The Institutions Binding AI Aren't AI Institutions
The variable that determines whether AI regulation acquires binding force on adult-facing AI is the regulatory vehicle's pre-existing jurisdictional authority — not the protection domain, not the "AI" label, and not sector expertise.
The institutions imposing binding rules on AI are not AI regulators. They are banking supervisors, competition authorities, energy regulators, vehicle safety bodies, and courts — each applying law they already enforce to AI as a new use case. Every instrument built specifically for AI governance, by contrast, remains advisory, voluntary, delayed, or diluted before it reaches adult-facing applications. The cleanest illustration comes from two financial bodies examining the same problem. The Financial Stability Board, a global standard-setter with deep expertise in finance and AI but no direct national regulatory jurisdiction over banks, issued a report proposing non-binding "sound practices" for agentic AI in finance [1]. The Reserve Bank of India, with the same sector focus but actual authority over Indian banks, proposed draft guidelines requiring a mandatory AI kill switch, board-approved model risk policies, model inventories, and customer notification when interacting with AI [2]. Same sector. Different institutional power. Different binding force.
The evidence points to pre-existing enforcement power, not AI expertise or sector knowledge, as the determining variable. The FSB and RBI differ in several ways — global vs. national, standard-setter vs. supervisor — but the sharpest difference is jurisdictional authority, and it tracks the difference between advisory guidelines and mandatory requirements. [1][2]
This is not an isolated contrast. Across six domains where institutions regulate AI as a use case, pre-existing enforcement power is producing binding requirements:
<strong>Banking (India):</strong> RBI's draft guidelines mandate kill switches, board-approved risk policies, and human oversight for AI/ML models in banks [2]
<strong>Banking (US):</strong> Fed and OCC require banks to map AI usage in credit underwriting, sanctions screening, and KYC through routine examination authority [3]
<strong>Competition (UK):</strong> CMA imposed legally enforceable conduct requirements on Google's AI Overviews — publisher opt-out tools, attribution rules, anti-retaliation provisions [4]
<strong>Competition (EU):</strong> European Commission ordered Meta to restore free WhatsApp API access for AI rivals within five days, backed by potential fines of 10% of global turnover [5]
<strong>Energy (US):</strong> FERC issued show-cause orders to six grid operators requiring tariff reforms for AI-driven load growth; data centers must pay full grid-upgrade costs [6]
<strong>Transport (EU):</strong> Sweden's transport authority recommended withholding EU-wide approval for Tesla's FSD, citing risks to the legal framework and expected safety benefits of vehicle automation [7]
<strong>Labor (China):</strong> A Hangzhou court ruled AI-driven dismissal illegal — companies cannot unilaterally reduce wages and cancel contracts in the name of technological change [8]
<strong>Defamation (Germany):</strong> A Munich court held Google liable for false claims in AI Overviews, ruling the summaries are "self-contained statements" not protected speech [9]
A seventh domain — land use — shows the pattern at the infrastructure level. Seattle's city council passed a unanimous moratorium on new data center construction on June 9, using zoning authority to block AI infrastructure [10]. This is binding, but it regulates where AI's physical footprint can grow, not how AI is deployed or what it produces. Now compare what AI-specific governance instruments have achieved for adult-facing applications. The EU AI Act — the world's most prominent AI legislation — delays its high-risk provisions to December 2027 for stand-alone systems and August 2028 for embedded tools. The only prohibition advancing now targets AI-generated intimate images, a protection measure for "women and girls" rather than a general commercial rule [11]. The European Commission's AI Office, which will "eventually" hold enforcement powers, has not yet exercised them. Trump's June 2 executive order established a voluntary system for AI model review — companies can submit frontier models for up to 30 days of federal evaluation before public release, with no obligation to do so [12]. The administration's Center for AI Standards and Innovation runs a "voluntary testing program" where Microsoft, Google DeepMind, and xAI "agreed to provide early access" [13]. Colorado enacted an AI anti-discrimination law in 2024 with mandatory impact assessments and risk management programs — then repealed it before it could take effect, replacing it with transparency-only requirements and a 60-day right to cure [14]. Connecticut's CART Act requires written notices for automated employment decisions, but as the bill's sponsor put it, the protections "just require that if you're using it... you have to let people know" [15]. The pattern holds across jurisdictions: AI-specific instruments for adults produce notification, transparency, or voluntary commitments. Pre-existing institutions produce mandates, injunctions, fines, and approval denials. Anthropic CEO Dario Amodei confirmed the gap from inside the industry. He proposed creating an AI-specific body modeled after the FAA, requiring "mandatory third-party technical testing and auditing" with the power to "block or reverse the release" of models failing safety standards [16]. His proposal is more aggressive than anything any government has enacted for AI-specific governance. The FAA analogy is the tell: Amodei is asking for an AI-specific body to be given the binding authority that sector-specific regulators already exercise over their domains. He is asking for what does not exist.
Frontier AI models, like airplanes, should be required to go through technical testing and auditing, and their release should be blocked or reversed as a threat to public safety if they do not meet high standards of safety. — Dario Amodei
The mechanism is straightforward. A banking supervisor can require AI usage mapping during an examination because it already examines banks [3]. A competition authority can order Meta to open WhatsApp to rivals because it already enforces antitrust law [5]. A court can hold Google liable for AI-generated defamation because it already adjudicates tort claims [9]. Each institution applies an existing legal framework to AI as a new use case within its jurisdiction. AI-specific governance bodies, by contrast, must build both substantive rules and enforcement machinery from nothing. In the interim, they produce advisory guidelines, voluntary frameworks, and notification requirements. Binding AI regulation, where it exists today, runs through institutions that did not need to ask anyone's permission to regulate AI. They already had the authority. They used it. The question for AI-specific governance is whether it can acquire that authority before it is needed — or whether the institutions that act first are always the ones that already could.
- 1. Financial Stability Board Urges Safeguards for Agentic AI
- 2. Reserve Bank of India Proposes AI Kill Switch Rules
- 3. U.S. Regulators Intensify Scrutiny of AI in Finance and Tech
- 4. UK Regulator Forces Google to Allow AI Content Opt-Outs
- 5. European Commission Orders Meta to Grant AI Rivals Free WhatsApp Access
- 6. FERC Orders Six Grid Operators to Reform Large Load Access
- 7. European Regulators Clash Over Tesla Full Self-Driving Approval
- 8. China Court Rules AI Job Replacement Does Not Justify Termination
- 9. Google to Appeal Munich Court Ruling on AI Liability
- 10. Amazon Engineers File Civil Rights Complaint Over AI Testimony
- 11. EU Lawmakers Reach Deal to Ban AI Nudification Tools
- 12. Trump Orders AI Reviews After Anthropic Model Penetrates Classified Systems
- 13. Trump Administration Shifts Toward Federal AI Model Safety Reviews
- 14. Colorado Governor Signs Law Replacing AI Anti-Discrimination Framework
- 15. Connecticut Enacts Comprehensive AI Responsibility and Transparency Act
- 16. Anthropic CEO Urges Binding Regulations to Block Dangerous AI Models