OpenAI Publishes Frontier Governance Framework and Sets Systemic Risk Threshold at $1 Billion

OpenAI published the Frontier Governance Framework on Thursday, a formal document that maps its safety controls and risk assessment for two specific legal requirements: the Code of Practice for General Purpose AI (GPAI) from the EU, derived from the EU AI Act, and the Transparency in Frontier AI Act (TFAIA) of California. The document defines systemic risk as any scenario in which a model contributes to more than 50 deaths or $1 billion in material damages from a single incident, establishing the company's first public scale of risk thresholds for its frontier models.

Four Risk Domains, with Operational Thresholds

The framework organises the potential threats from OpenAI's models into four domains: cyber offensive, CBRN risks (chemical, biological, radiological, and nuclear), harmful manipulation, and loss of control. Within each domain, there are three levels of risk (tiers) with functional definitions. In the CBRN domain, a Level 3 model is one capable of enabling a specialist to develop a biological threat vector comparable to a Class A agent of the US CDC, or to autonomously complete the synthesis cycle of a regulated biological threat. The line between the tiers defines what a model demonstrates in controlled assessments, not what it could hypothetically do.

Why Now, and What Each Framework Requires

The timing has a direct regulatory rationale. The EU's GPAI Code of Practice, derived from the EU AI Act, requires developers of models trained with compute above 10^25 FLOPs to publish systemic risk documentation and undergo third-party audits. OpenAI's GPT-4, GPT-4o, and GPT-5 models exceed this computational threshold. The TFAIA in California, in effect since January 1, 2026, covers developers of models trained with more than 10^26 FLOPs and companies in the sector with annual revenues exceeding $500 million; OpenAI meets both criteria.

OpenAI aligns its infrastructure controls with ISO 27001, 27017, 27018, and 27701 standards, as well as SOC 2 Type II assessments. The framework documents an AI Incident Response Plan (AIRP), with procedures for screening, investigation, and external notification for serious incidents, and an independent access process for external evaluators before the launch of models approaching a new risk tier.

What Changes for the CIO or CISO Implementing OpenAI Models

For organisations operating GPT-4o or GPT-5 in process automation or customer service, the framework establishes three indirect practical obligations. Service level agreements and internal risk assessments need to refer to OpenAI's AIRP as part of the incident response chain. AI vendor audits required by NIS2 in Europe must verify compliance with the documented thresholds. Any incident in which a model contributes to damage exceeding the defined thresholds triggers notification obligations to national regulatory authorities.

Three Jurisdictions, Three Readings

In the European Union, the full compliance deadline with the EU AI Act is set for August 2026. For companies like SAP, Deutsche Telekom, and Siemens that integrate OpenAI APIs into industrial and management products, the Frontier Governance Framework becomes a mandatory reference document in their own assessments of compliance with the EU AI Act. The European Commission requires frontier AI developers to present this type of documentation to the AI Office by the August deadline.

In the United States, California's TFAIA requires OpenAI to conduct risk assessments before the launch of frontier models and notify the State Technology Department in the event of a serious incident. The framework documents the mechanisms by which this obligation is fulfilled, thus reducing the company's regulatory risk in a state where most major AI laboratories are headquartered.

In Brazil, where PL 2338/2023 (the AI bill) is currently under consideration in the Senate, influenced directly by the European model of systemic risk assessment, organisations in the financial and health sectors that are already operating GPT models in production need to verify whether the obligations described in OpenAI's framework align with what Brazilian law will require. The Central Bank and the ANPD have been observing the EU AI Act as an active reference for sectorial guidance on AI governance.

Google, Anthropic, and Meta have yet to publish formal equivalents linked to the GPAI Code of Practice. Should they do so, the $1 billion threshold that OpenAI has set as the definition of systemic risk may become the de facto industry reference, with direct implications on how European and Californian regulators will calibrate their own responsibility scales.