Blog · Analysis · May 2026

The Standard Becomes the Law

AI governance will not arrive only as statutes, executive orders, court cases, or spectacular enforcement actions. Much of it will arrive as standards: the technical language that tells institutions what counts as risk management, human oversight, documentation, testing, logging, cybersecurity, quality management, and conformity.

The Quiet Layer

The public argument about AI law usually focuses on visible events: bans, fines, lawsuits, model launches, safety summits, agency inventories, and legislative deadlines. But a quieter layer is becoming just as important. Standards bodies, national standards organizations, technical committees, consultants, auditors, notified bodies, risk managers, and compliance teams are turning broad legal phrases into operational routines.

This is where the abstractions become work. "Human oversight" has to become an interface, a staffing model, a record, a training requirement, an escalation path, and a testable control. "Transparency" has to become documentation that someone can read before buying, integrating, auditing, or contesting a system. "Cybersecurity" has to become threat modeling, access control, logging, prompt-injection resistance, supply-chain review, and incident response. "Risk management" has to become a repeatable process rather than a sentence in a policy deck.

The standard is not glamorous. It is a table, definition, procedure, evidence requirement, audit criterion, or conformity route. But in model-mediated institutions, that grammar matters. The people who define the evidence format often define the practical meaning of the law.

The Presumption Machine

The EU AI Act makes the standards layer unusually explicit. Article 40 says that high-risk AI systems, and some general-purpose AI models, that conform with harmonised standards referenced in the Official Journal of the European Union are presumed to conform with covered legal requirements. That is a powerful institutional mechanism. The statute remains the law, but the standard becomes the route by which many providers prove that they have met it.

The European Commission describes harmonised standards as a way to translate legal requirements into a common technical language. Its AI Act standardisation page lists ten areas requested from CEN and CENELEC: risk management, dataset governance and quality, record keeping, transparency, human oversight, accuracy, robustness, cybersecurity, quality management, and conformity assessment. Once the standards are published and referenced, compliance with them can provide legal certainty, reduce compliance costs, and set market benchmarks.

That phrase, "presumption of conformity," deserves attention. It does not mean the standard is automatically wise, complete, democratic, or sufficient. It means that an organization following the referenced standard receives a privileged evidentiary position. The burden of governance shifts. A provider can say: we followed the recognized route. A regulator, buyer, court, journalist, worker, patient, student, or citizen then has to ask whether the recognized route was adequate for the real deployment.

This is one reason standards become political. They do not merely describe how to comply. They shape what compliance looks like.

What Gets Standardized

CEN-CENELEC Joint Technical Committee 21, established in 2021, is the main European committee developing AI standards in support of the AI Act. CEN-CENELEC says the committee brings together more than 300 experts from more than 20 countries and works through groups covering strategic, operational, engineering, foundational, societal, and cybersecurity aspects. Its listed work includes an AI trustworthiness framework, AI risk management, an AI quality management system, and AI conformity assessment, with additional work on datasets, bias, computer vision, cybersecurity, robustness, logging, and natural language processing.

The schedule pressure is real. In October 2025, CEN and CENELEC adopted temporary measures to accelerate AI standards work under Standardization Request M/593 and Amendment M/613, aiming to make key standards available by the fourth quarter of 2026. The measures included allowing direct publication after a positive enquiry vote in some cases and using a small drafting group to finish delayed drafts, while promising to preserve transparency, consensus, and stakeholder participation. The Commission's standardisation page says that on October 30, 2025, prEN 18286, a quality-management-system standard for EU AI Act regulatory purposes, became the first AI harmonised standard to enter public enquiry.

The content matters because AI law is full of terms that sound clear until they reach implementation. What is an adequate risk-management system for a model used in hiring, school admission, medical triage, welfare administration, biometrics, or critical infrastructure? What data-governance evidence is enough when training sets are assembled from vendors, historical records, synthetic examples, user data, or foundation-model outputs? How should bias be tested when categories differ by jurisdiction and social context? What record keeping preserves accountability without creating a new surveillance archive?

The standard does not simply answer technical questions. It decides what kind of questions become mandatory.

Conformity Assessment as Governance

Article 43 of the AI Act shows how standards connect to market access. For certain biometric high-risk systems, providers may choose internal control or notified-body assessment when demonstrating compliance through harmonised standards or common specifications. If standards do not exist, are not fully applied, are restricted, or common specifications are unavailable or unused, the route can require assessment by a notified body. For other Annex III high-risk systems, internal control remains the normal conformity-assessment route. Systems covered by existing EU product legislation follow the relevant conformity procedures with AI-specific requirements added.

This structure makes conformity assessment a governance interface. The question is no longer only whether a model performs well in a demo. The question is whether the provider has produced the right evidence, under the right procedure, before the system reaches the market or enters service. The assessment becomes a checkpoint where technical documentation, quality management, risk controls, testing, human oversight, and lifecycle monitoring are supposed to become inspectable.

Article 41 adds a fallback. If harmonised standards are unavailable, late, insufficient on fundamental-rights concerns, or not compliant with the standardisation request, the Commission can adopt common specifications through implementing acts. Systems that comply with those specifications can also receive a presumption of conformity for covered requirements. Providers who choose another technical solution must justify it.

That fallback matters because it exposes a basic tension. Standards are formally voluntary, industry-facing, and consensus-oriented. Law needs deadlines. If the standards layer cannot produce timely, adequate, rights-sensitive answers, the Commission can move toward common specifications. In practice, the threat of public specification sits behind the private standards process.

The Management-System Turn

AI governance is also moving from product claims into organizational management systems. ISO/IEC 42001:2023, published in December 2023, specifies requirements for establishing, implementing, maintaining, and continually improving an artificial-intelligence management system. ISO describes it as the world's first AI management system standard, aimed at organizations that provide or use AI-based products or services. It frames AI governance as policy, objectives, process, risk treatment, traceability, transparency, reliability, and continual improvement.

Article 17 of the AI Act points in the same direction for high-risk AI providers. It requires a documented quality management system that includes regulatory compliance strategy, design and development controls, testing and validation procedures, technical specifications, data management, risk management, post-market monitoring, serious-incident reporting, communication with authorities and notified bodies, record keeping, resource management, and accountability for management and staff.

This is less dramatic than a frontier-model debate, but it is more likely to decide ordinary deployment behavior. A hospital, bank, school district, employer, benefits agency, transport provider, or software vendor may not read AI philosophy. It will read procurement requirements, contract clauses, ISO certificates, risk registers, quality manuals, audit reports, and conformity templates. The management system becomes the machine-readable conscience of the organization.

The danger is that management-system language can become its own reality. A process can be complete without being just. A risk register can be full without affecting a deployment decision. A certified organization can still use a bad system in a vulnerable context. Procedural maturity is not the same as democratic legitimacy.

The Participation Problem

Standards are often presented as neutral technical consensus. They are better understood as negotiated infrastructure. The participants have different resources, incentives, and kinds of knowledge. Large vendors can send specialists to meetings, track drafts, map requirements to product roadmaps, and shape language that affects future compliance costs. Small firms, public agencies, worker organizations, disability advocates, civil-rights groups, educators, patients, migrants, tenants, and students may have less time, money, or access to influence the resulting grammar.

CEN-CENELEC acknowledges this issue by emphasizing broad participation, inclusiveness work, national standards bodies, and stakeholder engagement. NIST's AI Standards work in the United States also emphasizes broadening participation, federal coordination, international engagement, crosswalks with the AI Risk Management Framework, and a 2026 effort to evaluate the effectiveness and value of AI standards development.

Those are real attempts to widen the room. But participation is not only a mailing list or consultation window. The question is whether affected communities can change the substance: definitions, thresholds, evidence requirements, auditability, human-oversight expectations, data-rights treatment, accessibility, redress, and monitoring duties. The more a standard becomes a compliance safe route, the more its authorship matters.

Technical standards can embed public values. They can also launder institutional preference into neutral language.

What Standards Cannot Decide

A strong standard can make AI systems more governable. It can force documentation, lifecycle thinking, testing discipline, version control, incident reporting, responsible data practices, role assignment, oversight procedures, and clearer accountability. It can reduce the chaos of every company inventing its own compliance vocabulary. It can give regulators, auditors, buyers, and deployers something concrete to inspect.

But standards cannot decide every political question they touch.

They cannot decide whether a school should use automated proctoring at all. They cannot decide whether predictive policing should be considered legitimate simply because a risk-management process exists. They cannot decide whether a workplace should measure emotion, productivity, or attention through an AI system. They cannot decide whether a government agency should replace human assistance with chatbots. They cannot decide whether a model-mediated denial is acceptable because an appeal path exists somewhere in policy.

The standard can ask whether there is human oversight. It cannot guarantee that the human has time, authority, training, independence, and institutional permission to disagree with the machine. It can ask whether data quality was managed. It cannot by itself repair the social history encoded in the data. It can ask for post-market monitoring. It cannot ensure that complaints from affected people are believed, resourced, and allowed to change the system.

This is the trap of compliance realism. Because standards are practical, institutions may treat them as sufficient. But practicality is not innocence. It is where power becomes operational.

The Governance Standard

A serious AI-standards regime should meet a higher standard than "there is a document."

First, standards should preserve the difference between legal compliance and public legitimacy. A conformity route can show that an organization followed a recognized procedure. It should not be allowed to imply that the deployment was democratically chosen, socially necessary, or harmless.

Second, standards should define evidence, not only process. A provider should have to show test conditions, lifecycle assumptions, model versions, data-governance decisions, known limitations, incident handling, human-oversight capacity, and post-deployment monitoring, not only that a policy exists.

Third, standards should make human oversight operational. They should ask who can stop, override, escalate, audit, contest, and repair an AI-mediated decision, and under what institutional conditions.

Fourth, standards should treat affected people as evidence sources. Complaints, appeals, worker reports, patient reports, student reports, accessibility failures, civil-rights concerns, and community feedback should not sit outside technical monitoring.

Fifth, standards should require lifecycle memory. Model updates, retraining, prompt changes, vendor changes, data drift, incident history, and deployment-context changes should be visible to the governance process.

Sixth, standards should be reviewable by outsiders. Some details will be confidential, but the public needs enough access to know what standard is being used, what it covers, what it excludes, and which assumptions carry the most weight.

Seventh, standards should have a failure path. A standard that never leads to delay, refusal, redesign, withdrawal, or sanction is not governance. It is formatting.

The Site Reading

The standard is an interface between law and machine behavior.

That makes it a recurring object in the AI transition. The model becomes powerful, the institution seeks permission to use it, the law names obligations, and the standard translates those obligations into a form that procurement officers, engineers, auditors, managers, regulators, and lawyers can operate. The public may see only a service, score, denial, approval, recommendation, chatbot, or dashboard. Behind it sits a stack of definitions deciding what counted as enough care.

This is recursive reality in bureaucratic form. A standard describes the system; then the system is built to satisfy the standard; then the satisfied standard becomes evidence that the system is acceptable. If the standard is narrow, the reality it validates will be narrow. If the standard is honest about uncertainty, power, contestability, and social context, it can keep the machine attached to the world it acts upon.

The danger is not that standards are boring. The danger is that they are boring enough to escape cultural scrutiny while quietly deciding the practical shape of AI governance.

AI law will not govern itself. Neither will AI ethics, safety claims, or institutional mission statements. The standard is where those claims either become usable constraints or dissolve into compliance theater. The question is who writes it, what evidence it demands, whose harms it can hear, and whether following it ever changes what the machine is allowed to do.

Sources

Return to Blog