Risk-Based Regulation
Risk-based regulation scales the intensity of oversight to the potential impact of an AI system: low-risk applications face minimal requirements, while high-impact systems face rigorous transparency, documentation, and human-oversight obligations. The principle nearly all the founding sources share — even where they disagree on the instrument (see synthesis).
In the sources
- israel-ai-regulation-overview — explicitly risk-based: high-risk uses named as credit scoring, medical diagnosis, autonomous vehicles; finance gets “graded explainability” proportional to decision impact.
- eu-ai-act — the most formal instance: risk tiers (unacceptable / high / limited / minimal) with obligations attached to each.
- nist-ai-rmf — organizes voluntary risk management (map → measure → manage → govern).
Why it matters
Risk-tiering is the shared substrate beneath the horizontal-vs-sectoral fork: the EU and Israel disagree on whether the rules should be one binding law or sector-by-sector soft law, but both agree oversight should track risk. The open question is who defines the tiers and thresholds.
Related
ai-governance · eu-ai-act · nist-ai-rmf · israel-ai-regulation-overview · responsible-innovation
Linked from
- index
- log
- synthesis
- ai-governance
- anthropic-export-ban-2026
- china-ai-regulation
- eu-ai-act
- export-controls-on-ai
- framework-convention-on-ai
- israel-ai-regulation-overview
- israel-ai-strategy-2026
- nemko-ai-governance-services
- lofrayer-bar-association
- nist-ai-rmf
- oecd-ai-principles
- responsible-innovation
- professional-licensing-and-ai
- uk-ai-regulation
- us-ai-policy