Within Thresholds
Could Powerful AI Slip Below Compute Thresholds?
Researchers debate whether fine-tuning, model reuse and other techniques could undermine threshold-based regulation.
On this page
- Techniques that reduce training compute
- Known loopholes in threshold frameworks
- Possible responses from regulators
Page outline Jump by section
Introduction
One of the proposals in AI governance aimed at reducing existential risk is to trigger oversight when a system’s training compute — the total computational work used to build it — crosses a specified threshold. Because frontier AI models historically needed vast amounts of compute, regulators such as under the US AI Executive Order and the EU AI Act use these thresholds to decide when developers must report, evaluate, or otherwise face regulatory scrutiny. [AI Security & Safety Directory]aisecurityandsafety.orgAI Security & Safety DirectoryCompute Threshold — AI Governance Definition & Guide | AI Safety DirectoryMarch 27, 2026…
However, an active debate in policy and safety research is whether developers could deliberately or inadvertently build powerful systems that remain below those thresholds. This matters for AI danger concerns: if capability gains can be achieved with less training compute or via techniques that don’t count toward regulatory triggers, then compute‑based oversight could miss precisely the models with the most potential to contribute to loss of control, misuse, or other catastrophic outcomes.
Techniques That Reduce Training Compute Without Sacrificing Capability
A key reason compute‑based oversight may be evaded is that advances in model training and reuse can deliver capability improvements with much less new training compute than training from scratch.
Fine‑tuning and parameter‑efficient training: Researchers have developed methods such as LoRA (Low‑Rank Adaptation) and other parameter‑efficient fine‑tuning that allow a large pre‑trained model to be adapted or extended using a small fraction of the compute required for full pre‑training. [Wikipedia]WikipediaLo RA (machine learningLo RA (machine learning These techniques are widely used in AI development precisely because they cut cost and environmental footprint, but they also mean a powerful base model can be customised or substantially improved for a new task without crossing a high compute threshold.
Model reuse and distillation: Instead of training a new model from scratch, developers can use an existing large model as a starting point — for example through knowledge distillation or kickstarting — where a smaller, student model learns from the outputs of a larger one. Research notes that these methods can significantly reduce training compute while yielding systems with capabilities closely matching larger‑scale training. [AIModels]aimodels.fyiDefending Compute Thresholds Against Legal Loopholes | AI Research Paper DetailsAIModelsDefending Compute Thresholds Against Legal Loopholes | AI Research Paper DetailsFebruary 4, 2025…
Model expansion: Reusing previously trained weights to build a larger or more capable model post‑training lets developers defer or minimise new compute that would count toward a threshold. As reported in policy analysis, such techniques can yield compute savings of 20 – 70 per cent relative to training equivalent performance from scratch, undermining the idea that capability always requires high compute investment. [Moonlight]themoonlight.ioSource details in endnotes.
Inference and deployment‑time scaling: Some research argues that current thresholds focus solely on training compute, but models can scale their effective capabilities through heavy compute use during inference or test‑time training, potentially matching or exceeding what high‑compute trained models can do. [Longterm Wiki]longtermwiki.comLongterm Wiki Compute Thresholds | Longterm WikiLongterm WikiCompute Thresholds | Longterm WikiJanuary 30, 2026… If such deployment‑time computation isn’t counted toward reporting requirements, a system trained below a threshold could still perform at or above the level of systems that would have triggered oversight.
Known Loopholes in Threshold Frameworks
Because compute thresholds are a proxy — not a perfect measure — of risk, several kinds of loopholes have been identified by researchers and policy analysts.
Ambiguity around what counts as “training compute”: Many current regulatory texts and proposals focus on the compute used in initial pre‑training, leaving unclear whether compute used for fine‑tuning or later modification must be reported. In the US Executive Order’s reporting regime, definitions remain ambiguous, potentially allowing developers to split or structure training activities to stay just below trigger levels. [ChatPaper]chatpaper.comChat Paper Defending Compute Thresholds Against Legal LoopholesChatPaperDefending Compute Thresholds Against Legal LoopholesFebruary 4, 2025…
Post‑training enhancements not always counted: If a developer trains a base model below a threshold and then applies extensive fine‑tuning that dramatically expands capabilities, regulators might not catch this unless the rules explicitly aggregate all compute across lifecycle stages. Some frameworks, like parts of the EU AI Act, attempt to count cumulative compute, but enforcement and clarity remain significant policy challenges. [ChatPaper]chatpaper.comChat Paper Defending Compute Thresholds Against Legal LoopholesChatPaperDefending Compute Thresholds Against Legal LoopholesFebruary 4, 2025…
Splitting training across entities: In theory, an organisation could divide a large training job into smaller segments or subcontract portions of work so no individual part exceeds the reportable threshold. While hard to do at frontier scales in practice, such structuring could exploit definitional gaps in rules that don’t address combined or coordinated training runs. [Longterm Wiki]longtermwiki.comLongterm Wiki Compute Thresholds | Longterm WikiLongterm WikiCompute Thresholds | Longterm WikiJanuary 30, 2026…
Downstream modification outside oversight: Developers downstream of the original model creator — such as third parties fine‑tuning or adapting open‑weight models — may introduce new risks without being subject to the original training compute threshold, because many regulations focus on upstream developers only. A risk analysis published in legal scholarship notes that even small modifications can subvert safety mechanisms and increase risk without ever crossing compute‑based thresholds. [cambridge]cambridge.orgCambridge University Press & AssessmentOn Regulating Downstream AI Developers | European Journal of Risk Regulation | Cambridge CoreAugus… University Press & Assessment
Possible Responses from Regulators
Recognising these bypass mechanisms, scholars and policymakers have proposed several adjustments to make compute‑based safeguards more robust.
Aggregate lifecycle compute reporting: Instead of only counting initial training compute, regulations could require developers to sum all significant compute events related to a model — including fine‑tuning, adaptation, and any inference‑time optimisation used for capability growth — into a cumulative metric triggering oversight once it exceeds a threshold.
Threshold sensitivity adjustments: Some analyses suggest introducing fractional compute thresholds for downstream activities — for example, counting fine‑tuning compute at 15 per cent or more of original training compute as part of the regulatory trigger. This aims to close loopholes where substantial capability enhancements happen for little compute. [ChatPaper]chatpaper.comChat Paper Defending Compute Thresholds Against Legal LoopholesChatPaperDefending Compute Thresholds Against Legal LoopholesFebruary 4, 2025…
Multifactor triggers: Rather than relying on compute alone, combining compute thresholds with other signals — such as evaluation results, capability benchmarks, availability of model weights, or access policies — could reduce the incentive to “game” training compute metrics. [AI Security & Safety Directory]aisecurityandsafety.orgAI Security & Safety DirectoryCompute Threshold — AI Governance Definition & Guide | AI Safety DirectoryMarch 27, 2026…
Third‑party monitoring and verification: Because self‑reporting has inherent limitations, frameworks might incorporate independent verification from cloud providers or hardware vendors with visibility into real compute use, though this raises trade‑offs around privacy and commercial sensitivity. [Longterm Wiki]longtermwiki.comLongterm Wiki Compute Thresholds | Longterm WikiLongterm WikiCompute Thresholds | Longterm WikiJanuary 30, 2026…
Implications for AI Doom and Risk Monitoring
The existence of plausible bypass strategies illustrates a central tension in compute‑based governance: measurable signals are attractive for their simplicity, but technological ingenuity can erode their comprehensiveness. For those concerned about existential risk, the key takeaway is that compute thresholds can act as an early screening tool but are unlikely on their own to capture all potentially dangerous trajectories, especially as scaling laws evolve and efficient training methods proliferate.
Addressing this gap is part of a broader governance challenge: ensuring that upstream policy triggers remain aligned with the actual capabilities and risks of advanced systems, rather than the arbitrary artefacts of current training paradigms. Integrating compute thresholds into a wider ecosystem of regulatory and evaluation mechanisms — and updating them as developer practices change — is essential if oversight is to keep pace with innovation rather than be circumvented by it. [AI Security & Safety Directory]aisecurityandsafety.orgAI Security & Safety DirectoryCompute Threshold — AI Governance Definition & Guide | AI Safety DirectoryMarch 27, 2026…
Amazon book picks
Further Reading
Books and field guides related to Could Powerful AI Slip Below Compute Thresholds?. Use these as the next step if you want deeper reading beyond the article.
The Alignment Problem
Explains capability growth, alignment, and governance challenges that underpin compute-threshold debates.
Human Compatible
Discusses controlling advanced AI systems beyond simple technical metrics.
Superintelligence
Provides context for why regulators seek measurable triggers such as compute thresholds.
The Coming Wave
Covers governance challenges created by rapidly advancing AI capabilities.
eBay marketplace picks
Marketplace Samples
Example marketplace items related to this page. Use the search link to explore similar finds on eBay.
Endnotes
-
Source: Wikipedia
Title: Lo RA (machine learning)
Link: https://en.wikipedia.org/wiki/LoRA_%28machine_learning%29 -
Source: aimodels.fyi
Title: Defending Compute Thresholds Against Legal Loopholes | [AI Research]({{ ‘ai-research-loop/’ | relative_url }}) Paper Details
Link: https://www.aimodels.fyi/papers/arxiv/defending-compute-thresholds-against-legal-loopholesSource snippet
AIModelsDefending Compute Thresholds Against Legal Loopholes | AI Research Paper DetailsFebruary 4, 2025...
Published: February 4, 2025
-
Source: chatpaper.com
Title: Chat Paper Defending Compute Thresholds Against Legal Loopholes
Link: https://chatpaper.com/paper/104471Source snippet
ChatPaperDefending Compute Thresholds Against Legal LoopholesFebruary 4, 2025...
Published: February 4, 2025
-
Source: cambridge.org
Link: https://www.cambridge.org/core/journals/european-journal-of-risk-regulation/article/on-regulating-downstream-ai-developers/D04DCD850584103DE7B8B138D42070AESource snippet
Cambridge University Press & AssessmentOn Regulating Downstream AI Developers | European Journal of Risk Regulation | Cambridge CoreAugus...
-
Source: governance.ai
Title: training compute thresholds features and functions in ai regulation
Link: https://www.governance.ai/research-paper/training-compute-thresholds-features-and-functions-in-ai-regulationSource snippet
Training Compute Thresholds: Features and Functions in AI Regulation | GovAIAugust 7, 2024 — TRAINING COMPUTE THRESHOLDS: FEATURES AND FU...
Published: August 7, 2024
-
Source: aisecurityandsafety.org
Link: https://aisecurityandsafety.org/en/glossary/compute-threshold/Source snippet
AI Security & Safety DirectoryCompute Threshold — AI Governance Definition & Guide | AI Safety DirectoryMarch 27, 2026...
Published: March 27, 2026
-
Source: themoonlight.io
Link: https://www.themoonlight.io/en/review/defending-compute-thresholds-against-legal-loopholes -
Source: longtermwiki.com
Title: Longterm Wiki Compute Thresholds | Longterm Wiki
Link: https://www.longtermwiki.com/wiki/thresholdsSource snippet
Longterm WikiCompute Thresholds | Longterm WikiJanuary 30, 2026...
Published: January 30, 2026
Additional References
-
Source: sciencedirect.com
Link: https://www.sciencedirect.com/science/article/pii/S2212473X25001063Source snippet
ScienceDirectApril 1, 2026 — Volume 60, April 2026, 106234 THE REGULATION OF FINE-TUNING: FEDERATED COMPLIANCE FOR MODIFIED GENERAL-PURPO...
Published: April 1, 2026
-
Source: dev.to
Link: https://dev.to/tiamatenity/model-theft-how-attackers-steal-your-fine-tuned-ai-models-through-api-extraction-142eSource snippet
DEV CommunityMarch 8, 2026 — Posted on Mar 8 MODEL THEFT: HOW ATTACKERS STEAL YOUR FINE-TUNED AI MODELS THROUGH API EXTRACTION #ai #secur...
Published: March 8, 2026
-
Source: Tech Policy Press
Title: Why Context, Not Compute, is the Key to AI Governance | Tech Policy.Press
Link: https://www.techpolicy.press/why-context-not-compute-is-the-key-to-ai-governanceSource snippet
Why Context, Not Compute, is the Key to AI Governance | TechPolicy.PressAugust 5, 2025 — THE SHORTCOMINGS OF CHARACTERISTICS-CASED (AKA C...
Published: August 5, 2025
-
Source: hai.stanford.edu
Title: policy brief safety risks customizing foundation models fine tuning
Link: https://hai.stanford.edu/policy/policy-brief-safety-risks-customizing-foundation-models-fine-tuning?queryID=a9b895ba35a7c303d4cf3853542bdcf4Source snippet
Risks from Customizing Foundation Models via Fine-Tuning | Stanford HAIJanuary 8, 2024 — policyPolicy Brief SAFETY RISKS FROM CUSTOMIZING...
Published: January 8, 2024
-
Source: researchgate.net
Link: https://www.researchgate.net/publication/389917094_On_Regulating_Downstream_AI_DevelopersSource snippet
small amounts of fine-tuning to remove safe- guards) • Threshold would be somewhat ar...
-
Source: epoch.ai
Title: the limited benefit of recycling foundation models
Link: https://epoch.ai/publications/the-limited-benefit-of-recycling-foundation-modelsSource snippet
7, 2023 THE LIMITED BENEFIT OF RECYCLING FOUNDATION MODELS While reusing pretrained models often saves training costs on large training r...
-
Source: law-ai.org
Title: The Role of Compute Thresholds for AI Governance
Link: https://law-ai.org/the-role-of-compute-thresholds-for-ai-governance/Source snippet
DOES COMPUTE USAGE OUTSIDE OF TRAINING INFLUENCE PERFORMANCE AND RISK? In light of the relationship between training compute and performa...
-
Source: emergentmind.com
Title: Compute Thresholds in AI and Beyond
Link: https://www.emergentmind.com/topics/compute-thresholdsSource snippet
EMPIRICAL EVIDENCE, POLICY APPLICATIONS, AND ILLUSTRATIVE VALUES Empirically, scaling laws in machine learning indicate that increasing t...
-
Source: themoonlight.io
Link: https://www.themoonlight.io/es/review/defending-compute-thresholds-against-legal-loopholesSource snippet
Con Moonlight, tu compañero IA de investigación, pod...
-
Source: youtube.com
Link: https://www.youtube.com/watch?v=1CB9dgUlNpgSource snippet
Scaling Laws: Can AI Make AI Regulation Cheaper?, with Cullen O'Keefe and Kevin Frazier...
Topic Tree