Trump's executive order makes testing voluntary, open models decensored in minutes, and a surprise $500M AI bill

This week, Trump signed a watered-down executive order setting up a voluntary 30-day government review of frontier models, the Financial Times showed how trivially open-weight models can have their safeguards stripped, Deloitte's latest enterprise report put hard numbers on the governance gap, and a corporate cautionary tail of a half-billion-dollar monthly AI bill.

Trump signs watered-down executive order on frontier model review

On June 2nd, Trump signed an executive order establishing a voluntary framework for frontier AI labs to share covered models with the government for a 30-day security review before release. Most importantly, the executive order explicitly rules out any mandatory licensing or registration.

This is a significant softening from the idea of a mandatory framework floated earlier. The administration also lowered the 90-day review period to 30 days in the final hours signing, saying the longer timeframe would get in the way of the AI race with China.

The idea behind this EO was largely prompted by Anthropic’s Mythos model, which has already found 10,000+ cybersecurity vulnerabilities in ‘systemically important software.’ Anthropic handed the model over to the US government of its own accord, before any framework for doing so was discussed.

Business Risk Perspective: The word doing all the work in this EO is “voluntary.” It’s indicative of the Trump administration’s lax approach to AI regulation that even after a model with such dangerous cybercapabilities as Mythos was created, they still decided against a mandatory testing regime that would serve as a final safety check before models are released that could put every organization at risk.

That being said, Anthropic, OpenAI, Microsoft, xAI, and Google DeepMind had all signed voluntary testing agreements before this EO was even drafted.

A company faced a surprise $500M monthly AI bill

An AI consultant told Axios that one of their clients accidently spent nearly $500 million in a single month after failing to set usage limits on employees' AI licenses. This extreme example is part of a wider story about AI stickershock: Microsoft canceled most of its Claude Code licenses partly over cost, and Uber's COO said AI costs are getting harder to justify.

It’s common for employees in many corporations to have AI subscriptions without any clear guidelines on how to use them— one CTO discovered employees burning tokens to check the weather.

Business Risk Perspective: The $500M figure is a simple of governance failure, which is surprisingly common. Many organizations simply have no oversight of employee AI use, and some are even encouraging employees to use as much AI as possible for efficiency gains. With that, sticker shock is starting to kick in. The move away from "tokenmaxxing" is likely a healthy correction.

Deloitte report finds governance lagging far behind agentic deployment

Deloitte's new 2026 report, The State of AI in the Enterprise, found, as other reports have shown, that AI oversight is falling far behind the pace of AI adoption. As of the report, 74% of companies plan to deploy agentic AI within two years, but only 21% report a mature model for governing autonomous agents, a 53-point gap.

Business Risk Perspective: The report rightly frames governance as a precondition for getting AI from pilot to production rather than a afterthought, warning that organizations treating governance as a checkbox to mark off as quickly as possible could stall on the very compliance issues and risks they didn’t address in the first place. Building AI systems to be compliant-by-design is ultimately the faster approach.

Meta and Google open models ‘decensored’ in minutes

Freely available, quick-to-use tools for removing guardrails from open-source models have produced thousands of ‘decensored’ variants, including modified Meta and Google models that answered questions on bioweapons and child exploitation. For its report, the Financial Times removed guardrails from Llama 3.3 in about ten minutes using tool on GitHub called Heretic and four lines of code. The creator of the tool says that it has generated more than 3,500 ‘decensored’ models that have been downloaded o

ver 13 million times.

Business Risk Perspective: Open-weight models are currently running about four months behind state-of-the-art capabilities, and state-of-the-art capabilities are quickly becoming dangerous tools, especially for cybersecurity attacks. It should set off alarm bells for all organizations that guardrails are so easily circumvented.

Conformance AI provides AI safety and compliance services. This analysis reflects our perspective as industry participants; it is not legal counsel.