AI governance isn't failing because we lack regulation-it's failing at execution

There's a lot of movement around AI regulation right now (EU AI Act, US frameworks, etc.), but in practice many of these governance models don’t survive contact with real, agentic systems.

A recent paper I was involved in looks at why compliance frameworks tend to break at the operational layer - things like:

- human oversight that works on paper but collapses in real workflows - enforcement gaps across jurisdictions - fragmented compliance creating systemic risk rather than safety

The goal wasn't to rehash regulations, but to analyze where governance actually fails once AI systems are deployed and interacting autonomously.

Paper + more context in the comments. Happy to discuss or get critical feedback.