Contributing Authors
Summary
A 2026 Delphi study of 272 international AI experts found that 18 of 24 risk domains carry a 10%+ catastrophic probability under current conditions — exceeding "intolerable" thresholds in standard frameworks. Even with pragmatic mitigations, no domain drops below 5%. Enterprise governance programs must go beyond technical controls to address structural risks.
Key Takeaways:
- 18 of 24 AI risk domains breach "intolerable" risk thresholds today
- Dangerous capabilities and cyberattacks carry the highest catastrophic probability
- Mitigations reduce severity but structural risks persist above 10%
- Information, national security, and finance face the greatest sector exposure
- The accountability gap between developers and end users is a governance design challenge
Most AI risk frameworks give you categories. This one gives you probabilities.
A new paper published in June 2026, Prioritizing the Risks from Artificial Intelligence, reports findings from a three-round Delphi study conducted with 272 international AI experts in late 2025. Rather than cataloging AI risks in abstract terms, the study asked experts to assign concrete probability estimates to 24 risk domains, identify which sectors and actors are most vulnerable, and name who bears primary responsibility for doing something about it.
The findings have direct implications for how enterprise leaders build, prioritize, and resource their AI governance programs. The data isn’t a theoretical exercise — it’s the closest thing the field has to a calibrated expert consensus on where AI risk is actually concentrated.
Key takeaways:
- Under business-as-usual conditions, experts assigned at least a 10% probability of catastrophic outcomes to 18 of 24 AI risk domains by 2030
- Even with pragmatic mitigations in place, all 24 risk domains retained at least a 5% catastrophic probability
- General-purpose AI developers and governance actors were assigned primary responsibility for addressing AI risks — but AI users and the general public bear the greatest vulnerability
- Information, national security, and finance/insurance were rated as the most vulnerable sectors overall
The Study: A Delphi Approach to AI Risk
The Delphi method is designed for exactly this kind of problem: technical domains where empirical data is limited, the landscape is evolving rapidly, and genuine expert disagreement needs to be surfaced rather than papered over.
In each round of the study, experts rated 24 AI risk domains and provided qualitative rationales for their assessments. They then reviewed peers’ anonymized responses and had the opportunity to revise. This structure filters out status effects and conformity bias while preserving substantive disagreement where it exists.
The 24 risk domains cover the full landscape: from dangerous AI capabilities and weapons and cyberattacks, to discrimination, loss of privacy, overreliance, environmental harm, and power centralization. Experts rated each domain on harm probability and severity, sector and actor vulnerability, actor responsibility, and overall concern.
The result is not a ranking. It is a probabilistic map. A map that gives AI governance practitioners something they rarely have: quantified expert expectations about which risks matter most, to whom, and who should be doing something about it.
The Severity Findings: Most Risks Are Worse Than You Think
The headline finding is striking. Under a business-as-usual scenario, defined as organizations and governments continuing existing practices without implementing additional AI-specific risk mitigations, experts assessed a greater than 10% probability of catastrophic outcomes from 18 of 24 AI risk domains over the next five years.
“Catastrophic” is defined concretely: more than 1 million human deaths, more than $100 billion in financial loss, or civilization-scale intangible harms such as democratic collapse or authoritarian lock-in.
The five highest-severity risk domains, each with mean severity scores of 3.44–3.49 out of 5, were:
| Risk Domain | Catastrophic Probability (Business as Usual) |
| Dangerous capabilities | 21.5% |
| Weapons and cyberattacks | 21.0% |
| Power centralization | 18.0% |
| Competitive dynamics | 16.6% |
| False information | 12.8% |
Worth noting: competitive dynamics — the AI race itself — ranked alongside weapons and dangerous capabilities in severity. Experts characterized it as a structural collective-action problem: any individual developer that slows to invest in safety bears a direct competitive cost while the safety benefits accrue to the broader ecosystem. That dynamic doesn’t self-correct. It requires external governance mechanisms to resolve.
Under most standard risk governance frameworks, including ISO 31000 and the NIST AI RMF, a 10% probability of catastrophic harm over a five-year horizon is considered “intolerable.”. Eighteen of twenty-four AI risk domains cross that line under current conditions.
What Mitigations Actually Change
The study also asked experts to assess the same 24 domains under a “pragmatic mitigations” scenario (one where organizations and governments implement cost-effective, reasonable AI risk interventions).
The results are instructive, and sobering in equal measure.
Mitigations did reduce expected severity across all 24 domains. Mean severity scores fell by 0.36–0.53 points on the 1–5 scale. But the reductions were uneven, and five domains remained above 10% catastrophic probability even with pragmatic mitigations in place:
- Dangerous capabilities — 12% catastrophic probability
- Weapons and cyberattacks — 12%
- Environmental harm — 12%
- Inequality and unemployment — 11%
- Power centralization — 11%
All 24 domains retained at least a 5% catastrophic probability.
The persistence of these risks is telling. Experts attributed it largely to structural dynamics that technical safeguards can’t address: economies of scale in compute, self-reinforcing market advantages from model access, and feedback loops between commercial and political power.
The Sectors Most at Risk
Experts also assessed vulnerability across 14 industry sectors for each of the 24 risk domains. The results offer a useful lens for sector-specific AI risk prioritization.
Information and national security were rated as the most vulnerable sectors, with near-universal expert consensus on extreme vulnerability to their respective top risks. Information faces concentrated exposure to content-related harms (disinformation, influence operations, loss of privacy) while national security faces what one expert called “compound vulnerability”: both as a target for AI-enabled attacks and as a domain where AI failures could trigger cascading geopolitical consequences.
Finance and insurance followed closely, with high vulnerability to fraud and scams, AI security vulnerabilities, and AI system safety failures. Experts characterized this sector as facing both direct attack vectors and significant regulatory exposure from AI system failures.
Health care received high vulnerability ratings (median 4) specifically for loss of privacy, discrimination, and over-reliance, reflecting the immediate human costs of medical AI failures.
Sectors with lower AI penetration (ie accommodation and food services, agriculture and manufacturing, arts and entertainment) received lower overall ratings, though experts noted they remain exposed to broad socioeconomic effects including job displacement and discriminatory outputs.
For enterprise governance teams conducting sector-specific AI risk assessments, this data provides a research-backed basis for prioritizing which risk domains to evaluate first, rather than treating all 24 equally.
What This Means for Enterprise AI Governance Programs
The study’s findings don’t just describe the risk landscape, they have operational implications for how enterprise AI governance programs should be structured and resourced.
Risk prioritization can’t be flat. Not all AI risks are equally likely or equally consequential. The study provides a defensible, expert-backed basis for triaging which risk domains deserve intensive mitigation effort and which require monitoring rather than immediate action. Organizations running risk assessments against ISO/IEC 42001, the NIST AI RMF, or emerging regulatory frameworks like Colorado SB 26-189 or California’s CPPA regulations can use this data to sharpen their prioritization logic.
Technical controls alone are insufficient. The five risks that persist above 10% catastrophic probability even with pragmatic mitigations are structural in nature. Enterprise governance programs that focus only on model-level safeguards — guardrails, access controls, output filtering — will not adequately address power centralization, competitive dynamics, or inequality and unemployment. These require governance-layer responses: policy frameworks, procurement standards, vendor accountability requirements, and engagement with regulatory processes.
The accountability gap is a governance design problem. The structural separation between who is most vulnerable (users and the public) and who is most responsible (developers and governance actors) is not self-correcting. For enterprise organizations that sit between frontier developers and end users (deploying general-purpose AI systems across internal teams or customer-facing applications) this gap is particularly relevant. Deployers occupy a middle position in the accountability chain, and governance programs should define clearly what obligations that position carries.
Sector exposure should inform governance scope. Organizations in information, finance, national security, and health care face demonstrably higher AI risk exposure than organizations in lower-penetration sectors.
This is where platforms like Airia make a practical difference. Managing AI risk across 24 domains, multiple regulatory frameworks, and a distributed AI estate is not a spreadsheet problem. It requires centralized visibility across every model, agent, and workflow; real-time policy enforcement at the point of execution; and continuous documentation that connects operational AI activity to governance requirements. Airia provides that infrastructure so governance programs can operate at the speed and scale that AI adoption now demands.
Conclusion
The MIT Delphi study represents the most rigorous expert-consensus view of AI risk prioritization published to date. Its core contribution is not a new list of AI risks. It is a calibrated probability map: which risks are most severe, which sectors and actors bear the greatest exposure, and who has the obligation and capability to act.
For enterprise AI governance leaders, the study offers three durable takeaways. First, the threshold for “intolerable” risk is already crossed for 18 of 24 AI risk domains under current conditions. Second, mitigations matter, but structural risks require structural responses that go beyond technical controls. Third, the gap between vulnerability and responsibility is a governance design challenge and enterprise organizations need to decide where they stand in the accountability chain.
Ready to turn AI risk data into real governance action? If your enterprise needs to move from probabilistic risk maps to operational enforcement, request a demo to see how Airia provides centralized visibility across every model, agent, and workflow; real-time policy enforcement at the point of execution; and continuous compliance documentation—so managing AI risk across all 24 domains is built into how your programs operate by default.
Sources:
The full dataset is publicly available on OSF, or download a PDF copy of the Prioritization of Risks from Artificial Intelligence study.
