A treaty-backed International AI Safety Certification Authority (IASCA) could enforce mandatory pre-deployment safety checks of frontier AI models using zero-knowledge behavioural tests without accessing proprietary weights, financed by modest training-cost-based fees and rolled out from pilots to mandatory certification within five years.

Main Finding

The proposal establishes an International AI Safety Certification Authority (IASCA): an independent, treaty-based global body that would require mandatory pre-deployment safety certification of frontier AI models within a phased five‑year rollout. It uses a zero‑knowledge behavioural testing architecture to evaluate safety without accessing proprietary weights, training data, or architectures, and finances operations through progressive certification fees modeled on the FDA/PDUFA precedent (fees ≈ 0.1–1% of model training costs). The design aims to correct market failure from industry self‑regulation and limit regulatory capture through treaty governance and institutional safeguards.

Key Points

• Purpose and scope

  • Mandatory pre-deployment safety certification for “frontier” AI models at the international level.
  • Targets harms and systemic risks that private governance has failed to manage adequately.

• Testing approach

  • Zero‑knowledge testing: behavioural probes and red‑team style evaluation that do not require access to model weights, training data, or architecture — preserves IP and trade secrets while assessing real-world behaviour.

• Governance & institutional design

  • Treaty‑based, internationally governed authority modeled on IAEA, FAA, FDA.
  • Includes anti‑capture provisions to limit industry influence and help ensure independent decisions.

• Implementation roadmap

  • Phased: voluntary pilot → scaling → mandatory certification, with an overall timeline targeting mandatory certification within five years.

• Funding & economic model

  • Uses PDUFA-like fee structure: progressive certification fees designed to cover IASCA operations.
  • Fees proposed ~0.1–1% of model training costs (progressive across model size/risk).
  • Fees intended both to fund the authority and internalise some safety externalities.

• Motivation

  • Explicit response to demonstrated failures of industry self‑regulation and coordination problems across jurisdictions.

Data & Methods

• Nature of the document

  • Policy proposal / institutional design paper rather than an empirical study. The methods are comparative and prescriptive.

• Comparative institutional analysis

  • Draws lessons and analogues from institutions with long safety/regulatory experience: FDA (drug/device review and PDUFA funding), FAA (aviation safety), IAEA (international monitoring and inspections).
  • Uses those analogues to justify governance structure, testing paradigms, and fee mechanisms.

• Technical testing architecture

  • Proposes zero‑knowledge protocols and behavioural evaluation regimes (red‑teaming, scenario‑based stress tests, safety‑spec compliance tests) to assess model outputs without accessing proprietary internals.
  • Likely includes secure multi‑party computation or cryptographic proof systems in concept — the proposal focuses on architecture principles rather than fully specified cryptographic implementations.

• Economic costing

  • Fee levels and progressivity are calibrated conceptually by analogy to PDUFA and as percentages of estimated model training costs (0.1–1%).
  • No comprehensive empirical distribution of training costs is supplied in the summary; fee percentages are the proposal’s policy levers rather than empirically validated rates.

• Limitations

  • Lacks detailed microeconomic modeling of firm responses, entry/exit, and international compliance dynamics.
  • No empirical validation of the operational feasibility or cost of zero‑knowledge behavioural testing at scale.
  • Enforcement mechanics, avoidance/evading behaviour, and secondary markets are acknowledged but not quantitatively modeled.

Implications for AI Economics

• Internalising externalities and welfare

  • Mandatory certification internalises some social costs of unsafe deployments, likely improving aggregate welfare if tests correlate with reduced catastrophic risk.
  • The authority’s success depends on test validity and ability to detect risks that matter for societal outcomes.

• Costs, pricing, and investment

  • Direct compliance costs: added certification fees (0.1–1% of training cost) and delays/time‑to‑market from testing — these increase marginal cost of deploying frontier models.
  • May change investment calculus: slightly higher expected deployment costs but reduced liability/insurance costs and potential market advantage for certified providers.

• Market structure and competition

  • Barrier-to-entry effects: certification costs, testing complexity, and compliance overhead can disproportionately burden startups and smaller labs, favoring incumbents with scale — potential consolidation pressure.
  • Conversely, certification could create a “safety‑as‑product” premium that new entrants can compete on if testing regimes are transparent and accessible.

• Innovation incentives and dynamic effects

  • Short‑run friction: longer development cycles and higher pre-deployment costs could slow some innovation.
  • Long‑run benefits: clearer safety standards and reduced risk of large adverse events may make investment less risky and lower expected downside for investors, potentially stabilising long‑term R&D funding.

• International coordination & regulatory arbitrage

  • Treaty governance reduces cross‑border regulatory arbitrage; harmonised standards limit firms’ ability to shift unsafe deployments to lax jurisdictions.
  • Enforcement depends on states’ willingness to implement domestic legal barriers to uncertified deployment.

• Funding and resource allocation

  • Fee revenue (PDUFA model) can finance competent review capacity, reducing reviewer bottlenecks that would otherwise delay certification.
  • Progressive fees reduce reliance on uncertain state budgets but introduce political economy questions about fee setting and industry influence (antidote: anti‑capture provisions).

• Secondary markets and black‑box risks

  • Zero‑knowledge behavioural testing reduces IP leakage, facilitating industry participation, but may not prevent firms from creating uncertified or covert deployments (offshore, private, or embedded systems).
  • Need for complementary enforcement (export controls, trade measures, domestic liability regimes) and monitoring.

• Research & policy gaps for economists

  • Quantify distribution of training and deployment costs to validate fee schedules.
  • Model dynamic game between incumbents and entrants under certification costs, including welfare tradeoffs.
  • Evaluate optimal fee structure (progressivity, subsidies for small actors, waivers) to balance access and safety.
  • Empirically test how behavioural tests correlate with real‑world risk reduction to estimate social benefit of certification.

Overall, IASCA could internalise important safety externalities and create funding/structure for systematic testing, but it will alter incentives across investment, market structure, and international strategy. Careful economic design (fee calibration, exemptions, enforcement mechanisms) and empirical validation of testing efficacy are critical to avoid unintended consolidation, innovation slowdowns, or regulatory capture.