Governance, safety and regulation
The constraints forming around AI: financial-services regulation, model risk, and the code paths nobody is watching.
Research sweeps
2026-04-13 · deep
AI Dark Code - Organisational Accountability and Control
AI-generated and agent-produced code ("dark code") in enterprise settings June 2025–April 2026: organisational accountability structures, failure and adaptation of established management frameworks, technical and governance controls, observability and discoverability of agent logic, and documented outcomes from early enterprise adoption.
Claude Opus 4.8- financial
- frontier
- academic
- +2
2026-05-19 · deep
AI Regulation and the Regulated Enterprise - Trajectory to 2030
The trajectory of AI regulation across the EU AI Act, the UK's pro-innovation and contextual approach, and the financial-services regulatory regime (FCA, PRA, Bank of England) from January 2023 to May 2026, including the FCA Mills Review, GPAI obligations, model-risk and accountability rules, and what they demand of technology leadership in regulated firms
Gemini 2.5 Pro- frontier
- academic
- vc
Explainers
- Research Explainer · Fokou (2026)
Prompt guardrails can't protect AI agents that act on the world, so Parallax builds a wall between thinking and doing
A new security paradigm structurally prevents AI reasoning systems from executing actions, interposing an independent four-tier validator that blocks 98.9% of adversarial attacks with zero false positives, even when the agent is fully compromised.
- Research Explainer · Okpala (2025)
AI agent crews can build and validate financial models, but they still need human oversight to stay safe
Researchers at Discover Financial Services built two collaborating multi-agent crews, one for modeling and one for model risk management, that autonomously handle the full ML pipeline on credit risk, fraud detection, and card approval datasets, matching or beating top Kaggle solutions while stress-testing their own outputs.
- Research Explainer · Gabison & Xian (2025)
LLM agents act on your behalf, but the law still holds you responsible when they fail
A principal-agent analysis of liability in LLM-based agentic systems reveals that delegation to AI agents creates legal exposure for users, providers, and platforms, with multiagent systems amplifying the problem far beyond what single-agent frameworks can handle.
- Research Explainer · Zhang, Takeuchi, Kawahara et al. (2025)
General-purpose LLM benchmarks miss the mark, because domain-specific enterprise tasks reshuffle the leaderboard
A 27-benchmark evaluation across finance, legal, climate, and cybersecurity shows that the model topping generic tests rarely wins in specialised enterprise tasks, and smaller models routinely outperform larger ones in specific domains.
- Research Explainer · Hou et al. (2025)
MCP plugs AI into the world, but the security rules haven't been written yet
The first systematic security analysis of the Model Context Protocol maps 16 attack scenarios across the full deployment lifecycle, demonstrating that the protocol's design privileges capability over defence at almost every layer.
- Research Explainer · Hong et al. (2025)
Splitting prefill and decode across GPUs is efficient, but half the hardware sits idle
Semi-disaggregated LLM serving reclaims stranded GPU memory on prefill instances by routing short decode requests onto them, cutting end-to-end latency by up to 2.58× without changing model weights or adding hardware.
- Research Explainer · Abou Ali et al. (2026)
Agentic AI has two competing souls, and deciding between them shapes everything downstream
A comprehensive survey of agentic AI systems maps the fault line between symbolic and neural approaches, catalogues deployment across six major domains, and identifies trustworthiness and explainability as the field's most consequential unsolved problems.
- Research Explainer · International AI Safety Report authors (2026)
Frontier AI is improving at speed, but the evidence on real-world risk still lags behind the hype
This report is not a single experiment but a large expert synthesis of what researchers knew before December 2025 about frontier general-purpose AI. Its core message is plain enough: capabilities are climbing fast, misuse is already visible, and the tests people rely on still flatter the systems more than real life does.