Four days ago, President Trump signed “Promoting Advanced Artificial Intelligence Innovation and Security.” The initial coverage covered the signing. It covered what “voluntary” means. It covered the 30- and 60-day clocks. This brief doesn’t revisit any of that. It answers one question: given everything already established, what does a compliance team actually do before July 2?
Start with the distinction that matters most. The “voluntary” label in the EO applies to industry participation in the early-access framework. It does not apply to federal agencies. By July 2, 2026 – 30 days post-signing – the Secretary of the Treasury, working alongside the National Cyber Director, NSA, and CISA, must establish a voluntary AI cybersecurity clearinghouse for coordinating software vulnerability scanning. That formation isn’t optional for those agencies. It’s a mandate.
The August 1 deadline is different in character. Within 60 days of signing, designated agencies must develop and maintain a classified benchmarking process to determine which AI models qualify as “covered frontier models.” The NSA Director holds final determination authority over which models qualify, acting in consultation with the National Cyber Director and CISA. No threshold numbers are public. None will be, by design – the benchmarking criteria are classified.
That’s the compliance planning problem.
Unanswered Questions
- How will the NSA Director's classified benchmarking threshold apply to mid-market AI models that aren't clearly frontier-class?
- How does voluntary participation in the early-access framework interact with existing NIST AI RMF compliance programs?
- What disclosure obligations attach to a company that voluntarily engages with the NSA benchmarking dialogue?
Commercial AI developers can’t prepare for a threshold they can’t see. A mid-market AI company with a capable but sub-frontier model has no way to assess, right now, whether it falls inside or outside the “covered frontier model” designation. The frontier labs already engaged in voluntary dialogue with federal agencies have a structural information advantage. Everyone else is flying without instruments.
There’s a second gap the EO’s text doesn’t close. Compliance programs built around the NIST AI Risk Management Framework now face an unanswered question: how do the two voluntary frameworks interact? The EO doesn’t address it. As of June 6, that question remains open. Teams that have invested in NIST AI RMF alignment shouldn’t dismantle those programs – but they should flag this as an unresolved dependency.
According to legal analysis from Freshfields, the EO also directs the Department of Justice to prioritize enforcement of existing criminal statutes – including the Computer Fraud and Abuse Act – against AI-enabled cyberattacks, with autonomous AI agents specifically highlighted. That’s Freshfields’ reading of the EO, not independently confirmed from the primary text. But compliance teams with agentic AI in production should treat it as a credible signal worth reviewing with counsel.
Don’t expect the July 2 clearinghouse to answer the benchmarking question. The clearinghouse is a vulnerability coordination mechanism – a different track from the classified benchmarking process under the August 1 deadline. These are parallel obligations, not sequential ones.
Warning
The 'voluntary' label applies to industry participation in the early-access framework - not to federal agency obligations. Treasury, NSA, CISA, and the National Cyber Director face a hard July 2 formation deadline. Companies waiting on federal implementation to inform their own posture may be misreading the EO's structure.
The real question is whether companies with the most to gain from the voluntary early-access framework are already inside it. The frontier labs that participated in predecessor conversations likely have a head start on the NSA dialogue. Mid-market developers who haven’t engaged federally yet have a shrinking window to make a decision about whether voluntary engagement is worth the disclosure tradeoffs.
The EO prohibits any of its provisions from serving as a basis for mandatory licensing, prior approval, or permitting requirements for AI model development. That protection is real. But it doesn’t resolve the visibility problem. The classified threshold is the operative constraint – and no amount of voluntary compliance architecture closes that gap until NSA publishes the criteria, if it ever does.
Compliance teams should act on what’s confirmed: federal agency obligations under the July 2 deadline are live now, the August 1 benchmarking development mandate is underway, and the voluntary early-access decision is one that requires an answer before the benchmarking process is complete – not after.