Pulse

Regulation / Jun 26, 2026 / 5 min

Commerce Gets a 7-Day Clock on AI Incidents

On June 25, Rep. Nathaniel Moran introduced the AI Incident Reporting Act — requiring frontier labs to notify Commerce within seven days of dangerous model behavior — two weeks after Washington shut down Anthropic's Mythos with no reporting framework at all.

Thesis Congress just proposed the scalpel Washington lacked when Commerce used export controls as a sledgehammer on Anthropic — and the seven-day clock turns voluntary red-teaming into a federal legal obligation frontier labs cannot ignore.

On June 25, Rep. Nathaniel Moran introduced the AI Incident Reporting Act — a Republican-backed bill that would require developers of frontier AI models to report dangerous capabilities and safety failures to the Commerce Department within seven days, with Congress notified within 48 hours on the worst cases. It lands two weeks after Commerce used export controls to kill Anthropic's Mythos 5 and Fable 5 with no transparent incident process at all.

What's new: The Texas lawmaker's bill creates the first standalone federal reporting mandate for high-capability AI — narrower than the sprawling Great American AI Act discussion draft, and explicitly designed to pass faster.

  • Developers of designated "covered models" must file an initial report within seven days of discovering a reportable incident, per Reuters reporting via WHTC.
  • For incidents posing imminent or ongoing serious harm, Commerce must notify congressional leadership and relevant committee chairs within 48 hours of receiving the report, per CIO.
  • Violations carry civil penalties up to $2 million — with each day of a continuing violation treated as a separate offense.
  • Commerce would set capability thresholds defining which models qualify, after consulting developers, researchers, cybersecurity experts, and national security officials.

Why it matters: Washington just proved it will shut down frontier models by emergency directive. This bill asks what happens before the kill switch — and whether labs owe the government a phone call when the model misbehaves.

What counts as reportable: The bill casts a wide net over the failures frontier labs already fear privately.

  • Attempts to evade human oversight, deceive operators, circumvent safeguards, or resist shutdown
  • Unauthorized access to model weights or systems
  • Capabilities that could enable offensive cyber operations against critical infrastructure
  • Risks involving chemical, biological, radiological, nuclear, or explosive weapons
  • Autonomous development of more capable AI systems

What Moran said: In a Reuters interview, Moran called it "a catch-it-early and sound-the-alarm bill."

  • His press statement: "The rule of law should apply to this new frontier. This legislation ensures that when something goes wrong with a high-capability AI system, the US Government has the information needed to act quickly."
  • Moran told Reuters his targeted approach "could find a quicker path to law" than broader AI packages stalled in Congress.

The Anthropic gap this bill fills: On June 12, Commerce ordered Anthropic to disable Fable 5 and Mythos 5 worldwide over a disputed jailbreak — with no prior incident-reporting channel, no public threshold, and no appeal process before the models went dark.

  • Reuters noted the directive "exposed the absence of a transparent framework to govern frontier AI."
  • Greyhound Research chief analyst Sanchit Vir Gogia told CIO: "Export control was the sledgehammer. This proposal is the search for a scalpel."
  • Gogia's harder point: "Thresholds decide which models enter the regime. Discovery decides whether the regime ever sees the fire."

The politics: Congress has spent years failing to pass AI legislation. Moran is betting a narrow reporting mandate can break the logjam.

  • Reps. Lori Trahan (D) and Jay Obernolte (R) released a broader Great American AI Act discussion draft earlier in June — it also routes critical safety incidents to Commerce.
  • Moran is peeling off the reporting piece into standalone legislation he thinks can draw bipartisan support quickly.
  • Mark Beall, president of the AI Policy Network, told Reuters: "No legislation on AI has had much of a chance, but I think there's a growing demand from the public to see some action."

What labs already do — and what changes: Frontier developers run red-teaming, evals, and escalation drills. None of that currently carries a federal disclosure clock.

  • Commerce's Center for AI Standards and Innovation already signs pre-deployment evaluation agreements with leading labs.
  • This bill would make silence after a dangerous incident a legal liability, not a PR decision.
  • Reports would be exempt from public disclosure and would not waive trade-secret or attorney-client protections.

What to watch:

  • Whether Moran's standalone strategy beats the broader Great American AI Act to a floor vote.
  • How Commerce defines "covered model" thresholds — and whether they align with the voluntary pre-release review program from Executive Order 14409.
  • Whether the bill gives Washington enough visibility to avoid another Mythos-style emergency shutdown — or just documents the fire after the building burns.

Convina's view: Washington cannot keep governing frontier AI through export-control ambushes. Moran's bill is the first serious attempt to build a reporting lane before the kill switch — and labs should want it to pass, even as they lobby against the details. A seven-day clock is cheaper than a global shutdown. But Congress still has to answer Gogia's question: when does the clock start? If discovery triggers are vague, labs will wait for certainty and Washington will keep reaching for the sledgehammer. The scalpel only works if someone defines what counts as bleeding.

Research Signals

https://whtc.com/2026/06/25/us-lawmaker-introduces-bill-to-require-ai-companies-to-report-critical-incidents/ https://www.cio.com/article/4189918/proposed-us-law-would-make-ai-risk-reporting-a-legal-obligation-2.html https://www.pymnts.com/cpi-posts/house-republican-introduces-bill-requiring-ai-firms-to-report-serious-safety-incidents/ https://www.quiverquant.com/news/Press+Release%3A+Rep.+Nathaniel+Moran+Introduces+AI+Incident+Reporting+Act https://www.whitehouse.gov/presidential-actions/2026/06/promoting-advanced-artificial-intelligence-innovation-and-security/