IMPLICATOR
President Donald Trump signed a White House executive order Tuesday directing federal agencies to set up a voluntary pre-release cybersecurity review for frontier artificial intelligence models. The directive lets developers give the government access to covered models for up to 30 days before release to other trusted partners, under confidentiality and security terms. It also orders the Treasury Department, the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) to create a cybersecurity clearinghouse within 30 days.
Key Takeaways
- Trump signed a voluntary AI cybersecurity review order for covered frontier models.
- Developers can give agencies access up to 30 days before wider release.
- The order creates a Treasury-led clearinghouse for vulnerability scanning and patch coordination.
- Congress would need to write any mandatory review regime.
AI-generated summary, reviewed by an editor. More on our AI guidelines.
The final text cuts an earlier review window from as much as 90 days to 30 days, according to Reuters and POLITICO. Trump canceled a May 21 signing ceremony after saying he did not want rules that could weaken the U.S. lead over China. The language also says Section 3 does not authorize mandatory licensing, preclearance or permitting for AI releases.
Agencies get two deadlines
CISA must issue binding operational directives within 30 days to prioritize civilian federal network defense and expand AI-enabled defensive tools, according to Section 2 of the order. The document gives the same 30-day clock to national security systems and Defense Department information systems.
A second deadline arrives at 60 days. The Treasury Department, the NSA, CISA, the National Institute of Standards and Technology and White House officials must design a classified benchmark for judging when a system becomes a covered frontier model.
Mythos moved the policy fight
The directive follows alarm over Anthropic's Claude Mythos, which PBS NewsHour and the Associated Press said prompted urgent meetings with Wall Street executives after the system showed strong vulnerability-finding capability. Anthropic has kept Mythos with a limited set of trusted partners, including banks and large technology companies, while U.S. agencies sought access for security testing. The prior dispute over Mythos and the Pentagon raised the same access question.
The White House fact sheet framed the new clearinghouse as a way for AI companies and critical-infrastructure operators to coordinate vulnerability scanning, validation, remediation and patch distribution.
Get the AI policy brief
Track the orders, filings and agency deadlines that decide how frontier AI reaches companies, banks and government systems.
No spam. Unsubscribe anytime.
Industry pressure narrowed the order
David Sacks, Trump's former AI czar, pushed for shorter timing and language barring mandatory licensing, Axios wrote, citing a person familiar with the negotiations. WIRED said White House chief of staff Susie Wiles, Treasury Secretary Scott Bessent and National Cyber Director Sean Cairncross had worked to revive the order after Trump rejected the earlier version.
OpenAI chief global affairs officer Chris Lehane called the policy an important step in a statement to PBS. Juan Londoño, a Cato Institute policy analyst, told PBS that the voluntary structure was a step in the right direction but warned that giving the NSA director broad discretion over covered models could set a dangerous precedent.
Congress would write binding rules
The directive leaves any mandatory AI review regime outside the executive branch's current authority. Roll Call quoted Sen. Josh Hawley saying he would support legislation with Sen. Richard Blumenthal.
The next record should come from the 30-day CISA directives or the Treasury Department's clearinghouse work. The benchmark is classified, so companies may learn first whether the government treats their next release as a covered frontier model.
Frequently Asked Questions
What did Trump sign?
President Donald Trump signed an executive order creating a voluntary federal process for reviewing frontier AI models with advanced cybersecurity capabilities before wider release.
Is the AI review mandatory?
No. The order says it does not create mandatory licensing, preclearance or permitting requirements for AI model releases.
What is the 30-day review window?
Developers can give the federal government access to covered frontier models for up to 30 days before releasing them to other trusted partners.
What is the cybersecurity clearinghouse?
The Treasury-led clearinghouse is meant to coordinate vulnerability scanning, validation, remediation and patch distribution with AI companies and critical-infrastructure operators.
Why does Anthropic Mythos matter?
Reports in the clipping say Mythos showed strong vulnerability-finding capability, prompting federal and Wall Street concern about how frontier systems could affect cyber defense.
AI-generated summary, reviewed by an editor. More on our AI guidelines.
Marcus Schuler
Editor-in-Chief and founder of Implicator.ai. Former ARD correspondent and senior broadcast journalist with 10+ years covering tech. Writes daily briefings on policy and market developments. Based in San Francisco. E-mail: editor@implicator.ai
