Anthropic Unveils RSP Version 3 with Major AI Safety Overhaul

Anthropic has released the third iteration of its Responsible Scaling Policy, marking a significant restructuring of how the AI company approaches catastrophic risk mitigation after two and a half years of real-world implementation.

The update, published February 24, 2026, introduces three major changes: a clear separation between what Anthropic can achieve alone versus what requires industry-wide action, a new Frontier Safety Roadmap with public accountability metrics, and mandatory external review of Risk Reports under certain conditions.

What Actually Changed

The most notable shift? Anthropic is now openly admitting that some safety measures simply cannot be implemented by a single company. The previous RSP’s higher-tier safeguards (ASL-4 and beyond) were left intentionally vague—turns out that wasn’t just caution, it was because achieving them unilaterally may be impossible.

A RAND report cited by Anthropic states that “SL5” security standards aimed at stopping top-tier cyber threats are “currently not possible” and “will likely require assistance from the national security community.”

Rather than water down these requirements to make compliance easy, Anthropic chose to restructure entirely. The new RSP now explicitly maps out two tracks: commitments the company will meet regardless of external factors, and recommendations it believes the entire AI industry needs to adopt.

The Honest Assessment

Anthropic’s post-mortem on RSP versions 1 and 2 is refreshingly candid. What worked: the policy forced internal teams to treat safety as a launch requirement, and competitors like OpenAI and Google DeepMind adopted similar frameworks within months. ASL-3 safeguards were successfully activated in May 2025.

What didn’t work: capability thresholds proved far more ambiguous than anticipated. Biological risk assessment provides a telling example—models now pass most quick tests, making it hard to argue risks are low, but results aren’t definitive enough to prove risks are high either. By the time wet-lab trials complete, more powerful models have already shipped.

The political environment hasn’t helped. Federal safety-oriented discussions have stalled as policy focus shifted toward AI competitiveness and economic growth.

New Accountability Mechanisms

The Frontier Safety Roadmap introduces specific, publicly-graded goals including “moonshot R&D” projects for information security, automated red-teaming systems that exceed current bug bounty contributions, and comprehensive records of all critical AI development activities—analyzed by AI for insider threats.

Risk Reports will publish every 3-6 months, explaining how capabilities, threat models, and mitigations fit together. External reviewers with “unredacted or minimally-redacted access” will publicly critique Anthropic’s reasoning.

The company is already running pilots despite current models not yet triggering the external review requirement.

Industry Implications

This restructuring arrives as AI governance frameworks face increasing scrutiny. California’s SB 53, New York’s RAISE Act, and the EU AI Act’s Codes of Practice have all begun requiring frontier developers to publish catastrophic risk frameworks—requirements Anthropic addresses through its existing Frontier Compliance Framework.

Whether competitors follow Anthropic’s lead on separating unilateral commitments from industry recommendations remains to be seen. The approach essentially acknowledges that voluntary self-regulation has limits, while positioning the company to advocate for coordinated government action without appearing to demand rules it can’t follow itself.

For the broader AI sector, Anthropic’s transparent acknowledgment of what single companies cannot achieve alone may prove more influential than the technical policy details themselves.

Image source: Shutterstock