AI Governance Institute logo
AI Governance Institute

Intelligence for Compliance and GRC Teams

← News
Research2026-04-19

Anthropic and OpenAI Governance Structures Risk Amoral Drift on AI Safety, Harvard Law Review Warns

What happened

A January 2026 article titled Amoral Drift in AI Corporate Governance, published in the Harvard Law Review, examines the corporate governance structures of OpenAI and Anthropic and concludes that both arrangements carry meaningful risk of eroding AI safety commitments as commercial pressures intensify. The analysis focuses in particular on Anthropic's charter, which grants safety-focused Class T trustees the authority to elect three of five board directors either after May 24, 2027, or once the company reaches $6 billion in cumulative investment. The authors argue that mechanisms designed to insulate safety objectives from profit motives are susceptible to gradual weakening over time, a process they label amoral drift. The article situates these concerns within a broader legal and regulatory debate about whether hybrid structures such as public benefit corporations, capped-profit models, and trustee-based oversight arrangements can withstand the sustained financial pressures of large-scale commercial AI deployment. OpenAI's governance crisis in late 2023 and its subsequent shift toward a conventional for-profit structure is cited as an early indicator that such arrangements can change rapidly.

Why it matters

  • ·Regulated industries such as financial services firms subject to SR 11-7 and health sector entities under FDA AI guidance face heightened regulatory exposure if a vendor's safety governance weakens without triggering a formal internal review, potentially leaving organizations reliant on commitments that are no longer enforceable.
  • ·Enterprise procurement and third-party risk teams that treat vendor-published safety commitments as static assurances may face operational disruption if governance changes at Anthropic or OpenAI alter the safety properties of deployed AI systems without advance notice.
  • ·Organizations that have not documented baseline governance structures for their AI vendors, including specific trigger conditions such as Anthropic's May 2027 director-election clause, may be unable to demonstrate due diligence to auditors or regulators if those structures subsequently change.

Governance controls affected

What to do now

  • Document the current governance structures of Anthropic and OpenAI as a vendor risk baseline, recording specific trigger conditions such as Anthropic's May 24, 2027 director-election threshold and the $6 billion cumulative investment trigger.
  • Review and update AI vendor contracts to include provisions requiring notification of material governance changes, board composition shifts, or amendments to published safety charters.
  • Establish a recurring monitoring process, at least semi-annual, to track governance amendments at frontier AI vendors as the May 2027 date approaches and as Anthropic nears the $6 billion investment threshold.
  • Reassess AI risk classifications for systems procured from Anthropic and OpenAI to reflect the possibility that vendor safety governance may weaken, and adjust human oversight and approval requirements accordingly.
  • Brief procurement, legal, and third-party risk stakeholders on the Harvard Law Review findings and incorporate amoral drift risk as a named category in vendor AI risk assessment templates.

What to watch next

Compliance teams should monitor Anthropic's board composition and any charter amendments as the company approaches the May 24, 2027 director-election trigger and the $6 billion cumulative investment threshold, both of which could materially alter the influence of safety-focused trustees. OpenAI's continued structural evolution toward a conventional for-profit model should also be tracked, as further changes could affect the enforceability of its published safety and use policies. Regulatory bodies in financial services and healthcare are likely to scrutinize vendor AI governance arrangements more closely in light of growing academic and legal commentary, so organizations in those sectors should anticipate updated guidance on third-party AI oversight obligations.

AI Governance Weekly

Weekly intelligence on AI regulation, enforcement, and governance. Every Thursday.

Powered by Buttondown.

Related Coverage

Insight2026-06-27

Mythos 5 Partial Reinstatement Creates Government-Controlled AI Access Tiers With No Transparent Process

The US government on June 27 granted roughly 100 approved companies access to Claude Mythos 5, partially reversing a June 12 export control suspension, while Fable 5 and organizations outside the approved list remain locked out with no published selection criteria or recourse. The action is the first commercial enforcement under a new executive order framework requiring government pre-release review of frontier models, making tiered access structural rather than ad hoc.

Insight2026-06-26

OpenAI's GPT-5.6 Deferral Establishes Government Pre-Review as a Real Variable in Frontier AI Releases

OpenAI delayed the full public rollout of GPT-5.6 at the request of the U.S. government, limiting initial access to vetted partners under a June 2026 executive order that grants the government up to 30 days of advance access to covered frontier models. OpenAI complied while stating publicly it does not want this to become a permanent standard. For compliance teams, the headline is not the delay but what it signals: government pre-deployment review is now an operational fact in AI vendor release cycles.

Insight2026-06-16

Anthropic's Fable 5 Defense Statement Reveals the Gap Between Vendor Safety Architecture and Government Risk Tolerance

Anthropic published a formal rebuttal to the June 12 U.S. export control directive suspending Fable 5 and Mythos 5, disclosing for the first time the specific jailbreak at issue (asking the model to read a codebase and fix software flaws) and the details of its defense-in-depth safety methodology. The statement is the clearest public account yet of how Anthropic characterizes its own safety assurances, and it reveals a meaningful gap between what vendors can promise and what government risk tolerance now requires.