Before 1 January 2029, will either the U.S. or UK enact a law granting tax incentives to companies that pass an independent security audit for their AI models?
Started
Sep 19, 2025 04:00PM UTC
Closing Jan 01, 2029 05:00AM UTC
Closing Jan 01, 2029 05:00AM UTC
Topics
Seasons
Governments in both the U.S. and UK are increasingly exploring policy mechanisms to incentivize stronger AI security practices among technology companies. The UK published its voluntary Code of Practice for the Cyber Security of AI in January 2025, which recommends independent security testing and audit trails for AI systems, with the code set to form the basis of a new global standard through the European Telecommunications Standards Institute (Gov.uk). Additionally, the UK government developed a roadmap for trusted third-party AI assurance services after an AI assurance market analysis revealed that third-party assurance providers face significant barriers, including access to information and skills shortages (Gov.uk).
In the U.S., congressional discussions have highlighted cybersecurity tax credits as a potential tool to encourage secure-by-design principles, with lawmakers like Rep. Michael Guest expressing support for tax incentives for businesses that harden their cybersecurity (Nextgov). However, no AI-specific security audit tax incentive legislation has advanced beyond proposal stages.
Both countries have strengthened collaboration on AI security guidelines through initiatives like the joint CISA-NCSC secure development guidance, but the transition from voluntary frameworks to mandatory requirements tied to financial incentives would still require legislative action in both countries.
Resolution Criteria:
This question will resolve “Yes” if, before 1 January 2029, the U.S. or UK enacts a law that explicitly grants tax incentives to companies conditional upon passing an independent security audit for their AI models.
In order to qualify for resolution, the law must:
- Be formally enacted or signed into law
- Explicitly link tax incentives to AI model security audits
- Specify that audits must be independent (i.e., conducted by third parties)
- Apply to any of a company's AI models
General cybersecurity tax incentives or AI development incentives without specific security audit requirements will not be sufficient for resolution.