The Enforcement Gap

The European Union passed its AI Act with considerable fanfare in 2024, and by the middle of 2025 the enforcement machinery was supposedly humming. Four years later, the EU AI Office has issued 23 formal investigations, settled 11, and collected fines totaling roughly €340 million — a figure that sounds serious until you compare it to the €47 billion in AI-related revenue that European operations of the major frontier labs reported in 2028. The math works out to less than 0.75 percent. That is not enforcement. That is a licensing fee with extra paperwork.

This is not unique to Europe. Across every jurisdiction that has enacted meaningful AI legislation in the past five years, a pattern has emerged: the gap between regulatory ambition and regulatory capacity is structural, not incidental. It is not going to close with more staff or bigger budgets, though both would help. It exists because the fundamental premise of AI regulation — that government bodies can meaningfully evaluate AI systems from the outside — was always more hopeful than technically grounded.

The jurisdictions that built effective frameworks understood this early. The ones that built bureaucratic theater understood it too, and decided that theater was acceptable.

What “effective” actually means

Singapore’s AI Governance Framework, which moved from voluntary to mandatory in late 2026, is the example most frequently cited by people who want to demonstrate that enforcement is possible. The reasons it works are specific and replicable, but rarely replicated. Singapore’s Monetary Authority and the Infocomm Media Development Authority share enforcement responsibility, which sounds like it would create turf conflicts. Instead it created complementary technical capacity. The financial sector expertise at MAS meant that when AI systems touched credit decisions — which they almost always do — regulators had genuine subject-matter knowledge. The IMDA brought system-level technical understanding. Together they could actually read what companies submitted.

That matters more than it sounds. In Brussels, the AI Office employs roughly 400 people, which seems substantial until you consider that the 15 largest AI deployments currently under scrutiny represent systems with billions of parameters, trained on datasets that take months to characterize, exhibiting behaviors that shift under distribution. The staff-to-complexity ratio is absurd. Singapore solved this partly by being small and focused, partly by hiring from industry at wages that didn’t require people to take massive pay cuts, and partly by being genuinely willing to say “we don’t have jurisdiction over that” rather than pretending to govern everything.

The UK’s approach after its post-Brexit regulatory reset was closer to Singapore’s than Brussels’. The AI Safety Institute, which started as a research body under the 2023 government, survived three elections and a near-total restructuring to emerge as something that functions more like a technical auditor than a traditional regulator. It does not write rules. It runs evaluations. When a frontier model crosses deployment thresholds, the AISI runs a battery of capability assessments, publishes the results in a form that is genuinely readable, and then — and this is the part that gets underemphasized — shares those results with allied regulators before the company can deploy commercially. That sequencing is what gives it actual power.

The theater jurisdictions

Brazil’s AI regulatory framework is elegant on paper. The 2026 Lei de Inteligência Artificial established a risk-tiered approach similar to the EU’s, created an enforcement body (the ANPD, expanded from its data protection role), and included provisions for algorithmic impact assessments that were genuinely forward-looking. The framework became essentially inoperative when the assessments themselves — which companies are required to submit for high-risk systems — turned out to be proprietary documents that regulators are not permitted to share with each other, cannot publish, and cannot describe in enough detail to be useful in enforcement proceedings. The companies wrote the confidentiality provisions, and they wrote them well.

India’s Approach Document on AI Regulation, now in its third revision, continues to describe a framework that will be implemented once certain baseline technical infrastructure is established. The infrastructure is not being built. The document is being revised. This is not a failure of intention — Indian regulatory officials are smart people who understand the problem — it is a failure of political economy. The ministries most invested in AI development are not the ministries most invested in AI safety, and the former have more allies in the cabinet.

The United States presents the most complicated case, because the US technically has no federal AI regulation in the comprehensive sense, yet somehow has more de facto enforcement activity than most countries with formal frameworks. The FTC has brought 14 enforcement actions under existing consumer protection statutes. The CFPB (still alive, still litigating its existence) has challenged discriminatory AI credit decisions. The Equal Employment Opportunity Commission has settled with three large employers over AI-assisted hiring. None of this is systematic. All of it has changed corporate behavior more than the EU’s formal process, because the legal theories are well-developed, the discovery requirements are extensive, and American plaintiffs’ attorneys have figured out how to file parallel civil suits.

What happens at the company level

The corporate response to this regulatory landscape has been structural in ways that don’t get enough attention. The major frontier labs have built what amounts to a regulatory arbitrage architecture into their legal organization. Anthropic, Google DeepMind’s structured entities, and OpenAI’s restructured corporate form all now have dedicated “regulatory geography” divisions that don’t quite exist on any org chart but are described, off the record, by people who work in them. The function is to determine which legal entity deploys which system in which jurisdiction, and to structure the relationships between those entities so that enforcement in one jurisdiction doesn’t create liability in another.

This is legal. It is also exactly what financial institutions did in the 1990s and 2000s, with consequences that took decades to fully work through. The parallel is not flattering.

The smaller AI companies have done something different: they have simply absorbed compliance as a cost of doing business and hired accordingly. The going rate for someone with a credible understanding of both AI systems and regulatory frameworks is roughly $280,000 to $400,000 in base salary, which means that compliance capacity has become a competitive moat. Companies that can afford excellent regulatory counsel have a structural advantage over companies that cannot, regardless of how safe or unsafe their underlying systems actually are.

Why the gap is structural

The core problem is that AI systems are evaluated ex ante — before deployment — using frameworks that were designed for industrial products, which have static properties you can test in a lab. Software systems generally, and AI systems specifically, do not work this way. A model that passes every benchmark available in 2027 can exhibit behaviors in 2029 deployment that nobody anticipated, because the world it is deployed into is different, the prompts users send are different, and the model itself may have been fine-tuned in ways that regulators were not told about.

This is not a solvable problem with more bureaucracy. It requires a different theory of regulation entirely — one closer to how the FDA handles post-market surveillance for drugs, where the obligation to monitor and report doesn’t end at approval. A few jurisdictions are moving toward this. Most are still trying to make the pre-approval model work by adding more checklists.

The jurisdictions that are building effective frameworks — Singapore, the UK, Canada through its evolving Directive on Automated Decision-Making — are generally the ones that accepted this structural reality and designed around it. The ones building theater are the ones still pretending that a sufficiently rigorous upfront assessment can substitute for ongoing oversight.

Four years in, the evidence is clear enough. The question is whether the jurisdictions doing theater have enough political incentive to change. Most of them don’t. The companies they’re ostensibly regulating employ a lot of people, pay a lot of taxes, and have a lot of friends in the right offices. That is not a conspiracy. It is just how regulatory systems work when the industry being regulated becomes important enough.

The gap between rules on paper and rules in practice is, in most places, exactly where the industry wants it.