OpenAI has published a new Frontier Governance Framework, a public document explaining how the company says its safety and security practices line up with emerging AI rules in California and the European Union.
The framework, published on May 28, 2026, is meant to connect OpenAI’s internal frontier-model risk practices with legal requirements such as California’s Transparency in Frontier AI Act and the EU AI Act’s Code of Practice for General Purpose AI.
For readers following the AI race, the important shift is not just model capability. Frontier labs are now competing on governance, reporting, incident response, external review, and how clearly they can explain their risk controls before regulators force the issue.
Why it matters
OpenAI says the framework covers risk assessment and mitigation for areas including cyber offense, CBRN risks, harmful manipulation, and loss of control. It also touches model reporting, security risk management, incident response, outside expert input, and future framework updates.
The timing matters because frontier AI companies are moving into a period where shipping a stronger model is only one part of the story. Enterprises, governments, and developers increasingly need evidence that advanced systems are being evaluated, monitored, and governed in ways that match fast-changing regulation.
Source: OpenAI Frontier Governance Framework.
