A responsible scaling policy (RSP) is a public commitment a frontier AI lab makes to itself: as its models get more capable, it will test them against specific risk thresholds, and if a model crosses one, the lab must add stronger safeguards — or stop deploying and even developing it — before going further. It is a form of voluntary self-regulation, adopted because no law yet tells AI labs exactly when a model is too risky to release.

Why labs write these policies

Modern AI models are trained in stages, over months, well before the public ever sees them. During that window, a lab is the only party that can see what the model can do. A responsible scaling policy commits the lab to look for specific dangerous capabilities — such as substantially assisting someone in building a biological or chemical weapon, discovering serious cyberattacks, or the model automating its own further improvement — on a defined schedule, rather than leaving safety evaluation to chance or public pressure after the fact.

The framing draws an explicit analogy to biosafety levels, the containment tiers laboratories use for dangerous pathogens: BSL-1 needs little more than handwashing, while BSL-4 requires sealed suits and filtered air. Anthropic borrowed the same graduated logic for AI, naming its tiers AI Safety Levels (ASL).

How the gating actually works

Most policies share the same three pieces:

  • Capability thresholds — specific, testable red lines (for example, a model that meaningfully helps a novice cause mass-casualty harm, or one that can autonomously replicate and evade shutdown).
  • Scheduled evaluations — the lab runs these tests at fixed intervals, or before releasing any model that could plausibly cross a threshold, not only when it feels like it.
  • Escalating safeguards — crossing a threshold triggers specific responses: tighter deployment filters, stronger security around the model’s weights, or, at the extreme, pausing development entirely until the risk is mitigated.

Anthropic’s Responsible Scaling Policy uses ASL-2, ASL-3, and higher tiers, each with its own security and deployment standard. OpenAI’s Preparedness Framework instead defines two thresholds — “High” and “Critical” capability — across categories like biological/chemical risk, cybersecurity, and AI self-improvement. Google DeepMind’s Frontier Safety Framework uses “Critical Capability Levels” covering similar domains plus large-scale manipulation. Meta runs a comparable framework that sorts models into moderate, high, or critical risk before deciding whether they can be released openly, released in a limited way, or not at all.

The labs largely coordinate on definitions through the Frontier Model Forum, an industry group that publishes shared technical work on risk thresholds — one reason the frameworks, despite different names, look so similar.

Why it matters

These policies are voluntary, not law — a lab can revise or loosen its own policy, and nothing forces it to publish one at all. That has drawn criticism from AI safety researchers who would prefer binding rules. Regulators are starting to close that gap: the EU’s AI Act now asks providers of general-purpose AI models to adopt a comparable safety and security framework as part of its Code of Practice, turning what was an industry norm into something closer to a compliance requirement for models sold into the EU.

For everyone else, the practical effect is simpler: a responsible scaling policy is the reason the most capable models are not simply shipped the moment training finishes. Somewhere between the last training run and the public release, the model was checked against a threshold it wasn’t allowed to cross unchecked.

In the news

A responsible scaling policy is a lab’s own internal gate — but governments are now adding external ones. When OpenAI made its GPT-5.6 models public, it followed a separate, government-mandated review under a national AI cybersecurity executive order, which required submitting the models for inspection 30 days before launch. That review is not a responsible scaling policy — it’s a regulator checking a lab’s work — but it reflects the same underlying idea the policies formalize: a sufficiently capable model does not reach the public until someone has checked it first.

FAQ

Is a responsible scaling policy legally required? No, for now it’s voluntary. The EU AI Act’s Code of Practice for general-purpose AI models is moving in that direction for models sold in the EU, but there’s no global law mandating one.

Which companies have one? Anthropic, OpenAI, Google DeepMind, and Meta each publish their own version, under different names (Responsible Scaling Policy, Preparedness Framework, Frontier Safety Framework, and Advanced AI Scaling Framework, respectively).

What actually happens if a model crosses a threshold? It depends on the framework, but typically the lab must add stronger deployment safeguards or security protections, or in the most severe cases pause further development until the risk is mitigated.

Does a government review, like the one GPT-5.6 went through, replace a responsible scaling policy? No — the two are separate. A responsible scaling policy is the lab’s own internal test; a government review is an external check imposed by regulators, sometimes on top of it.

Sources: Anthropic’s Responsible Scaling Policy, OpenAI’s Preparedness Framework v2, Google DeepMind’s Frontier Safety Framework, and Meta’s Advanced AI Scaling Framework — each lab’s published policy document.