gap between benchmarks and real-world deployment.
In the United States, the report's risk taxonomy was cited in the Biden-era AI Executive Order follow-up reporting and, after the change of administration, in critical analyses of the Trump-era AI Action Plan by Democratic congressional staff and several research bodies [24][25]. In Canada, the federal government cited the report when expanding the mandate of the Canadian AI Safety Institute. Brazil, Australia, Singapore, and Japan have all referenced specific report chapters in national AI strategy documents [4][14][24].
The report has also seeped into voluntary industry frameworks. Anthropic's Responsible Scaling Policy v3 cross-references the report's CBRN uplift threshold language, and the Frontier Model Forum, the industry body co-founded by Anthropic, Google DeepMind, Microsoft, and OpenAI, used the 2025 report's risk framing in its 2025 issue brief on systemic risk [17][19]. None of these uses are binding, but cumulatively they have made the report's vocabulary the de facto baseline for talking about frontier AI risks across jurisdictions.
Its vocabulary is also visible in technical work. Frontier model documentation now routinely uses the malicious use, malfunctions, systemic risks structure when describing safety evaluations, including in system cards for Claude Opus 4.7, GPT-5, and Gemini 3 family models [17][19][26].
The report's release cadence has tracked the AI Safety Summit cadence with deliberate symmetry:
| Summit | Date | Linked report document |
|---|---|---|
| Bletchley Park (UK) | 1 to 2 November 2023 | Commissioning of the report |
| Seoul (Korea/UK) | 21 to 22 May 2024 | Interim Report (17 May 2024) |
| Paris AI Action Summit (France) | 10 to 11 February 2025 | First Full Report (29 January 2025) |
| Inter-summit | Late 2025 | First Key Update (October 2025); Second Key Update (November 2025) |
| AI Impact Summit (India) | 2026 | Second Full Report (February 2026) |
The pattern of releasing a substantive document about two weeks before each summit is intentional. UK officials in 2024 and French organisers in 2025 both wrote in their summit briefings that they wanted heads of state and ministers to arrive having had time to read a common scientific text, much as G20 leaders arrive at climate summits having had time to read the latest IPCC synthesis. Whether they actually do so is another question; several attendees at the Paris summit said the 300-page 2025 report was condensed into bullet-point briefings before it reached most ministers [12][18].
The report is closely linked institutionally to the international network of AI safety institutes. Many of the technical writers are seconded from or formally affiliated with the UK AISI and US AISI, and the secretariat is hosted by the UK AISI. The Frontier Model Forum, the Frontier Model Forum, and the network of safety institutes form, together with the report, what UK officials sometimes call the "governance triangle" for frontier AI: industry self-regulation through the forum, state evaluation through the institutes, and a shared evidence base through the report [9][17].
Bengio's parallel work feeds the same triangle. LawZero targets the technical agenda set out in the report's chapters on alignment, oversight, and non-agentic systems, and his role at Mila gives the project a research base outside the major US labs. He has used both interim and full reports as platforms for his broader argument that frontier development is moving fast enough that governance has to be planned now rather than after the fact, an argument he repeats in his Future of Life Institute and UN advisory work [11][13][20].
This link between the report and Bengio's other commitments has made the project unusual in another respect. Most government-commissioned scientific reviews end with the publication of the final document. The AI Safety Report is closer to an ongoing institution: there is a continuing chair, a continuing secretariat, a continuing Expert Advisory Panel, and now a continuing release cadence. The find-a-tender notices on UK gov.uk for the 2025/2026 cycle effectively describe an annual production line, contracted to an external delivery partner under UK AISI supervision [8][9]. Whether that production line graduates into a permanent, possibly UN-housed body is one of the open questions for the project after the 2026 AI Impact Summit.
The report is sometimes compared to a small number of other consensus-style scientific documents in adjacent domains:
| Comparable document | Domain | Convener | Mechanism |
|---|---|---|---|
| IPCC Assessment Reports | Climate | Intergovernmental Panel on Climate Change | Periodic, multi-volume, treaty-mandated synthesis |
| IPBES Global Assessments | Biodiversity | UN-mandated panel | Periodic synthesis, similar format to IPCC |
| Stern Review (2006) | Climate economics | UK Treasury | One-off government-commissioned review |
| Royal Society / NAS reports | Variable | National academies | Topic-specific, peer-reviewed reports |
| Bletchley-mandated AI Safety Report | Advanced AI | 30+ governments via UK AISI | Periodic synthesis with Key Updates between full editions |
The AI Safety Report is younger and lighter-weight than any of those, but it is the only document in the AI space that carries multilateral nomination of authors and panel members at this scale.