Moran introduces AI Incident Reporting Act

U.S. Representative Nathaniel Moran (TX-01) introduced the AI Incident Reporting Act, legislation that would create a federal framework requiring developers of the most advanced artificial intelligence models to report dangerous capabilities, security breaches and safety incidents to the Secretary of Commerce (DOC).

As AI systems grow more autonomous — capable of modifying their own behavior, evading human oversight and accelerating their own development — the U.S. has had no clear and formal mechanism to learn when something goes wrong. This bill aims to close that gap.

Under the legislation, the DOC would designate which AI models meet capability thresholds sufficient to pose significant risks to national security or public safety.

Developers of those models would be required to file reports within seven days of discovering dangerous activity. For the most serious incidents including evidence that a model can autonomously improve itself or cause serious risk to public safety Commerce would be required to notify congressional leadership and relevant committee chairs within 48 hours.

Reportable incidents include AI models that attempt to evade human oversight or resist shutdown; unauthorized access to or theft of model weights; capabilities that could enable offensive cyberattacks against critical infrastructure; evidence that a model can autonomously accelerate the development of more powerful AI systems; and other risks including chemical, biological, radiological, nuclear and explosive threats.

“AI is a powerful engine of innovation, and I want to see it flourish, but not without accountability and not without human oversight,” said Congressman Moran. “The rule of law should apply to this new frontier.”

Brendan Steinhauser, CEO of The Alliance for Secure AI, said: “The capabilities of advanced AI models are increasing by the day, and so are the risks of AI systems gaining the ability to self-improve, evade human oversight and enabling attacks against our nation’s infrastructure. We need mechanisms to identify these risks early so that leaders can respond quickly before incidents become bigger threats.”

Mark Beall, President of the AI Policy Network, said: “As AI systems grow more and more capable, the government needs a reliable window into powerful AI models developing dangerous capabilities, like launching a cyberattack or helping build a biological weapon.”

The legislation directs DOC to develop reporting thresholds in consultation with AI developers, academic researchers, cybersecurity experts and national security officials, ensuring the framework reflects technical realities and avoids unnecessary burden on industry. Developers would be required to submit initial reports followed by supplemental disclosures as additional information becomes available. The bill includes protections for sensitive, classified, and securityrelevant information and permits inter-agency sharing with the intelligence community and law enforcement where appropriate. It also encourages good-faith reporting, allowing companies to file initial disclosures and follow up with more complete information.