India AI Impact Summit 2026

who-watches-the-watchers-exploring-independent-verification-in-ai-governance

8 min read

TRACK:Safe and Trusted AI
SPEAKERS
  • Dean Ball, Foundation for American Innovation; Fathom
  • Gregory C. Allen, CSIS Wadhwani Center, Center for Strategic and International Studies
  • Shana Mansbach, Fathom
SESSION OVERVIEW

This session explores how independent assurance, operationalised through a marketplace of independent verification organisations, can support greater trust and adoption in artificial intelligence systems. The discussion will bring together AI policymakers and experts to examine mechanisms for realigning developer and deployer incentives with the public interest across different country contexts.

VIDEO RECORDING

Who Watches the Watchers? Exploring Independent Verification in AI Governance

Abstract

The panel opened with a high‑level overview of the International AI Safety Report (often likened to an “IPCC for AI”), highlighting that technical safeguards are improving while real‑world risks are already materialising. Hiroki Hibuka contrasted the regulatory philosophies of the EU, Japan, the United States and other jurisdictions, emphasizing the coexistence of hard‑law and soft‑law instruments and the challenges of sector‑specific versus holistic regulation. Shana Mansbach introduced the concept of a government‑authorized marketplace of independent verification organisations (IVOs) as an outcomes‑based mechanism to close the “trust gap” among developers, deployers, regulators and the public. The discussion then turned to liability, insurance, market incentives, and the practical difficulties of auditing fast‑evolving AI systems, before concluding with calls for adaptable standards, better evaluation tools, and broader stakeholder participation.

Detailed Summary

  • Moderator (Greg) welcomed the audience and introduced the three main panelists: Stephen Clare (report co‑lead), Hiroki Hibuka (Japan policy expert), and Shana Mansbach (Fathom).
  • He lauded the International AI Safety Report as the “foundation” for any current AI‑governance conversation, likening it to an “IPCC‑style” evidence base backed by >30 countries and intergovernmental bodies.

2. The International AI Safety Report – State of Play (5:30‑18:00)

2.1 Purpose & Scope

  • Stephen explained that the report was launched after the 2023 Bletchley safety summit to provide a shared evidence base for policymakers confronting fast‑moving, “noisy” AI developments.
  • It aggregates contributions from >30 experts, with hundreds of reviewers, to answer “what do we know, what don’t we know” about general‑purpose AI systems.

2.2 Key Findings (2026)

  • Risks are now concrete. Deep‑fake proliferation, AI‑assisted cyber‑attacks, and measurable impacts on productivity, labour markets, science and software engineering are evident at scale (≈1 billion users worldwide).
  • Technical safeguards have improved:
    • Modern models are far harder to jailbreak. Early tricks (e.g., “grandmother‑Molotov‑cocktail” prompts, translation‑evasion) no longer work.
    • The UK Security Institute’s benchmark shows that cracking a fresh model now takes 7–10 hours rather than minutes.
  • Industry adoption of safety frameworks: 12 leading AI developers now publish “Frontier Safety Frameworks” outlining risk‑management practices, indicating growing transparency.

2.3 Caveats & Remaining Gaps

  • Technical vulnerabilities persist – sophisticated actors can still find edge‑case jailbreaks.
  • Implementation inconsistency: While many firms have frameworks, the depth, scope, and enforcement vary widely, especially beyond “frontier” models.
  • Governance challenge: Translating technical safeguards into enforceable, industry‑wide compliance remains an open problem.

3. Global Regulatory Landscape (18:00‑35:00)

3.1 Comparative Overview (Hiroki Hibuka)

  • EU AI Act (hard law) vs. Japan/UK/US (often described as “soft‑law” approaches). Hiroki argued this dichotomy is misleading: all jurisdictions already apply existing statutes (privacy, copyright, sector‑specific regulations) to AI.
  • Hard vs. soft law: Every country uses a mix; the key question is how existing laws are updated and whether AI‑specific rules are needed.

3.2 Strategic Differences

JurisdictionRegulatory StyleKey Feature
EUHolistic, risk‑based classification of AI systemsStrong emphasis on conformity assessments and technical standards.
JapanSector‑specific, “exempt‑approach”Low historical loss rates; firms obey pre‑set rules but lag in self‑governance explanations.
USHigh‑level, principle‑based “exposed” approachRelies on post‑incident litigation; courts determine liability after harms occur.
  • Hiroki noted that Japanese stakeholders are now recognising the need for agile, multi‑stakeholder soft‑law mechanisms to complement existing hard rules.

3.3 Shared Challenges

  • Black‑box nature of AI and unbounded risk scenarios make it hard to map traditional values (privacy, fairness, transparency) onto concrete standards.
  • Benchmark scarcity: No universally accepted metrics for safety, interpretability, or fairness yet exist.

4. The Trust Gap & Independent Verification (35:00‑55:00)

4.1 Why Trust Matters (Shana Mansbach)

  • Four stakeholder groups face a trust deficit: public, deployers (e.g., hospitals, banks), regulators, and developers.
  • Existing command‑and‑control governance (rules‑checklists) suffers from two main problems:
    1. Speed: AI evolves faster than legislation can keep pace.
    2. Technical capacity: Specialized expertise resides almost exclusively in frontier labs, creating a “self‑regulation” conflict of interest.

4.2 Marketplace of Independent Verification Organisations (IVOs)

  • Concept: A government‑authorised, outcome‑based marketplace where vetted third‑party verifiers test AI systems against publicly defined safety outcomes (e.g., child‑safety, data‑privacy, controllability).
  • Advantages:
    1. Independence – labs don’t grade their own work.
    2. Democratic accountability – elected bodies set outcomes; verifiers implement them.
    3. Flexibility – verifiers continuously update tests to keep pace with model evolution.
    4. Race‑to‑the‑top – market competition drives better testing tools.

4.3 Analogs & Limitations

  • Shana cited Underwriters Laboratories (UL), LEED certification, and insurance underwriting as partial analogues but stressed that AI’s rapid iteration demands a novel, more dynamic system.

5. Liability, Insurance & Market Incentives (55:00‑1:12:00)

5.1 Liability Landscape (Greg & Stephen)

  • In the U.S. tort system, liability is decided after the harm; courts assess whether a “standard of care” was met, a determination that is technically opaque for non‑experts.
  • An IVO seal could create a rebuttal presumption of heightened care, simplifying litigation and providing clearer pre‑emptive guidance.

5.2 Insurance as a “Carrot”

  • Current insurers largely exclude AI‑related risks due to uncertainty.
  • A verified product could unlock insurance coverage or lower premiums, similar to how AS 9100 certification enables aerospace insurers to underwrite launches.

5.3 Market Advantage

  • End‑users (schools, hospitals, banks) are likely to prefer verified AI solutions, mirroring consumer preference for UL‑certified appliances.

5.4 Public Procurement

  • Government adoption of IVO‑verified models would create a strong demand signal, encouraging developers to seek verification.

6. Auditing Practicalities & Evaluation Gaps (1:12:00‑1:30:00)

6.1 Cost & Scale Issues

  • A flat‑fee audit would be prohibitive for small‑scale products (e.g., a classroom chatbot).
  • The marketplace model allows right‑sizing of verification to risk level and product size.

6.2 Incentive Misalignments

  • Incumbents may resist audits that raise barriers to entry.
  • Companies may be willfully blind, avoiding audits to escape potential adverse findings that could be used in litigation.

6.3 Technical Evaluation Gaps

  • Existing benchmarks are narrow (e.g., static question‑sets on biosecurity) and often outdated.
  • Stochastic model outputs complicate safety assessments – the same prompt can yield divergent answers, some of which may be harmful.
  • Evaluations often ignore downstream use (how a user acts on model output).

6.4 Path Forward

  • Incentivise continual development of evaluation suites through competitive IVO markets.
  • Encourage lab‑to‑auditor knowledge transfer (e.g., safety staff spinning out to form independent firms).
  • Promote standardised data‑sharing agreements (e.g., safety‑framework disclosures required by the EU AI Act) to reduce information asymmetry.

7. Cross‑Industry Lessons (1:30:00‑1:38:00)

  • Hiroki referenced automotive safety ratings (NHTSA/NHTSA‑style star system) as an analogy: an authoritative body sets minimal safety thresholds; consumers use the rating for purchasing decisions.
  • Similar frameworks exist in aerospace (AS 9100), finance (Basel accords), and healthcare device certification – each blends mandatory standards with market incentives.

8. Q&A Highlights (1:38:00‑1:55:00)

QuestionRespondent(s)Core Points
How can we translate consensus on risks into concrete procedural standards?StephenNeed layered, “defence‑in‑depth” policies; no single actor bears full responsibility.
What concrete incentives could drive firms to seek verification?Shana & GregLiability clarity, insurance eligibility, market advantage, public procurement mandates.
Will independent auditors retain expertise as AI evolves?Stephen & HirokiTrend toward knowledge sharing, institutionalised safety frameworks, and external audits by former lab staff.
How do we address the “evaluation gap” given rapid capability growth?Stephen, ShanaDevelop dynamic, multi‑modal evaluation pipelines; use IVO competition to keep tools up‑to‑date.
Is there a risk that verification becomes a “checkbox” exercise?GregEmphasised the need for outcome‑based rather than process‑based certification; ongoing monitoring is essential.

9. Closing Remarks (1:55:00‑2:00:00)

  • Moderator thanked the panelists and noted upcoming logistical announcements (session transition).
  • The final minutes of the transcript become fragmented and unintelligible, suggesting a standard conference wrap‑up rather than substantive content.

Key Takeaways

  • The International AI Safety Report now serves as a de‑facto “IPCC for AI,” confirming that technical safeguards are improving while real‑world harms are already observable.
  • Regulatory approaches differ (EU holistic, Japan sector‑specific, US principle‑based), but every jurisdiction mixes hard and soft law; the central policy question is how to update existing statutes for AI.
  • A persistent “trust gap” exists across the public, deployers, regulators, and developers; traditional command‑and‑control rules cannot keep pace with AI’s speed.
  • Independent Verification Organisations (IVOs)—a government‑authorised marketplace of outcome‑based auditors—are proposed to supply transparent, up‑to‑date safety assessments.
  • Liability and insurance are powerful levers: an IVO seal could create a rebuttal presumption of care and unlock affordable coverage, incentivising compliance.
  • Market forces (procurement policies, consumer preference for verified products) can further drive adoption of verification.
  • Audit costs must be risk‑scaled; a one‑size‑fits‑all fee would stifle innovation for smaller AI products.
  • Current evaluation tools are narrow and lagging; a competitive IVO ecosystem is needed to continuously develop richer, more representative safety benchmarks.
  • Cross‑industry analogues (automotive safety ratings, aerospace AS 9100, UL certification) illustrate how outcome‑focused, third‑party certification can shape market behaviour.
  • Transparency & data sharing—mandated by evolving regulations like the EU AI Act—are essential to reduce information asymmetry between frontier labs and external auditors.

Prepared from the verbatim transcript of the conference panel, with clarification of transcript errors and attribution of statements to the identified speakers.

Graph View

Backlinks