OpenAI published a policy framework on July 15 arguing that state-level AI safety laws in California, New York, and Illinois are converging into a de facto national standard. The company calls this process “reverse federalism,” where states align on core requirements before the federal government codifies a unified regime.

The piece, authored by Chief Global Affairs Officer Chris Lehane, marks a strategic shift. OpenAI is no longer waiting for Congress to act. It is actively shaping the state-level regulatory baseline, then using that convergence to push for a federal framework that mirrors it.

Three states have now passed laws that share a common skeleton. California established a disclosure framework for frontier model risk assessments. New York adopted a similar approach, showing the model could cross state lines. Illinois added a requirement for independent verification of those disclosures. Each law includes three core elements: a documented safety framework with public risk assessments, mandatory reporting of serious safety incidents, and governance through independent, objective audits.

OpenAI is explicit about what it wants states to avoid. “States should not be asked to manage significant national security risks,” Lehane writes. “Or conduct highly technical reviews that are better handled by federal experts.” The company is drawing a jurisdictional line. States handle transparency and incident reporting. The federal government handles national security testing and technical evaluation.

The federal piece is moving in parallel. Lehane notes that the Trump Administration is working with technical and national security experts on a framework for US government testing of the most capable AI models on cyber. That framework will establish testing standards, timelines, and processes. OpenAI says it expects the framework in place by early August.

The company is careful to frame this as a democratic project. “The best way to ensure AI benefits the many, not just the few, is for critical decisions to be made by democratic governments, not solely by frontier labs,” Lehane writes. That sentence is the ideological core of the piece. OpenAI is arguing that safety governance should be public, not private. The company is volunteering for oversight, not resisting it.

Congress is also moving. Lehane name-checks Reps. Jay Obernolte and Lori Trahan, who have put forward proposals for a federal framework. The company calls those proposals “a productive step forward” and says many of their provisions are “thoughtful and worthy of support.” OpenAI is careful not to endorse any single bill, but the signal is clear: the company wants a federal law that incorporates the state-level consensus.

The global dimension matters too. Lehane references a G7 meeting where OpenAI CEO Sam Altman proposed a US-led international forum for AI standards. Google DeepMind CEO Demis Hassabis published a paper this week advancing similar ideas. The company is building a ladder from state laws to federal law to international standards.

What is genuinely new here is not the content of the safety framework. Risk assessments, incident reporting, and independent audits have been standard proposals for years. What is new is the political strategy. OpenAI is using state-level legislation as a forcing mechanism for federal action. It is betting that three large states creating a common standard will make a patchwork of disparate state laws politically untenable, forcing Congress to harmonize.

The strategy has risks. Reverse federalism only works if states continue to align. If California, New York, and Illinois diverge in future sessions, the convergence breaks. If other states pass laws with materially different requirements, the patchwork OpenAI warns against becomes reality. The company is essentially trying to herd cats across 50 state legislatures.

There is also a tension in the piece that OpenAI does not fully resolve. The company wants states to establish a common baseline but also wants states to defer to federal experts on technical reviews and national security. That division of labor makes sense in theory. In practice, state legislators may not agree that their role is limited to transparency and incident reporting. National security is a powerful political motivator. States may want a piece of that authority.

The most concrete takeaway for AI builders is this: the regulatory floor is being set at the state level, and it is being set now. Companies developing frontier models should expect to comply with risk assessment disclosure requirements, incident reporting obligations, and independent audit mandates in any state that matters for their operations. The federal framework, when it arrives, will likely layer additional testing requirements on top of that baseline.

OpenAI is betting that a coherent national standard is better for safety than a chaotic state-by-state regime. It is also betting that democratic governance of AI is better than private governance by frontier labs. Those are defensible positions. But they depend on states continuing to converge, on Congress actually passing a law, and on the international community accepting a US-led framework. None of those outcomes is guaranteed.