Performative AI Governance: 6 Tests From the New CARMA Paper

What the new CARMA paper actually says

On May 20, 2026, the Center for AI Risk Management & Alignment (CARMA) published Adaptive Governance for Advanced AI: A Conceptual Foundation for Managing Complex Risks. The two authors are Kyle A. Kilian, who holds positions at CARMA and RAND, and Richard Mallah, who holds positions at CARMA and the Future of Life Institute. The PDF runs 67 pages, with the main argument ending around page 49 before the reference section.

The paper's central move is to argue that AI development and deployment must be governed as a complex adaptive system rather than as a stable engineering project. The authors cite complexity science, including Edward Lorenz's work on sensitivity to initial conditions (the origin of the "butterfly effect" idea), and AI research on sudden learning dynamics such as grokking (Power and colleagues, 2022), alongside the broader observation that large language models can show emergent capabilities at scale thresholds. The structural conclusion is that governance designed for stable, linear systems will systematically miss the dynamics of the system it is trying to govern.

From that base, the authors propose a positive philosophy they call governance flow: governance reconceived not as a sequence of discrete acts (laws passed, rules promulgated, decisions rendered) but as four continuous functions operating in coordinated relation. They name five principles that any adaptive governance system must possess. They describe a layered defensive architecture spanning technical, infrastructure, institutional, civil society, and international levels. And they conclude with six diagnostic criteria for evaluating whether any specific arrangement constitutes genuine adaptive governance or its performative simulation.

The paper is written for policymakers, statutory bodies, and the international community. The reason it deserves attention from a CEO or general counsel is that the same six tests apply to the internal AI committee, AI council, or AI steering body the company has already stood up. The structural properties the authors require are not specific to public-sector arrangements. They are properties of governance itself.

The spine sentence: why performative adaptivity is the real problem

The paper's load-bearing claim sits on page two.

This performative adaptivity is in certain respects more dangerous than acknowledged rigidity, because it provides political cover for inaction while creating an illusion of oversight that discourages the development of robust institutional capacity.

The argument is structural. When a governance arrangement looks adaptive (a working group convened, a charter ratified, a quarterly review scheduled) but lacks the underlying properties of independence, authority, durability, and the rest, the political and organizational energy that would otherwise build real protective capacity gets consumed by maintaining the appearance of governance. The arrangement does not produce protection. It produces a permission structure that delays the recognition that protection is missing.

Inside companies, the same pattern is everywhere. An AI committee meets monthly. A policy document is approved. A vendor questionnaire is sent to procurement. A risk register is updated. Each activity is real. None of them, individually or in combination, ensures that the organization can detect a new AI risk in time to respond. The board hears that AI governance is in place. The CEO hears that the committee is functioning. The committee itself hears that it is meeting its charter. The structural finding the CARMA paper names is that this can all be true and the protection can still be absent.

That is what makes this paper useful, and what makes it worth applying inside the company before it is applied externally by a regulator.

The four governance functions every AI committee needs

The paper reorganizes governance into four continuous functions that must operate together and remain structurally separated. Translated to the enterprise level, they describe what an AI committee or AI council needs to do, week in and week out, to constitute real oversight.

Sensing is continuous observation of capability development, deployment patterns, incident occurrence, and emerging risk surfaces. The structural requirement is independence from the entities being observed. At the enterprise level, this means an internal AI committee cannot rely solely on vendor self-reports, departmental self-reports, or summaries from the team that built the system. There has to be independent technical capacity to verify what is being deployed, where, and with what authority. AI agents deployed outside formal IT processes (a pattern documented in the paper's discussion of shadow AI) are precisely what Sensing is designed to detect, and they are precisely what self-report-based committees miss.

Evaluation translates sensed information into normative judgments using explicit criteria that are public, contestable, and revisable. At the enterprise level, the equivalent is internal criteria that the engineering team, the legal team, the security team, and the affected business units can all see, dispute, and propose revisions to. Closed-door evaluations that produce conclusions without accountability are the failure mode the paper warns against. Inside the company, that shows up as a single executive or single committee chair determining what counts as acceptable risk, without an articulated standard that others can challenge.

Response translates evaluative judgments into protective action through pre-authorized mechanisms with graduated options matched to severity. The paper's analogy is financial market circuit breakers, which act in milliseconds because the legislative process that authorized them took the time necessary for legitimacy. At the enterprise level, this means the AI committee needs pre-authorized authority to pause a deployment, restrict an integration, or escalate a finding to the board without negotiating the authority at the moment of crisis. A committee that has to ask permission to act is not exercising Response. It is providing advice that the executive may take or decline.

Learning systematically incorporates experience back into Sensing, Evaluation, and Response. The paper requires mandatory incident analysis and public after-action review. At the enterprise level, the requirement translates to an internal practice of named incident write-ups, structured root-cause analysis, and visible criteria revision. Learning that happens only inside one person's head is not Learning. It is institutional memory that decays the moment the person leaves the role.

The structural requirement that runs across all four functions is separation. The entity that senses cannot also be the entity that evaluates, responds, and decides what was learned. When one body performs all four functions, a single capture point can distort the entire flow. The paper's prescription is that the four functions be allocated across different bodies with explicit coordination mechanisms among them. Inside a mid-market company, that may mean separating the AI committee from the AI deployment team, separating the technical review from the legal review, and separating the after-action analysis from both.

The five principles that make governance survive shocks

Building on the four functions, the paper names five principles every adaptive governance arrangement needs. Each principle carries a specific failure mode the authors are explicit about.

Collectivity. Diverse stakeholders deliberate together, including voices whose interests conflict with developers and deployers. The failure mode is performative simulation: arrangements that include nominally diverse participants but structure participation such that well-resourced incumbents dominate. Inside a company, this is the AI committee that lists three engineering leaders, one legal partner, and a single token voice from operations or affected functions. The structure looks inclusive. The deliberation reflects engineering and legal interests.

Adaptability with bounded flexibility. Rules and policies can change as the system being governed changes, but the adaptation process itself is stable. The failure modes are ossification (adaptive mechanisms calcify into static rules because political will or institutional capacity for revision is absent) and volatility (constant revision prevents stable operation and allows interested parties to exploit each revision cycle). Inside a company, ossification looks like an AI policy that was written in 2024 and has not been touched since. Volatility looks like a policy rewritten every quarter at the suggestion of whichever vendor is currently most influential.

Modularity. Decomposing the problem into independent parts with defined coordination across module boundaries. The failure mode is fragmentation without coordination, where modules operate independently and produce a governance system that is locally rational but globally blind. Inside a company, this is the AI governance setup where the marketing team has its own AI policy, the engineering team has its own AI policy, the customer service team has its own, and no one is responsible for the cross-cutting risks that emerge at the seams.

Redundancy. Multiple institutional nodes with overlapping authority so single-point failure does not collapse the system. The paper draws an analogy to biological monocultures: a single governance approach implemented through a single body is fragile because any disruption to that specific arrangement (leadership change, capture, resource withdrawal) produces total collapse. Inside a company, this argues for AI governance capacity at the committee level, the board level, the audit committee level, and the risk committee level, with overlapping authority and defined escalation between them.

Antifragility. Systems that grow stronger in response to stress, in the sense developed by Nassim Nicholas Taleb. The paper requires mandatory incident reporting, root-cause analysis that produces structural changes (not merely individual accountability), threshold tightening when failures occur, and public after-action reviews. The failure mode is superficial implementation: governance systems that describe themselves as adaptive because they survived a shock, without evidence that they actually improved from it. Survival is resilience, not antifragility.

The authors are careful on the last point. Not all governance functions can or should be antifragile. Some risks (catastrophic, irreversible harms) require robustness (prevention even under stress) rather than antifragility (improvement through stress). The distinction is part of the prescription, not a hedge against it.

The six diagnostic tests for your AI committee

The most practical piece of the paper is Section 10, where the authors articulate six diagnostic criteria that can be applied to any governance arrangement: legislative, executive, voluntary, international, or private. The criteria do not demand perfection on all six simultaneously. They demand honest assessment of where the arrangement falls short.

Read each test below twice. The first read, hold the test against a current example of public-sector AI governance. The second read, hold the test against the AI committee, AI council, AI working group, or AI steering body currently inside your own company. Most internal arrangements were stood up in 2024 or 2025 with speed in mind. They were not designed against this kind of structural standard.

Test 1: Independence. Is the body making evaluative judgments structurally independent from the entities being evaluated and from political principals with conflicting interests? The paper's specific test is whether the evaluating entity's continued operation depends on the cooperation of those being evaluated. Inside a company, this asks whether the AI committee can deliver an unfavorable read on the engineering team's preferred deployment without putting its own staffing or budget at risk. If the answer is no, Independence is compromised regardless of the personal integrity of the committee members.

Test 2: Transparency. Are evaluation criteria, methodologies, results, and decisions visible enough to be scrutinized? At the enterprise level, the question is whether the AI committee's standards and decisions are written down, available to the broader organization, and subject to internal challenge. Closed-door committees that produce no documentation fail this test even when they produce useful internal information. The point is not that everything must be public to all employees. The point is that the governance system must be observable to those whose work it governs.

Test 3: Durability. Does the mechanism survive changes in leadership, institutional turnover, and political mood? The paper offers a sharp concrete test: would this governance mechanism continue functioning if the next leadership transition brought a CEO or board chair ideologically hostile to its mission? Inside a company, the equivalent is whether the AI committee depends on the current CEO's personal support. If a new CEO could dissolve the committee at will, with no procedural friction, the committee is not durable. It is a permission slip from the current leadership.

Test 4: Accountability. Are there defined consequences when governance failures occur? Can decisions be challenged by affected parties? Are there feedback loops that surface failures rather than hiding them? The paper distinguishes activity metrics (evaluations conducted, meetings held) from outcome metrics (harms prevented, risks identified before realization, accuracy of assessments). Inside a company, an AI committee that reports its activity to the board but cannot report its outcomes is reporting compliance, not governance. Accountability requires the existence of measurable standards and visible consequences when the committee demonstrably fails.

Test 5: Authority. Does the governance body have actual power to compel compliance, restrict deployment, or impose costs for non-cooperation? The paper writes that pure information-gathering without enforcement capacity is monitoring, not governance. Inside a company, this is the test most internal AI committees fail. They review. They advise. They escalate. They do not have the authority to halt a deployment over the objection of the business unit that wants it. If the committee can only persuade, it is exercising influence, not authority. That may be the right operating posture for a specific company. The paper's point is that the company should know which posture it has chosen.

Test 6: Scope Adequacy. Does the governance mandate cover the actual risk surface, or only a politically convenient subset? The paper warns that governance focused exclusively on the most visible risk category (often national security at the policy level, often regulatory compliance at the corporate level) may be politically expedient but is categorically incomplete. Inside a company, this asks whether the AI committee's charter covers economic disruption, customer-facing harms, democratic process integrity, civil rights exposure, security cascading risks, and the full surface of how AI is being used, or whether the charter was drawn narrowly because narrow scope was easier to ratify.

The paper notes a useful warning property of the tests. When arrangements that score poorly are presented as adequate, the performative-adaptivity failure mode is likely in operation. Political and organizational energy spent celebrating inadequate arrangements is energy not spent building real institutional capacity. The same dynamic applies inside companies. A board that hears the AI committee is working, when the committee fails four of the six tests, is being given an illusion of oversight that delays the build of the real thing.

Where this applies in The 7 Levels of AI Proficiency

A structurally well-designed governance body cannot compensate for under-proficient operators. The CARMA paper is about institutional architecture. The companion question, which the paper does not address directly, is who is qualified to operate that architecture.

The CARMA paper does not map these functions to The 7 Levels of AI Proficiency. That mapping is my applied interpretation for enterprise teams.

The 7 Levels of AI Proficiency framework supplies the missing piece. Each governance function in the CARMA model implies a minimum proficiency level for the person running it.

Sensing requires Level 3 or above (Lieutenant in the framework, a Critical Thinker about AI). Sensing without the capacity to read primary signals, distinguish vendor marketing from technical reality, and recognize emerging risk patterns is sensing in name only. Someone at Level 1 or Level 2 cannot perform the function with credibility. They will rely on vendor self-reports because that is the only signal they know how to read.

Evaluation requires Level 4 or above (Commander, a Context Engineer). Evaluation involves translating sensed information into normative judgments under uncertainty, with the technical literacy to push back on engineering claims and the structured thinking to articulate criteria the rest of the organization can dispute and revise. Below Level 4, the evaluation cannot be defended on its merits, and the function falls back to political accommodation.

Response requires Level 4 at minimum, with Level 5 (Captain, Design Thinker) preferred. Response involves designing pre-authorized mechanisms that act at the speed of the threat without breaking democratic or organizational legitimacy. That is a design task, not a procedural one.

Learning requires Level 5 or above. Learning involves recognizing patterns across incidents, articulating structural causes, and proposing changes to the criteria themselves. That is the work of someone who can see the system from above its individual cases.

The executive overseeing the system as a whole needs Level 6 (Admiral, a Systems Integrator). Systems Integrator behavior is what makes the governance architecture survive shocks. Below Level 6, the executive will tend to react to the most recent crisis rather than to the structural property of the system that produced the crisis.

Before redesigning the governance body using the six tests, measure the proficiency of the people running it. A committee that is structurally sound but operated by Level 2 staff will fail the same way a structurally weak committee operated by Level 6 staff will fail: in different directions, with different speeds, but both will fail. The work is to align the architecture with the proficiency of the people inside it.

That is also what makes a measurement instrument central rather than peripheral. The AI Law Tracker that LaunchReady built and maintains is one operating example of the Sensing function applied to the regulatory environment, independent of vendor self-reports and political messaging. The 7 Levels of AI Proficiency assessment is one operating example of the Evaluation function applied to the people who run governance. Both exist because the structural properties the CARMA paper names cannot be assumed into existence. They have to be built and operated by named entities with verifiable independence.

How this applies to Indiana and the IN AI Initiative

Indiana sits inside the picture the CARMA paper draws.

Indiana's 2026 AI-related legislation included HB 1182, a digital sexual image abuse bill that was introduced and referred to the House Committee on Courts and Criminal Code, but does not appear to have advanced further this session. The broader Indiana AI policy posture is at the early stage of an adaptive governance build. The structures currently in play follow patterns the paper identifies as performative-adaptivity risk: working groups, advisory bodies, voluntary frameworks, and industry partnerships that lack the statutory authority to compel changes. The IN AI Initiative announced in spring 2026 follows a similar pattern of multi-stakeholder convening without independent enforcement capacity. These arrangements are not bad. They are early. The paper's point is that the appearance of governance, when the underlying structural properties are absent, consumes political space the durable institutional build needs.

For Indiana businesses, the read is more direct. Whatever the state's external posture, the six diagnostic tests apply to the internal AI committee, AI council, or steering body the business has stood up. Most of these were created in response to a vendor pitch, a board question, or a peer-group conversation. They were not designed against a structural standard. The CARMA paper supplies the standard. Running the diagnostic surfaces which tests the body passes and which it fails. The work after that is design, not paperwork.

For Indiana-based regulated industries (financial services, healthcare, insurance, legal services, K-12 and higher education), the same tests apply with industry-specific weighting. Regulators in each of these sectors will, over the next eighteen to thirty-six months, develop their own diagnostic posture. The structural properties the CARMA paper names are likely to overlap with what regulators, auditors, and boards increasingly ask for: independence, documentation, authority, accountability, and scope coverage. Companies that build to the standard before the audit arrives will be in a different operating position than companies that build in response to the first enforcement action.

Three things to do with this paper this week

The CARMA paper supplies a credible, technically grounded, independently authored standard for evaluating AI governance arrangements. Here is how to use it inside the company.

Related reading: The 7 Domains of AI Governance: A Framework for Mid-Market Leaders and Career-Altering: What the Alabama AI Sanctions Order Means for Every Profession and Indiana AI Legislation 2026: A Complete Guide.

Sources

1. Kilian, Kyle A., and Richard Mallah. Adaptive Governance for Advanced AI: A Conceptual Foundation for Managing Complex Risks. Center for AI Risk Management & Alignment (CARMA), May 20, 2026.
2. Center for AI Risk Management & Alignment (CARMA). Organization site.
3. Future of Life Institute. Richard Mallah affiliation.
4. RAND Corporation. Kyle A. Kilian affiliation.
5. Ostrom, Elinor. Governing the Commons: The Evolution of Institutions for Collective Action. Cambridge University Press, 1990. Cited in CARMA paper for commons governance design principles.
6. Taleb, Nassim Nicholas. Antifragile: Things That Gain from Disorder. Random House, 2012. Source of the antifragility concept the paper applies to governance.
7. U.S. Securities and Exchange Commission. Order Approving Proposed Rule Changes Relating to Market-Wide Circuit Breakers. Release No. 67090, May 31, 2012. Source of the circuit-breaker analogy the CARMA paper uses for pre-authorized Response.
8. Painter, Harrison. "The 7 Domains of AI Governance: A Framework for Mid-Market Leaders." LaunchReady.ai Insights.
9. The 7 Levels of AI Proficiency framework. LaunchReady.ai.
10. AI Law Tracker. Operating example of an independent Sensing function applied to the U.S. AI regulatory environment.

Harrison Painter

AI Business Strategist. Founder, LaunchReady.ai and AI Law Tracker.

Harrison helps teams build AI systems that cut cost and grow revenue. Nearly 20 years of business experience. 2.8M YouTube views. Founder of LaunchReady.ai and the 7 Levels of AI Proficiency framework.

Connect on LinkedIn