Introducing Model Radar: Weekly Compliance Status for Frontier AI Models
What happened
AI Governance Institute has launched Model Radar, a weekly-updated compliance status tracker for frontier AI models. The tracker covers 10 models across three status tiers: Restricted (active government suspension or export control), Use with Caution (active compliance flags without a legal prohibition), and Cleared (no active flags, generally available with published safety documentation). Status is reviewed every Wednesday and updated when material compliance events occur. The initial release tracks GPT-4o, Claude 3.7 Sonnet, Gemini 2.5 Pro, Llama 4, and Mistral Large 2 as Cleared; DeepSeek V3, Qwen3, GPT-5.6, and Claude Mythos 5 as Use with Caution; and Claude Fable 5 as Restricted. Each model page includes enterprise guidance, data handling facts, vendor compliance certifications, key use restrictions, safety documentation status, and cross-links to relevant governance controls and playbook guides.
Why it matters
- ·The June 2026 export control action against Claude Fable 5 and the restricted-access architecture of Claude Mythos 5 exposed a gap in most enterprise AI governance programs: no systematic process for tracking the compliance status of the models their teams use. Procurement frameworks assess vendors at point-of-purchase, but the regulatory and operational environment around a specific model can change materially after procurement, sometimes within days. An export control suspension, a government-mandated access restriction, or a government disclosure about vendor relationships does not trigger an automatic re-assessment in most programs. It should.
- ·Data residency and vendor jurisdiction are active compliance risks, not theoretical ones. DeepSeek V3 and Qwen3 are both high-capability models with permissive open-weight licenses, but their API offerings route data through China-based infrastructure subject to the National Intelligence Law. That does not disqualify them from enterprise use, but it does require a specific deployment posture (self-hosted open weights) rather than the default API access. Without a tracker that surfaces this distinction clearly, procurement teams frequently evaluate these models on capability benchmarks alone and default to the easiest access path.
- ·Model Radar is designed to be a standing resource for the AI procurement workflow, not a one-time reference. The published status rubric is explicit: Red status requires a legal basis (government suspension, export control, sanctions); Yellow requires active compliance flags without a legal prohibition; Green requires no active flags, general availability, and published safety documentation. The criteria are public and fixed so that organizations can reference them in procurement policy documentation and audit responses.
Governance controls affected
What to do now
- ☐Review Model Radar now for any model your organization currently uses or is evaluating. If a model in your production environment carries a Restricted or Use with Caution status, initiate a formal re-assessment under your procurement framework and document the outcome. A status of Restricted means continuing access creates regulatory and legal risk; Use with Caution means you need a documented rationale for why the specific deployment posture you are using mitigates the identified flags.
- ☐For organizations using DeepSeek V3 or Qwen3 via API: verify immediately whether your deployment routes data through those vendors' China-based infrastructure. If it does, assess whether that routing conflicts with your GDPR, CCPA, sector-specific, or contractual data residency obligations. Self-hosted open-weight deployment eliminates the data residency risk; the DGC-005 cross-border data transfer control provides a framework for documenting that assessment.
- ☐If Claude Fable 5 was in production at any point after the June 12 export control directive, document the suspension date as an AI governance incident, record which workflows were affected and which contingency model replaced it, and confirm that access has been fully decommissioned. This documentation will be relevant to internal audit, regulatory inquiry, or insurance review if the export control action is referenced in future compliance assessments.
- ☐Add a Model Radar review step to your AI procurement and intake process. Before approving a new model for production use, confirm current status on Model Radar and document it in the intake record. For models carrying any active compliance flags, require a written rationale for why the deployment posture chosen mitigates the specific flags identified. This creates a defensible audit trail without requiring a full vendor risk assessment for every model update.
What to watch next
Model status changes in the coming weeks, particularly any resolution of the GPT-5.6 government review or the Fable 5 export control directive. Any formal codification of the implied regulatory standard from the Fable 5 action would be significant: if the government publishes explicit capability thresholds that trigger export control review for AI models, the scope of what requires monitoring expands beyond the current set of frontier models. Also watch whether other major vendors adopt dual-track access architectures similar to the Fable/Mythos split, which would require compliance teams to distinguish between model versions from the same vendor rather than treating a vendor relationship as a single procurement decision.