{"id":"https://openalex.org/W7161704610","doi":"https://doi.org/10.48550/arxiv.2605.16281","title":"From Reactive to Proactive: A Multi-Regulatory Empirical Analysis of 480 AI Incidents and a Data-Driven Governance Compliance Framework","display_name":"From Reactive to Proactive: A Multi-Regulatory Empirical Analysis of 480 AI Incidents and a Data-Driven Governance Compliance Framework","publication_year":2026,"publication_date":"2026-04-10","ids":{"openalex":"https://openalex.org/W7161704610","doi":"https://doi.org/10.48550/arxiv.2605.16281"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2605.16281","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2605.16281","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Preprint"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2605.16281","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5093264792","display_name":"Ummara Mumtaz","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Mumtaz, Ummara","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5034963323","display_name":"Summaya Mumtaz","orcid":"https://orcid.org/0000-0002-7594-3076"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Mumtaz, Summaya","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":0,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10883","display_name":"Ethics and Social Impacts of AI","score":0.8881999850273132,"subfield":{"id":"https://openalex.org/subfields/3311","display_name":"Safety Research"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10883","display_name":"Ethics and Social Impacts of AI","score":0.8881999850273132,"subfield":{"id":"https://openalex.org/subfields/3311","display_name":"Safety Research"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11636","display_name":"Artificial Intelligence in Healthcare and Education","score":0.032099999487400055,"subfield":{"id":"https://openalex.org/subfields/2718","display_name":"Health Informatics"},"field":{"id":"https://openalex.org/fields/27","display_name":"Medicine"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}},{"id":"https://openalex.org/T12026","display_name":"Explainable Artificial Intelligence (XAI)","score":0.008299999870359898,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/corporate-governance","display_name":"Corporate governance","score":0.8410999774932861},{"id":"https://openalex.org/keywords/accountability","display_name":"Accountability","score":0.7142000198364258},{"id":"https://openalex.org/keywords/compliance","display_name":"Compliance (psychology)","score":0.573199987411499},{"id":"https://openalex.org/keywords/proxy","display_name":"Proxy (statistics)","score":0.5357999801635742},{"id":"https://openalex.org/keywords/information-governance","display_name":"Information governance","score":0.4970000088214874},{"id":"https://openalex.org/keywords/checklist","display_name":"Checklist","score":0.462799996137619},{"id":"https://openalex.org/keywords/empirical-research","display_name":"Empirical research","score":0.4334999918937683},{"id":"https://openalex.org/keywords/risk-governance","display_name":"Risk governance","score":0.43050000071525574}],"concepts":[{"id":"https://openalex.org/C39389867","wikidata":"https://www.wikidata.org/wiki/Q380767","display_name":"Corporate governance","level":2,"score":0.8410999774932861},{"id":"https://openalex.org/C2776007630","wikidata":"https://www.wikidata.org/wiki/Q2798912","display_name":"Accountability","level":2,"score":0.7142000198364258},{"id":"https://openalex.org/C2781460075","wikidata":"https://www.wikidata.org/wiki/Q1399332","display_name":"Compliance (psychology)","level":2,"score":0.573199987411499},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.5497000217437744},{"id":"https://openalex.org/C2780148112","wikidata":"https://www.wikidata.org/wiki/Q1432581","display_name":"Proxy (statistics)","level":2,"score":0.5357999801635742},{"id":"https://openalex.org/C189922023","wikidata":"https://www.wikidata.org/wiki/Q17056348","display_name":"Information governance","level":4,"score":0.4970000088214874},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.4950999915599823},{"id":"https://openalex.org/C2779356329","wikidata":"https://www.wikidata.org/wiki/Q922625","display_name":"Checklist","level":2,"score":0.462799996137619},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.43799999356269836},{"id":"https://openalex.org/C120936955","wikidata":"https://www.wikidata.org/wiki/Q2155640","display_name":"Empirical research","level":2,"score":0.4334999918937683},{"id":"https://openalex.org/C2778221768","wikidata":"https://www.wikidata.org/wiki/Q8964474","display_name":"Risk governance","level":3,"score":0.43050000071525574},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.4293000102043152},{"id":"https://openalex.org/C140423589","wikidata":"https://www.wikidata.org/wiki/Q7249406","display_name":"Project governance","level":3,"score":0.39469999074935913},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.3885999917984009},{"id":"https://openalex.org/C166052673","wikidata":"https://www.wikidata.org/wiki/Q83021","display_name":"Empirical evidence","level":2,"score":0.35269999504089355},{"id":"https://openalex.org/C111219384","wikidata":"https://www.wikidata.org/wiki/Q6954384","display_name":"NIST","level":2,"score":0.3434000015258789},{"id":"https://openalex.org/C2780526558","wikidata":"https://www.wikidata.org/wiki/Q1345314","display_name":"Good governance","level":3,"score":0.3215999901294708},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.31040000915527344},{"id":"https://openalex.org/C184356942","wikidata":"https://www.wikidata.org/wiki/Q830382","display_name":"Best practice","level":2,"score":0.2944999933242798},{"id":"https://openalex.org/C189261614","wikidata":"https://www.wikidata.org/wiki/Q1459305","display_name":"Multi-level governance","level":3,"score":0.29030001163482666},{"id":"https://openalex.org/C5911748","wikidata":"https://www.wikidata.org/wiki/Q4072285","display_name":"Conformity assessment","level":2,"score":0.2720000147819519},{"id":"https://openalex.org/C63882131","wikidata":"https://www.wikidata.org/wiki/Q17122954","display_name":"Strengths and weaknesses","level":2,"score":0.2614000141620636},{"id":"https://openalex.org/C12174686","wikidata":"https://www.wikidata.org/wiki/Q1058438","display_name":"Risk assessment","level":2,"score":0.2612999975681305}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2605.16281","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2605.16281","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"Preprint"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2605.16281","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2605.16281","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Preprint"},"sustainable_development_goals":[{"display_name":"Decent work and economic growth","id":"https://metadata.un.org/sdg/8","score":0.5006422400474548}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Artificial":[0],"intelligence":[1],"systems":[2],"are":[3],"increasingly":[4],"deployed":[5],"in":[6,50,93],"high-stakes":[7],"domains,":[8],"yet":[9],"it":[10,27],"remains":[11],"unclear":[12],"whether":[13],"existing":[14],"governance":[15,53,85,118,131,155],"frameworks":[16],"ensure":[17],"accountability":[18],"after":[19],"deployment.":[20],"This":[21],"study":[22,102],"makes":[23],"two":[24],"contributions.":[25],"First,":[26],"presents":[28],"a":[29,111,142,151],"cross-regulatory":[30],"empirical":[31],"analysis":[32,145],"of":[33],"480":[34],"real-world":[35],"AI":[36,40,57,63,106],"incidents":[37],"from":[38,119],"the":[39,55,61,72,101,104],"Incident":[41],"Database":[42],"(AIID),":[43],"evaluating":[44],"their":[45],"alignment":[46],"with":[47],"post-deployment":[48,94],"provisions":[49],"three":[51],"major":[52],"frameworks:":[54],"EU":[56],"Act":[58],"(Articles":[59],"72-73),":[60],"NIST":[62],"Risk":[64],"Management":[65],"Framework":[66,109],"(MANAGE":[67],"and":[68,71,141],"GOVERN":[69],"functions),":[70],"General":[73],"Data":[74],"Protection":[75],"Regulation":[76],"(GDPR":[77],"Articles":[78],"22,":[79],"33-35).":[80],"The":[81,127],"results":[82],"reveal":[83],"substantial":[84],"gaps":[86],"across":[87],"these":[88,99],"frameworks,":[89],"indicating":[90],"persistent":[91],"weaknesses":[92],"accountability.":[95],"Second,":[96],"based":[97],"on":[98],"findings,":[100],"proposes":[103],"Proactive":[105],"Governance":[107],"Compliance":[108],"(PAGCF),":[110],"four-phase":[112],"lifecycle":[113],"methodology":[114],"designed":[115],"to":[116,137],"shift":[117],"reactive":[120],"incident":[121],"response":[122],"toward":[123],"pre-deployment":[124],"compliance":[125],"assurance.":[126],"framework":[128],"includes":[129],"risk-stratified":[130],"tiers,":[132],"an":[133],"implementation":[134],"checklist":[135],"linked":[136],"specific":[138],"regulatory":[139],"provisions,":[140],"projected":[143],"impact":[144],"that":[146],"uses":[147],"internal":[148],"monitoring":[149],"as":[150],"proxy":[152],"for":[153],"proactive":[154],"capacity.":[156]},"counts_by_year":[],"updated_date":"2026-07-01T06:00:48.157686","created_date":"2026-05-20T00:00:00"}
