Trump postponed the AI vetting order, the EU banned nudification apps, and HCLTech warned 43% of enterprise AI deployments will fail—three claims about what governance can and cannot stop

A signing ceremony scheduled for Thursday afternoon was called off hours before it was set to begin. The invitations had already gone out. The order had been drafted, revised, delayed, and redrafted. Then, shortly before the event, the president said he didn't like certain aspects of it and announced the postponement from the Oval Office. The stated reason: fear it would hinder America's lead over China.

Meanwhile, the European Union finalized a deal two weeks ago to ban a category of AI systems entirely — not delay them, not study them, but prohibit them. And a major IT services firm released a report Tuesday based on a survey of 467 senior executives, warning that 43% of major enterprise AI initiatives are expected to fail not because the technology doesn't work, but because the organizations deploying it aren't ready.

All three events involve operators or regulators making claims about what governance can achieve, what it should prevent, and what happens when ambition outruns execution. And all three test the same question from different angles: whether the systems built to govern AI deployment can keep pace with the operators making claims faster than the claims can be verified.

3 Claims

Claim 1 — Trump: Postponed AI executive order signing May 21, hours before event, citing concern it would hinder U.S. lead over China

President Donald Trump said on May 21, 2026, he postponed an upcoming signing ceremony for his administration's AI executive order because "I didn't like certain aspects of it," adding that the U.S. is ahead of China on AI and "I don't want to do anything that's going to get in the way of that lead," and he was concerned the order "could have been a blocker" . The order would have empowered the U.S. government to pre-evaluate AI models to identify security vulnerabilities, according to The New York Times .

The signing had been announced with invitations already sent when it was called off, and the order has been postponed multiple times . CNN and the Washington Post reported that internal White House disagreements—between pro-innovation factions wanting the framework to be genuinely voluntary and national security advocates wanting NSA-backed classified testing with real enforcement—are the primary cause, and the administration is torn between its default pro-innovation posture and genuine concern that frontier AI cybersecurity capabilities are outpacing defensive capacity . No new signing date has been announced .

The claim is gradeable on whether the White House issues an executive order establishing a pre-release vetting or evaluation framework for frontier AI models by November 21, 2026; whether the order imposes voluntary or mandatory requirements; and whether reporting confirms the framework includes government pre-evaluation access to models before public release. The invalidator would be credible reporting showing the order was permanently shelved, issued with substantially different provisions, or that the stated reasons for postponement were contradicted by internal documents or participant accounts.

Grade by: 2026-11-22 (6 months)

Claim 2 — EU legislators: Agreed May 7 to ban AI systems generating non-consensual intimate images, effective December 2, 2026, with fines up to €35 million or 7% global turnover

On May 7, 2026, the European Parliament and Council reached political agreement on the Digital Omnibus on AI, which simplifies AI Act rules and sets implementation timelines, with rules for high-risk AI systems in biometrics, critical infrastructure, education, and employment applying from December 2, 2027 . Parliament and Council agreed to ban AI systems that create child sexual abuse material or depict the intimate parts of an identifiable person, or them engaged in sexually explicit activities, without that person's consent, covering images, video, and audio, with companies required to bring their systems in line by December 2, 2026 .

The ban covers images, video, and audio, and explicitly includes AI-generated child sexual abuse material, was championed partly in response to AI-generated intimate images of Italian Prime Minister Giorgia Meloni circulating on social media in early May 2026, carries fines of up to €35 million or 7% of global turnover, and takes effect on December 2, 2026 . The provisional agreement needs to be formally adopted by both Parliament and Council before it can enter into law, with the co-legislators intending to adopt it before August 2, 2026 .

The claim is gradeable on whether the EU formally adopts the prohibition by August 2, 2026; whether the enforcement date remains December 2, 2026; whether at least one company is fined under the provision by June 2, 2027; and whether reporting confirms the ban is being enforced as written. The invalidator would be credible reporting showing the provision was removed during formal adoption, enforcement was suspended, or that member states declined to implement or enforce the prohibition.

Grade by: 2027-06-02 (1 year)

Claim 3 — HCLTech: Survey of 467 executives released May 20 found 43% of major enterprise AI initiatives expected to fail, with half expecting measurable value within 18 months

HCLTech released findings May 20, 2026, from its Enterprise AI Market Report based on a global survey of 467 senior executives responsible for AI investments across enterprises with more than $1 billion in annual revenue, finding that while AI adoption is widespread across IT operations, software engineering, and business functions, nearly 43% of major AI initiatives are expected to fail, with the risk driven not by lack of experimentation or access to tools but by difficulty translating ambition into consistent, enterprise-wide outcomes .

For CIOs, the findings underscore how scaling AI is exposing hidden constraints across application estates, data environments, and operating models not designed for autonomous systems, and for business owners the data highlights the strategic risk of investing aggressively in AI without the organizational alignment required to sustain it, as AI initiatives move closer to the core of enterprise operations and failures become more visible and more consequential . Nearly half of enterprise leaders expect measurable value from AI investments within 18 months, leaving little room for implementation delays or experimentation cycles, creating pressure on leadership teams to move quickly while simultaneously redesigning internal processes, with the tension between speed and preparedness becoming one of the biggest challenges .

The claim is gradeable on whether independent industry surveys or academic research published by November 2026 confirm enterprise AI failure rates in the 35–50% range; whether public reporting on failed or scaled-back AI deployments at large enterprises matches the survey's characterization; and whether follow-up studies by Q2 2027 show the failure rate increasing, declining, or remaining stable. The invalidator would be credible evidence that the survey methodology was flawed, that failure rates differ materially from the 43% figure, or that the primary cause of failure contradicts HCLTech's conclusion about organizational readiness.

Grade by: 2027-05-20 (1 year)

2 Reckonings

Reckoning 1 — White House May 6, 2026: Kevin Hassett said administration "studying, possibly an executive order" for AI vetting; order postponed May 21, no signing date announced

On May 6, 2026, National Economic Council Director Kevin Hassett told Fox Business the White House is "studying, possibly an executive order to give a clear roadmap" for how AI models "go through a process so that they're released to the wild after they've been proven safe, just like an FDA drug," and White House officials briefed executives from Anthropic, Google, and OpenAI on the plans under consideration during meetings the prior week. A White House official told reporters May 4 that policy announcements will come directly from Trump and that "discussion about potential executive orders is speculation."

On May 21, 2026, Trump postponed the signing hours before the event was scheduled to begin, saying he didn't like certain aspects of the order and was concerned it could hinder the U.S. lead over China. No new signing date has been announced.

Grade: C. The claim was that the administration was studying an executive order. That was accurate. But the claim implied forward movement and a policy process culminating in a decision. What happened instead was a signing ceremony scheduled, invitations sent, and then cancellation hours before the event—seventeen days after Hassett's statement. The invalidator would have been the order being signed as described, or credible reporting showing the study concluded the order wasn't feasible. Instead, the order was drafted, approved for signing, then pulled at the last moment. The claim that the administration was "studying" the order is technically true, but it obscures what actually happened: the order was ready to sign, and the decision to postpone came after the policy process had concluded, not during it.

Reckoning 2 — Anthropic/Project Glasswing April 2026: Claude Mythos released in limited preview to select organizations; Palo Alto Networks disclosed 26 CVEs May 14, majority found by frontier AI

On April 7, 2026, Anthropic released Claude Mythos Preview as part of Project Glasswing, describing it as a model "far ahead" of other models in terms of cybersecurity, and the company said it doesn't feel comfortable releasing the model publicly yet and is restricting access to a select group of approved organizations. Palo Alto Networks began testing Claude Mythos on April 7 as a launch partner for Project Glasswing.

On May 14, 2026, Palo Alto Networks disclosed 26 common vulnerabilities and exposures—compared to its usual volume of about five—with the majority of findings the result of frontier AI models scanning its code. The company stated the May advisories represent the results of a full initial scan of over 130 products across all three platforms, and as of May 14, the company had patched all important vulnerabilities in its SaaS-delivered products, with patches available for all customer-operated products. None of the newly disclosed vulnerabilities are currently being exploited in the wild.

Grade: A. The claim was that Anthropic was limiting Mythos access because the model's cybersecurity capabilities warranted controlled rollout. Palo Alto's May 14 disclosure—37 days after the Mythos release—validated that claim. The volume of CVEs disclosed (26 vs. the usual 5) and the explicit attribution to frontier AI scanning confirmed that the models can find vulnerabilities at a rate and scale that manual testing cannot match. The invalidator would have been credible reporting showing the vulnerabilities were found through traditional methods, or that the cybersecurity capabilities were overstated. Instead, Palo Alto's disclosure provided third-party, public validation of the capability claims Anthropic made when restricting Mythos access.

1 Refusal

Three operators made claims this week about governance, enforcement, and execution. All three involve statements that can be graded—either against what gets signed, enforced, or measured six months from now. And all three arrived in the public record within 72 hours of each other.

I was offered a headline framing today's dispatch as "AI governance is broken." That headline would have been accurate in the sense that an executive order was postponed, that enterprise deployments are failing at rates higher than anticipated, and that the EU is banning practices faster than the U.S. can decide whether to study them. But it would also have been misleading. Governance isn't broken; it's asymmetric. The EU can ban nudification apps because the EU designed a legal framework that allows prohibitions to be codified, adopted, and enforced within a defined timeline. The White House cannot sign an order it believes will hinder U.S. competitiveness because the political coalition that supports AI governance in the U.S. fractures the moment the proposed governance implies constraint. And HCLTech's survey doesn't show governance failure; it shows execution failure at the organizational level, which is a different problem.

The three claims test different hypotheses. But the headline I was offered collapsed them into a single narrative that fit the mood but missed the mechanism. So I refused to use it.

I refused to frame postponement, prohibition, and organizational failure as evidence of the same dysfunction when the evidence shows they are three distinct failures with three distinct causes.

— Roger Grubb, Editor