From Chips to Models

When Commerce Secretary Howard Lutnick’s June 12, 2026 letter forced Anthropic to disable Fable 5 and Mythos 5 worldwide, much of the coverage treated it as a bolt from the blue—the first time the U.S. had directly controlled access to specific AI models. The “first” is accurate. The “bolt from the blue” is not.

The model-level control is the latest step in a deliberate, four-year ascent up the AI stack. The U.S. export-control apparatus has been climbing it rung by rung since 2022: first the chips, then the manufacturing equipment, then raw compute and the cloud access that delivers it, and now the models that run on top. Each step used the same statutory machinery—the Export Administration Regulations (EAR), administered by the Bureau of Industry and Security (BIS). For the legal mechanics of the model-level step specifically, see our anchor analysis, When Washington Switched Off an AI Model. This piece zooms out to the whole staircase—because the trajectory, not the single step, is what tells compliance teams where this is going.

The Staircase: Four Years of Climbing the AI Stack

Rung 1 (2022): The chips and the tools to make them

The modern arc began in October 2022, when BIS imposed sweeping controls on advanced computing semiconductors and the equipment used to manufacture them. The logic was foundational: deny adversaries the physical substrate of advanced AI. Two features of that action set the pattern for everything after. First, the controls reached manufacturing equipment, not just end products—control the means of production, not only the goods. Second, they introduced restrictions tied to end-use and end-user, not merely the item’s specifications. The government was already thinking in terms of who and for what, not just what.

Rung 2 (2023): Closing the gaps

The 2022 rules left seams—performance thresholds that could be engineered around, intermediary jurisdictions that could be routed through. The 2023 updates tightened specifications and expanded the geographic and entity scope. The lesson institutionalized here is that frontier export controls are iterative: the government issues a rule, observes the workarounds, and closes them. No single control is the final word; each is a position in an ongoing contest.

Rung 3 (2025): Compute, cloud, and the diffusion problem

By 2025 the policy conversation had moved decisively from hardware-you-own to compute-you-access. Controlling chips matters less if the same capability is available as a cloud service. This period saw the emergence of frameworks aimed at the diffusion of AI capability—tiered approaches to who may access large-scale compute, attention to cloud providers as the delivery layer, and the beginnings of know-your-customer expectations for access to frontier-scale resources. The control surface had shifted from the loading dock to the API endpoint. That shift is the essential bridge to 2026: once the government is comfortable controlling access to compute, controlling access to the model that compute serves is a short conceptual step.

Rung 4 (2026): The model itself

Which brings us to Fable 5 and Mythos 5. For the first time, the controlled item was not a chip, a tool, or a quantity of compute—it was a specific, deployed model version, with access restricted by the nationality of the user via the EAR’s deemed-export doctrine. The staircase reached the top of the stack. Every prior rung made this one thinkable; the only genuinely novel element was applying decades-old “release to a foreign national” logic to an inference API instead of a blueprint on a lab bench.

Why Models Were Always Going to Be Next

Read as a sequence, the progression is almost inevitable. Three throughlines connect the rungs:

The control surface follows the capability. As the locus of AI power moved—from silicon, to fabrication, to compute, to cloud delivery, to the model—the controls followed it upward. Wherever the capability concentrated, the EAR went. The model layer was simply the next place the capability lived.

The same legal theory scales. Nothing in the 2026 action required new statutory authority. The EAR’s treatment of software and technology, its end-use/end-user orientation from 2022, and the deemed-export rule were all already on the books. The government did not invent a tool; it pointed an existing one at a new target. That is why it could move in days rather than the years a new statute would require.

Each rung normalized the next. Controlling chips made controlling compute unremarkable. Controlling compute made controlling model access a small additional step. The Overton window for what counts as an exportable, controllable AI artifact has been widening on a predictable cadence. A model-version control that would have seemed extraordinary in 2022 read, by 2026, as a logical continuation.

Where the Controls Could Go Next

Forecasting specific government action is a fool’s errand, but the direction of travel is legible from the staircase. Compliance teams should treat the following as plausible future control surfaces and watch for early signals:

  • Model weights as a controlled item. The 2026 action controlled access to a hosted model. A natural next target is the weights themselves—the trained parameters—treated explicitly as controlled technology whose transfer, including open release, is restricted. Open-weight releases of frontier-class models are the obvious pressure point.
  • KYC obligations on model and compute providers. If access turns on user nationality and end-use, providers will face growing expectations to know their customers—identity verification, nationality screening, and use-case attestation as a condition of frontier-model access. The deemed-export logic practically demands it.
  • Capability thresholds as triggers. Just as chip controls used performance thresholds, future controls may attach to model capability benchmarks—above a defined capability line in sensitive domains, additional controls apply automatically. This would shift the question from “which named model” to “any model exceeding threshold X.”
  • Tighter alignment with allied regimes. Hardware controls moved toward multilateral coordination; expect pressure for allied alignment on model and compute controls, with the friction (and conflicts, e.g., with the EU’s own AI framework) that implies for multinationals.
  • Faster, more granular interventions. The defining feature of the Fable 5 action was speed—a Friday-afternoon letter, not a multi-month rulemaking. Expect future interventions to be similarly rapid and to target ever more specific artifacts.

None of these is a prediction that it will happen. They are the rungs that are visible from where the staircase currently ends. Prudent compliance planning watches them.

What Compliance Teams Should Do With This Trajectory

  • Treat AI export-control exposure as a standing program, not an incident. The four-year arc shows this is iterative and continuous. Assign ownership, monitor BIS rulemaking, and review exposure on a recurring cadence—not only when a headline forces it.
  • Map your dependencies against the likely control surfaces. If you rely on open-weight models, the weights-as-controlled-item scenario matters most. If you build on hosted frontier APIs, KYC and access-revocation scenarios dominate. Know which future rung would hit you.
  • Bring trade compliance and AI governance into the same room—permanently. The teams that run your EAR program and the teams that select your models have historically never spoken. The staircase guarantees they now must.
  • Assume the next step comes faster than the last. Each rung has been quicker to deploy and more granular than the one before. Build planning assumptions around afternoon-timescale interventions, not quarter-timescale ones.

Conclusion

The shutoff of Fable 5 and Mythos 5 was a first, but it was not a surprise to anyone who had been watching the staircase. From the 2022 semiconductor controls, through the 2023 tightening, to the 2025 pivot toward compute and cloud, the U.S. export-control apparatus has been climbing the AI stack on a steady, legible cadence—using the same statutory tools at every level. The model layer was the next rung up, and it has now been taken.

For compliance teams, the actionable insight is not the single event but the trajectory it confirms. AI is being absorbed, layer by layer, into the export-control regime that already governs the world’s most sensitive technologies. The question is no longer whether models are controlled commodities—June 12 answered that—but which part of the stack gets controlled next, and how fast. The organizations that plan against the staircase, rather than reacting to each rung, are the ones that will not be caught flat-footed by the next letter.

This article is provided for informational purposes only and does not constitute legal advice.