Saved in:
Bibliographic Details
Main Authors: Gomez, Francesca, Ball, Matthew, Harre, Michael, Preston, Lydia, Schwab, Josephine, Machado, Caio
Format: Preprint
Published: 2026
Subjects:
Online Access:https://arxiv.org/abs/2604.23183
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866913146005880832
author Gomez, Francesca
Ball, Matthew
Harre, Michael
Preston, Lydia
Schwab, Josephine
Machado, Caio
author_facet Gomez, Francesca
Ball, Matthew
Harre, Michael
Preston, Lydia
Schwab, Josephine
Machado, Caio
contents AI incident reporting requirements are emerging in regulation and policy, yet no operational criteria exist for determining when a detected AI incident warrants escalation beyond national handling to international coordination. This paper proposes an escalation framework to address this gap, intended as a common reference point across jurisdictions that enables aligned escalation while preserving flexibility in how actors respond within their own legal and policy contexts. We review SB 53, the EU AI Act, the GPAI Code of Practice, and incident frameworks from other industries to derive eight criteria for assessing whether an incident warrants escalation, translated into a sequential flowchart with gated decision points and threshold checks. For each criterion, we map how it interplays with these regulatory frameworks, identifying where their design choices support or undermine effective detection. We test the framework against ten documented AI incidents and structured variants to identify where criteria under-detect or misclassify incidents in practice. We find three design patterns that may lead to systematic under-detection in regimes where model developers are responsible for escalation: a. where escalation requires confirmed harm, events such as model weight exfiltration risk detection only after severe, irreversible harm has propagated; b. where incidents are assessed individually, systemic harms emerging from accumulation risk being under-detected; and c. where thresholds align with legal instruments rather than quantitatively testable terms, criteria risk being impractical to apply under time pressure. We also find that escalation rules are only one component of a broader framework: the underlying definitions against which thresholds are set, and the data available to the responsible actor, create interdependencies that can themselves drive under-detection.
format Preprint
id arxiv_https___arxiv_org_abs_2604_23183
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle Designing escalation criteria for international AI incident response: criteria, triggers, and thresholds
Gomez, Francesca
Ball, Matthew
Harre, Michael
Preston, Lydia
Schwab, Josephine
Machado, Caio
Computers and Society
Artificial Intelligence
AI incident reporting requirements are emerging in regulation and policy, yet no operational criteria exist for determining when a detected AI incident warrants escalation beyond national handling to international coordination. This paper proposes an escalation framework to address this gap, intended as a common reference point across jurisdictions that enables aligned escalation while preserving flexibility in how actors respond within their own legal and policy contexts. We review SB 53, the EU AI Act, the GPAI Code of Practice, and incident frameworks from other industries to derive eight criteria for assessing whether an incident warrants escalation, translated into a sequential flowchart with gated decision points and threshold checks. For each criterion, we map how it interplays with these regulatory frameworks, identifying where their design choices support or undermine effective detection. We test the framework against ten documented AI incidents and structured variants to identify where criteria under-detect or misclassify incidents in practice. We find three design patterns that may lead to systematic under-detection in regimes where model developers are responsible for escalation: a. where escalation requires confirmed harm, events such as model weight exfiltration risk detection only after severe, irreversible harm has propagated; b. where incidents are assessed individually, systemic harms emerging from accumulation risk being under-detected; and c. where thresholds align with legal instruments rather than quantitatively testable terms, criteria risk being impractical to apply under time pressure. We also find that escalation rules are only one component of a broader framework: the underlying definitions against which thresholds are set, and the data available to the responsible actor, create interdependencies that can themselves drive under-detection.
title Designing escalation criteria for international AI incident response: criteria, triggers, and thresholds
topic Computers and Society
Artificial Intelligence
url https://arxiv.org/abs/2604.23183