Part I

The Structural Diagnosis

Why Sovereignty No Longer Compiles: Governance after AI

For much of the modern era, states governed from a position of informational advantage. Authorities assumed they could see enough of the world to classify it, regulate it, and enforce their decisions through law. That assumption no longer holds. ¹

The technologies that once waited for human direction now act at machine speed. AI systems classify, allocate, negotiate, and enforce at scales that exceed the observational reach of public institutions. The State’s authority remains intact on paper, but its ability to perceive and operationalise that control has eroded.

The crisis of AI governance is not a failure of political will but of institutional capacity: the State is attempting to oversee an ecosystem that moves faster, operates deeper, and obscures more than the machinery built to regulate an earlier technological order. Two fractures define this condition.

The first is the Visibility Gap — a structural asymmetry in which regulators cannot observe the systems they claim to govern. The operative logic of the AI economy is written in dynamic code, legible primarily to the private actors who build and maintain it. Opacity is not incidental; it is a predictable consequence of how these systems are trained, engineered, and deployed.

The second is the Rule-Execution Gap — the failure that emerges when legal mandates cannot be rendered into operational control. Principles such as fairness, safety, or nondiscrimination require translation into technical specifications, and that translation occurs outside the State. Authority falters not at the level of intent but at the level of implementation.²

These are not temporary inefficiencies. They are symptoms of an operating system that no longer matches the world it was built to govern. Before the Code After can be built, the reasons the code before can no longer run must be understood.

Chapter 1

The World States Cannot See

On a recent Tuesday morning, a credit-scoring AI operating across more than fifty countries made millions of lending decisions. It approved mortgages in Manchester, denied car loans in Mumbai, and recalibrated credit limits in Mexico City. The example is illustrative, but it reflects a real pattern: AI-driven decisions now occur continuously, across borders, and at scales that no single regulator can directly observe³.

Although these decisions were globally distributed, the model’s training data, cloud infrastructure, corporate parent, and AI supply chains all intersected with three of the most consequential AI ecosystems. The U.S., China, and the (EU) shape the technical, economic, and regulatory conditions under which such systems operate. They receive particular attention in this book for that reason.

The pattern extends beyond financial services. Global supply chains are increasingly orchestrated by optimisation models that draw on port data, customs risk signals, congestion forecasts, and demand projections from multiple countries. No single state typically has access to the full dataset, the model design, or the decision logic that shapes routing, prioritisation, and delay. Each country therefore sees only a fragment of a system whose behaviour emerges from interactions that span borders and elude any single regulator’s full view.

In both cases, the same structural condition holds. No public authority sees the system as a unified whole. American regulators observe only the domestic segments of data flows. European supervisors engage with documentation prepared under the General Data Protection Regulation (GDPR), the EU’s comprehensive privacy law.⁴ Chinese officials monitor activity on servers within their borders. Each interacts with a fragment of the system; none has visibility into its full operational footprint.

This matters because sight is the precondition of authority — and control is weakened without it.

The global AI economy now operates through infrastructures and decision-making pipelines that frequently outpace the observational reach of any single state. The challenge is not merely regulatory lag — the familiar refrain that “law is slow and technology is fast” — but a deeper structural mismatch: regulators are attempting to oversee an ecosystem that is often opaque by design.

States retain hard sovereignty — the coercive authority to shut down data centers, restrict compute, or block market access. What they have lost is execution optionality: the ability to shape model behaviour directly through institutional command. Recognising this asymmetry clarifies why so much contemporary AI oversight feels misaligned with the world it seeks to regulate. Legislation arrives beside the point, harmonisation efforts struggle against operational reality, and the centre of gravity has shifted from rulemaking to translation.

Translation here carries a specific meaning: not a linguistic activity, but a technical one performed by actors positioned to observe what states cannot. Professional services firmsmperform this function using two of the principal operational languages that travel across time and borders: law, the language of permission, and accounting, the language of measurement.

Together, these languages allow global AI to run, regardless of the political and institutional values that surround it.

I. The Illusion of Control

As AI spreads across the globe, the central question is no longer what rules legislators write, but how oversight actually works — and where it truly resides.

In the U.S., authority fragments across multiple agencies — the Federal Trade Commission (FTC), the Securities and Exchange Commission (SEC), and the National Institute of Standards and Technology (NIST) — each gripping a different piece of the elephant.

In Brussels, the EU Artificial Intelligence Act (EU AI Act) constructs a cathedral of risk frameworks: an elaborate edifice of classifications, obligations, and oversight mechanisms.⁵

In Beijing, the Cyberspace Administration of China (CAC) enforces a perimeter model of AI oversight, closely monitoring data flows, content, and the technical backbones that support computation within China.

Across the world, the machinery of regulation appears formidable. Tens of billions of dollars fund regulatory capacity across finance, health, environment, and technology. Hundreds of thousands of officials — spanning national regulators, subnational agencies, supranational bodies, and international organisations — promulgate rules, conduct inspections, and enforce compliance. Entire industries support this apparatus: regulatory affairs outsourcing, compliance services, and RegTech platforms that automate monitoring and reporting. Academic literature proliferates. Standards bodies issue frameworks. By every visible metric, the regulatory landscape appears fully engaged.

Yet the entire apparatus rests on an assumption that no longer holds. In the pre-AI world, economic activity was comparatively legible, slower, and territorially bounded. Regulators could see factories, inspect ledgers, audit processes, and compel disclosures. Observation was imperfect, but it was possible. The State’s sensory apparatus — reports, filings, inspections, subpoenas — was built for a world in which the relevant activity remained within its field of view.

In the AI era, that visibility is under strain. What regulators once monitored directly now unfolds across distributed, dynamic, and partially autonomous environments. The operative logic is encoded in proprietary models, executed across borders, and updated continuously.

The relevant activity no longer sits in places the State can easily observe; it lives in technical layers that are often inaccessible to public authority.

This reflects a deeper systems-level mismatch: effective oversight of AI depends on forms of institutional sight that no single state fully possesses. It spans technical observability — access to model design, training data, emergent behaviour, failure modes, and security vulnerabilities — and extends to economic sight into valuation, capital flows, incentives, and market concentration. It culminates in classificatory legibility, the capacity to render system behaviour into categories that law and accounting can recognise, measure, and act upon.

No country holds these capacities in complete form. The reasons are structural. They arise from how sovereignty, technology, and economic organisation now interact in an integrated

AI ecosystem. States are attempting to steer activity whose technical behaviour is controlled by private actors, whose economic dimensions are distributed across cross-border networks, and whose classificatory forms do not align with the representational grammar of territorial authority.

What emerges is the appearance of regulatory control: the belief that governments can direct what they cannot fully see.

II. The Three Dimensions of the Visibility Gap

The Visibility Gap has three interlocking dimensions, each representing a distinct form of informational deficit. Together, they generate systematic blindness precisely at the level where oversight decisions must be made.

A. Technical Opacity — The Black Box Problem

AI models are often opaque both by nature and by design. Frontier-scale deep learning systems contain billions or trillions of parameters whose interactions generate behaviours that cannot be fully predicted, reconstructed, or explained — not even by the teams that build them. The opacity is intrinsic to high-dimensional statistical algorithms and cannot yet be fully engineered away.

Consider the credit-scoring model introduced at the start of this chapter. Its training data, model design, and fine-tuning process are typically proprietary, reflecting the trade-secret norms of commercial credit modelling. Its decision logic emerges from statistical correlations distributed across millions of parameters — patterns that do not naturally reduce to a stable, global set of human-interpretable rules.

Even if regulators obtained full access to the underlying information — which they typically cannot — they would still confront the interpretability problem: knowing what a model outputs does not, by itself, explain why it outputs it. Sight is not the same as comprehension.

Technical opacity is compounded by a form of systemic adverse selection. The observational capacity required to understand state-of-the-art AI models has been effectively privatised by the market price of talent. The expertise necessary to interrogate model behaviour — machine-learning research, systems engineering, security analysis — has migrated overwhelmingly into private firms.

This pattern reflects a broader labour-market dynamic: advanced AI capabilities concentrate around a small number of firms and countries. The migration is not accidental. It reflects the logic of modern labour markets: technical competence flows toward the actors best positioned to monetise it. Governments are left competing in a labour market they cannot afford to win.

At this point, a familiar objection arises: opacity might seem like a resource problem. If governments simply hired more engineers, built more supercomputers, and expanded regulatory budgets, they might believe they could eventually peer inside the box.

This assumption underestimates the structural character of the problem. Even the U.S. and China — home to the world’s deepest reservoirs of technical talent, compute capacity, and frontier model research — face severe limits in seeing, explaining, and auditing the platforms they themselves produce, let alone those produced by each other. Their laboratories operate near the limits of scale. Their firms train the largest models. Their engineers build the most complex pipelines.

Yet the opacity of AI models exceeds even their internal capacity for explanation. The creators cannot fully interpret their own creations. The black box is not hiding from regulators. It is hiding from everyone.

This is why model opacity cannot be solved through additional disclosure, more audits, or stronger compliance regimes. These tools assume that observation is primarily a function of effort. It is not. Observation is a function of technical design.

B. Jurisdictional Fragmentation — The G2 Bifurcation and G3 Ecosystems

Even if technical opacity could be overcome — a counterfactual — the second dimension of the Visibility Gap would remain: no state can see all components of the AI infrastructure at once.

Global AI is not a single universe. It is a multipolar but highly uneven landscape built around a small number of countries capable of operating across the full span of the AI pipeline. A fully integrated state controls the critical components: advanced chip design and fabrication, hyperscale cloud infrastructure, large-model training pipelines, data reservoirs, global deployment channels, deep talent pools, and domestic capital markets able to finance and scale AI.

Full capability does not mean self-sufficiency in every component; it means strategic control over the critical resources required to build, train, and deploy large-scale AI systems without dependence on external political decisions.

At present, the clearest states meeting this threshold are the U.S. and China. Others — most notably the EU — wield significant regulatory influence but do not yet control the underlying technical base. Europe remains dependent on foreign cloud providers and semiconductor supply chains, even as policy debates now centre on building a “EuroStack” or “public AI stack” to reduce this structural reliance. These initiatives signal a strategic ambition to expand Europe’s technical footing, though they remain early-stage rather than fully realised.

Most other significant AI economies — including the United Kingdom (UK), Japan, India, Korea, and Brazil — operate within what this manuscript terms stack dependence: they regulate models built on chips they did not fabricate, trained on compute clusters they do not own, and deployed on platforms whose core designs are external. Their authority rests primarily at the regulatory, compliance, and market interface rather than in shaping the technical base itself.

This distinction defines the G2: an analytical category referring to state-level AI ecosystems that meet the threshold of vertically integrated capability across hardware, compute, model development, talent concentration, and capital scaling. In the current global landscape, the U.S. and China are the clearest G2 states. The term is descriptive rather than geopolitical, identifying countries capable of sustaining the full technological and financial span required to develop and deploy advanced AI at global scale.

A complementary category, the G3, refers to states whose regulatory frameworks propagate globally through market size, legal-harmonisation capacity, and institutional legitimacy, even without full integration across the AI stack. The EU is the clearest G3 actor, exercising regulatory gravity that shapes global norms despite the absence of full technology control.

These categories describe current structural positions rather than permanent assignments; states can move through the hierarchy as their technical and regulatory capabilities evolve.⁶

This bifurcation produces a distinct form of informational failure: fragmented oversight. While the G2 possess vertical visibility over their own ecosystems, they do not possess full insight into each other’s — and when the frame widens to include every other major AI power, no state in the system commands horizontal visibility across the horizon where all stacks inevitably interact.

Even with the world’s most advanced AI ecosystem, the U.S. regulator can scrutinise segments of the codebase and portions of the training pipeline, but it still sees only narrow, sector-specific slices of how these systems circulate globally. Its regulatory sightline is uneven across the stack: strong over model development and platform-level diffusion, weaker over downstream uses that fall outside its legal reach.

The Chinese regulator exercises significant oversight over infrastructure — chips, supply chains, and datacenter physics — but has more limited sightlines into downstream monetisation, offshore diffusion, and cross-border model behaviour. China enjoys full vertical integration, yet its regulatory vantage point is anchored in hardware, data, and domestic compute rather than in the global pathways through which its models circulate.

The EU reviews compliance filings and assurance materials, but typically lacks systematic sightlines into the hardware and compute physics that sit outside its legal reach. Its regulatory grammar travels globally, yet its oversight remains concentrated in documentation, assurance processes, and market-access controls rather than the technical base.

Stack-dependent regulators — in the UK, Japan, India, Brazil, and elsewhere — primarily encounter the outputs of deployed models, with limited sightlines into upstream training data, model-development pipelines, or underlying model behaviour. Their vantage point sits downstream of the technical base.

Each state sees a different slice of the landscape. None sees the system as a whole.

More importantly, no state can track how changes in one domain ripple through the others. A shift in Chinese data-localisation rules can alter American model-retraining cycles; a new European privacy standard can redirect global capital flows; a diffusion restriction in India can cascade into model behaviour. Each example traces a different propagation path — technical, financial, behavioural — underscoring why fragmented sightlines are not merely inconvenient but systemically disabling.

This is not a coordination problem. It is not a failure of diplomacy, harmonisation, or intergovernmental process. It is a fundamental mismatch between territorial authority and transnational AI — a world in which the borders that define political power no longer match the operational reality of the AI economy.

C. Temporal Acceleration — The Speed Chasm

Even if technical opacity were solved and territorial fragmentation aligned, a third dimension would persist: the frontier moves faster than oversight can track, interpret, or respond.

AI systems operate on timescales that exceed the State’s capacity to observe or intervene. Decisions that once unfolded over hours or days now occur in milliseconds. A single creditrisk model can reassess large numbers of lending positions in near real time — a tempo no public institution can match. The asymmetry is inherent: the systems being governed move faster than the machinery built to govern them.

Oversight in the AI era is defined by asymmetric iteration rates. AI development and deployment accelerate through scaling, automation, and rapid feedback loops, while institutional response moves through consultation, deliberation, and negotiation. The gap between these tempos widens with every cycle, creating a governance environment in which acceleration itself becomes a source of institutional failure.

Consider the timing mismatch in the EU. The EU AI Act — the world’s most comprehensive attempt to regulate AI — was proposed in April 2021. Midway through its negotiation, the release of ChatGPT (built on GPT-3.5) in late 2022 forced a rapid, midstream revision. The resulting amendment attempted to retrofit the Act to capabilities the original draft could not have anticipated. Yet even this intervention could not accelerate the legislative machinery: the Act entered into force only in mid-2024, with full implementation stretching into 2026.

In AI time, a two-year lag is not a delay; it is a systemic failure.⁷

GPT-3.5 was not simply a technical milestone; it was the public inflection point — the first AI model to reach global consumers at scale, triggering what became a planetary reckoning with the arrival of machine intelligence. The dramatic demonstration of capability — amplified by warnings from senior figures in the field, including Geoffrey Hinton — transformed an obscure technical development into a mainstream technological rupture. It happened overnight.⁸

While the EU deliberated, AI had already cycled through successive capability regimes: the transition of GPT-3 from experimental tool to production instrument, the emergence of GPT4 as a reasoning engine, and the rise of agents able to execute multi-step workflows. By the time the Act reached political consensus, the frontier had already shifted again.

Democratic deliberation cannot match the speed of AI because legitimacy takes time. Consultation, debate, and review are essential safeguards, not inefficiencies. These processes cannot be compressed without eroding the very authority they are meant to confer. The consequence is a systemic mismatch: public decision-making moves in procedural time, while AI advances in exponential time.

Authoritarian regimes do not escape the speed chasm either. Centralised authority can compress deliberation, but it cannot compress comprehension. The decision latency of any bureaucracy — democratic or otherwise — is measured in weeks or months. The AI cycle is measured in days; the inference cycle of an agent is measured in milliseconds.

Even the G2 cannot regulate at the speed they innovate. Their laboratories iterate on weekly cycles; their legislatures and ministries move on annual ones. The widening tempo gap is structural. The State is always responding to the last generation of models, while the systems operating within its borders run on a clock the law has not yet reached.

III. Why the Gap Is Built In, Not a Passing Phase

It is tempting to believe the Visibility Gap is temporary — a friction that will fade once regulators hire more experts, coordinate internationally, or adopt more agile processes. This view misdiagnoses the problem. The gap is not a transitional failure of capacity. It is a systemlevel consequence of how AI advances, how markets allocate expertise, and how state authority is organised. These forces do not weaken over time; AI compounds them.

Three forces make the Visibility Gap durably persistent.

A. The Divergent Clocks of AI and Authority

The core asymmetry is straightforward: AI compounds; public oversight resets. AI and state response operate on fundamentally different clocks. AI advances through recursive optimisation loops: scaling laws, fine-tuning cycles, reinforcement from human and synthetic feedback, and continuous redeployment. Each iteration builds directly on the last, compressing learning into ever shorter cycles. AI improves by running.

Public authority iterates differently. It requires processes that are intentionally slow because legitimacy depends on them. These cycles do not accelerate with experience; they reopen with every new issue, every new stakeholder, every new political change.

The consequence is not simply that AI moves faster than the State. AI compounds while public decision-making renews process. One system accumulates capability; the other reinitiates procedure. These clocks diverge by design, not by accident. No institutional reform bridges the distance between compounding iteration and procedural renewal.

B. Why Expertise Concentrates at the Frontier

In late 2023, the U.S. federal government opened senior machine-learning research roles for its newly created AI Safety Institute. The salary band — roughly $180,000 — was competitive by civil-service standards. In the same period, Anthropic hired a comparable researcher at a total compensation package exceeding $1.2 million, with access to frontierscale compute clusters and a team of more than one hundred PhDs working on large-scale optimisation problems. The federal posting remained open for months. Anthropic filled its role in days.⁹

This divergence is not a budgetary anomaly. It is the predictable outcome of market incentives. Frontier AI requires rare combinations of expertise: machine-learning research, distributed systems engineering, security analysis, and large-scale optimisation. As models scale, the marginal value of technical insight increases, and the market bids that insight upward. The private sector can offer compensation, equity, compute access, and research environments that no public institution can match.

The consequence is systemic adverse selection. The people most capable of understanding frontier AI are inevitably drawn to the labs that create it. Governments cannot reverse this dynamic. They cannot replicate frontier-scale compute environments, they cannot match equity-based compensation, and they cannot offer the density of technical peers that AI labs attract. Even the G2 — with the deepest talent pools on Earth — face the same challenge.

Their national laboratories and ministries do not house the teams that train trillion-parameter models; their regulators do not employ the engineers who design the systems they are tasked with overseeing.

C. The Geometry of Authority versus the Geometry of AI

No country currently sees full AI stacks. The remaining question is whether this discontinuity is contingent — solvable through coordination — or inherent. It is the latter, for a reason not yet identified in the preceding sections: the geometric mismatch between territorial authority and global compute placement — a mismatch that persists regardless of how political boundaries are redrawn.

States govern through territorial reach: borders define what can be observed, measured, and constrained. AI does not operate within these boundaries. It runs across cloud regions, data centres, and supply chains organised around efficiency, latency, and capital flows — a topology that cannot be reshaped to match territorial lines without dismantling the global AI economy in the process.

This is what makes the mismatch geometric rather than diplomatic — it remains invariant under deformation. Borders can shift, territories can merge, treaties can proliferate — yet the compute remains borderless. No reconfiguration of political boundaries produces a world in which frontier AI falls within a single country’s line of sight.

Even the G3 cannot escape these limits: the U.S. shapes chip design and controls access to leading-edge fabrication but does not operate the fabs themselves; China controls domestic deployment and data flows but not the global capital that finances AI; the EU defines regulatory power but not the hardware or models on which that power must act. Each commands a slice of the system, but none commands the whole. Territorial authority is bounded; AI is borderless. Their geometries do not meet, and no degree of coordination can force them into alignment.

IV. Consequences of Governing Blind

When state authority loses traction over the AI it is meant to oversee, the failure is not procedural but constitutional. The machinery of public administration continues to operate — legislatures legislate, agencies issue rules, courts adjudicate — but the link between institutional action and AI behaviour weakens. Over time, this loss of coupling produces three internal distortions that reshape the State from within.

These are not enforcement failures or coordination gaps. They arise when institutions attempt to steer AI whose internal dynamics they cannot interrogate, model, or predict. A political centre that cannot establish causal influence over the platforms under its charge does not merely exercise authority poorly; it rules symbolically.

A. Regulatory Drift — Rules Without Reach

When a public authority cannot observe the AI models it seeks to oversee, regulation becomes an exercise in projection. Institutions legislate toward an imagined AI rather than the one operating in practice. The gap widens between the formal requirements written into statutes and the real behaviour of deployed systems.

This gap produces a distinctive failure mode: rules that exist on paper but do not bind in practice. Agencies issue frameworks, guidance, and compliance expectations, yet these instruments rarely penetrate the decision-making surface where outcomes are actually produced. Firms respond by constructing compliance covers — policies, checklists, model cards — that satisfy external expectations without altering internal logic. Oversight becomes more visible even as control becomes less real.

Over time, this dynamic becomes self-reinforcing. As visibility declines, regulators compensate with additional rules; as rules proliferate, firms invest more in producing documentation that meets procedural expectations than in aligning system behaviour with regulatory intent. The legal process becomes increasingly expressive — signalling priorities, values, and aspirations — while losing traction over the systems that shape outcomes.

This is regulatory drift: a world in which legal authority persists, but its operational reach diminishes. The public sector continues to issue commands, but the systems under its charge evolve along trajectories the law can no longer detect, interpret, or redirect.

B. Perverse Incentives — The Performance of Compliance

When the field of view narrows, incentives reconfigure. Companies shift from optimising for system performance to optimising for the narrow band of signals regulators can actually perceive. In that environment, documentation becomes the dominant channel of interaction between firms and the State.

The consequence is a distinctive institutional failure: the substitution of representations for assurance. In the absence of real observability, firms generate documents that are easy to audit but only loosely connected to the systems they describe. Model cards summarise design intent rather than trace operational behaviour. Risk matrices classify hypothetical hazards rather than failures observed in production. Compliance templates proliferate that satisfy audit logic without touching the decision-making mechanisms that drive outcomes.

These artefacts flourish precisely because they are legible. They translate dynamic, opaque systems into static representations that fit the bureaucratic machinery of review. But legibility is not control. As the gap between documentation and system behaviour widens, compliance becomes a performance staged for oversight bodies that lack the means to interrogate the underlying reality.

Over time, this dynamic produces a parallel oversight process — a meticulously maintained ecosystem of policies, templates, and attestations that evolves independently of the models it purports to regulate. Internal incentives shift accordingly: teams invest more in producing documentation that satisfies external expectations than in building mechanisms that would meaningfully constrain model behaviour. The compliance apparatus becomes increasingly elaborate, increasingly sophisticated, and increasingly detached.

C. Legitimacy Decay — Authority Without Capability

When public bodies lose traction over the systems they are meant to oversee, the resulting damage is not administrative. It is constitutional. The modern regulatory state rests on a premise that it can understand the domains under its charge well enough to act meaningfully within them. When that premise falters, legitimacy begins to erode long before authority formally collapses.

The Visibility Gap accelerates this erosion. As AI ecosystems evolve beyond the State’s capacity to observe or interpret them, confidence in governmental competence begins to fracture. Citizens encounter rules that cannot be enforced. Firms receive directives that cannot be operationalised. Regulators themselves sense the widening gulf between the authority they hold in statute and the capability they possess in practice. The belief that the State can meaningfully steer these systems weakens across all constituencies simultaneously.

This produces a quiet legitimacy crisis — one that accumulates through small, unremarkable failures rather than dramatic breakdowns. Investigations stall for lack of technical insight. Enforcement actions target the visible rather than the consequential. Regulatory processes generate text but not traction. Each instance is minor in isolation; together, they signal a public authority increasingly unable to shape the systems that shape society.

Legitimacy decays because it is recursive. State actors derive authority not only from formal mandates but from the shared expectation that they can act effectively. When that expectation erodes, compliance becomes discretionary, deference becomes conditional, and the State’s coordinating power weakens. Authority persists in form, but its functional core begins to hollow out.

The legitimacy decay that follows — a government retaining the symbols of authority while losing the capability that once justified them — is incremental, cumulative, and largely invisible until it becomes structurally entrenched.

D. The Governance Vacuum — When Authority Has No Operator

The three failures described above — regulatory drift, the performance of compliance, and legitimacy decay — do not remain discrete. They interlock and reinforce one another. Over time, they collapse into a single condition: a regulatory vacuum, a structural space in which the State retains formal authority but loses the practical capability to exercise it.

A void of this kind is not an absence of order. It is an absence of public order. The global economy cannot function without risk assessment, standard-setting, assurance, and coordination. These are not optional features of complex systems; they are the infrastructure that makes complexity governable. When public authorities can no longer supply these public goods, the system does not stall. It reconfigures.

And in that reconfiguration, authority flows to the actors who possess what the State has lost: operational visibility into the behaviour of frontier AI systems. The void is not filled by insurgent bodies or novel political formations. It is filled by familiar intermediaries — consultancies, auditors, major law firms, and professional services networks — whose proximity to AI systems gives them the vantage point required to interpret, evaluate, and constrain behaviour in practice. (If platforms perform governance functions of their own, such as content moderation or safety gating, those functions operate in parallel rather than as substitutes for the State’s regulatory role.)

These actors do not overthrow the State; they inherit the functions the State can no longer fulfil. They become the de facto interpreters of risk, the authors of compliance norms, the coordinators of cross-organisational behaviour. They supply the translation capacity that public authority now requires but can no longer produce.

Here the inquiry turns. The question is no longer whether governments can steer AI — their capability is structurally constrained under the conditions established in this chapter. The question is who fills the gap, and what it means for public authority when the practical work of oversight migrates to private hands.

Where the State cannot see, others already do.

V. Who Does See — The Visibility Monopoly

The erosion of state sightlines does not create an empty space. It shifts observational power toward organisations capable of operating simultaneously across the technical, legal and financial domains of the global AI economy. Not shadow governments. Not autonomous AI agents. Professional services firms.

Global law firms, the Big Four accounting networks, and elite strategy consultancies now hold a level of cross-jurisdictional, cross-stack visibility that public authorities increasingly struggle to match. They operate where governments cannot: across borders, across platforms, across industries, and across time. Their vantage is not positional. It is embedded in the role they occupy within the global economy.

They observe dimensions of the AI economy that rarely converge inside any public institution. They see how code is architected, fine-tuned, deployed, and modified in production, and how data and model outputs move across legal regimes with incompatible assumptions. They see how firms reconcile simultaneous obligations under divergent regulatory systems, and how capital markets interpret and price risks that regulators are still learning to define.

This visibility is not a byproduct of their work. It is the work. These firms do not simply interpret rules. They convert rules into operational reality. They do not only advise on compliance. They construct the controls that organisations rely on. They function as a Translation Layer between formal legal regimes and the technical and organisational systems through which AI is deployed.

Their influence is not supervisory but infrastructural. These firms shape outcomes through the artefacts they produce: the templates that become default contractual forms, the crossjurisdictional mappings that harmonise divergent regulatory requirements, and the implementation playbooks that define what “compliance” means in practice. By standardising how obligations are interpreted and operationalised, they produce the operational definitions that most organisations follow — definitions that often travel farther and faster than the statutory requirements they were designed to implement.

Their position emerges from the system-level dynamics created by the Visibility Gap. When no single public body can observe the full system, the actors capable of seeing across its operational layers become the natural sites of coordination, interpretation, and implementation. They occupy the only vantage point from which fragmented legal requirements can be translated into coherent, executable systems — and in doing so, they become the practical governors of AI deployment.

Within these firms, practical knowledge about how AI oversight actually functions is accumulated, refined, and transmitted through the day-to-day work of audits, investigations, model evaluations, contract negotiations, and cross-border compliance builds. The Translation Layer is not merely where regulatory implementation is carried out; it is increasingly where the capability to govern AI is produced.

The Visibility Gap does not directly produce monopoly; it produces dependence. That dependence becomes a monopoly when it concentrates around actors whose position cannot be replicated or bypassed. A visibility monopoly, in the sense used throughout this manuscript, requires three structural conditions: privileged access to system-level observability that no public authority can replicate; non-substitutability, meaning that the operational knowledge accumulated through cross-stack, cross-jurisdictional practice cannot be reconstructed by alternative observers without equivalent institutional reach; and functional dependence, in which regulators, markets, and firms rely on these actors not merely for advice but for the interpretive and implementation capacity on which compliance itself rests.

Hyperscalers satisfy the first condition through exclusive visibility into their own models — internal states, inference traces, system-level behaviour, training data provenance, and failure modes that no external actor can independently access. The Translation Layer satisfies the second and third: its cross-jurisdictional vantage cannot be substituted by any single public institution, and its interpretive authority makes regulators dependent on the operational knowledge it produces. Together, hyperscaler visibility and Translation Layer visibility constitute a structural position historically occupied by the State — one that now determines the conditions under which behaviour, value, and agency become legible. This is the Visibility Monopoly.

A practical illustration emerged during the early implementation of the EU AI Act. When the regulation entered into force in 2024, it did not self-execute. Within weeks, major accounting and advisory networks developed standardised risk-classification and conformity-assessment frameworks for multinational clients. By the time detailed regulatory guidance emerged months later, many firms were already operating under internally engineered compliance tools derived from these templates. The law was written in Brussels; the operational meaning was written in audit workpapers.¹⁰

Because visibility determines oversight, these firms increasingly shape how regulatory categories are interpreted, how obligations are implemented inside real workflows, how risk is recorded, and how responsibility is assigned. They serve as the interpreters of the AI era — turning the behaviour of frontier models into the concrete classifications that law, finance, and organisational decision-making require.

This arrangement is not temporary. It is a defining feature of the AI era.

VI. The Road Ahead — What the Visibility Monopoly Makes Possible

The Visibility Gap explains why traditional approaches to AI regulation struggle to keep pace with innovation. But diagnosis alone is insufficient. The more consequential question is what this new institutional condition makes possible — and for whom.

The actors capable of observing how AI actually functions across the global economy will consistently acquire influence over how it is managed in practice. For much of the world — outside the G3 — many countries remain stack-dependent: financial centres, regulatory hubs, and the professional networks that intermediate global commerce.

As the U.S. and China consolidate increasingly distinct AI ecosystems, the rest of the world requires connectors and translators. The global economy cannot function as two sealed spheres. This shift elevates the importance of the actors who operate between rule and execution. Part IV scrutinises this space directly — the gap between legal pronouncements and operational reality.

If sight is the precondition of authority, execution is its instrument. And those instruments have moved. The road ahead is defined by this migration. In the AI era, authority no longer resides solely where rules are drafted; increasingly, it resides where those rules are made workable. Understanding this shift — and the forms of power it creates — is essential to understanding how the AI economy will move forward.