고성능 인공지능의 능력위험 규율 -자율규제의 현황과 시사점-

The advancement of AI technology has introduced capability risks that are qualitatively different from contextual risks. Capability risks are risks arising from AI capabilities themselves, characterized by unique features such as context independence, capability attribution, uncertainty, and irreversibility. This study analyzes current self-regulatory practices among major AI companies to derive policy implications for a desirable regulatory framework for capability risks. The companies’ approaches exhibit many commonalities and a convergent tendency. All companies have established separate frameworks for capability risk management and generally adopted elements such as data-centric frameworks, multi-layered governance, ethical approaches, prevention, agility, and adaptability. However, considerable diversity was observed in the detailed aspects of implementation, including risk definition, assessment methods, mitigation measures, and governance structures. While self-regulation offers advantages of flexibility, effectiveness, and efficiency, it also has limitations, including weak enforceability and concerns about a race to the bottom in safety. The insights gained from the analysis of self-regulation cases can be applied in designing nationwide regulatory frameworks. These include:establishing an independent regulatory system for capability risk; adopting risk identification, assessment, and mitigation methods that align with the characteristics of capability risks; establishing governance systems centered on information sharing and communication; forming multi-layered regulatory systems where legal and non-legal norms complement each other; and supporting AI safety research and international cooperation.