Explore all deployer risks here.
Risks are organized into 7 families corresponding to enterprise risk domains. Families are built from the MIT AI Risk Repository and enriched with MITRE ATLAS, ISO, and the EU AI Act.
| Family | Risks | Sub-risks | Enterprise risk domain | MITRE ATLAS | ISO | EU AI Act |
|---|---|---|---|---|---|---|
Model & system behaviour
How the AI system itself behaves: bias, toxic or unsafe output, hallucination, brittleness, and emergent capability. |
29 | 5 | Operational & technology risk | 5 sub-risks | 29 refs | 7 refs |
Governance & process
Accountability, oversight, documentation, evaluation, and the lifecycle discipline of running AI. |
13 | 0 | Operational & governance risk | not decomposed | +7 gaps | 8 refs |
Regulatory compliance
Duties under the EU AI Act and sector rules: impact assessments, registration, notice, and monitoring. |
12 | 0 | Compliance & legal risk | not decomposed | 1 ref | +11 gaps |
Human & usage
How people interact with, rely on, or misuse the system: manipulation, overreliance, and loss of human agency. |
10 | 0 | Conduct & operational risk | not decomposed | 10 refs | 4 refs |
Security & adversarial
Attacks on the AI system: prompt injection, evasion, poisoning, model theft, and autonomous-agent abuse. |
7 | 43 | Cyber & information security risk | 43 sub-risks | 6 refs | 1 ref |
Data, privacy & content liability
Personal-data exposure, unlawful processing, confidentiality, and content-related legal liability. |
6 | 5 | Privacy, data & legal risk | 5 sub-risks | 6 refs | 2 refs |
Third party & supply chain
Risks inherited from model providers, vendors, and the AI supply chain: concentration, version churn, embedded AI. |
5 | 8 | Third-party & supply-chain risk | 8 sub-risks | +2 gaps | 2 refs |
Enterprise risk domains match the family band on the home page. ISO clause and EU article references cross-cut families; the badges mark where a source introduced or decomposed risks. Family colours carry through to the full register below.
The full register.
82 canonical risks; the 12 risks with MITRE ATLAS-anchored sub-risks are badged. Filtering runs in the browser.
| Id | Risk | Family | AI type | Scope | Source |
|---|---|---|---|---|---|
| MR-001 | Biased or discriminatory outputs and decisions | Model & system behaviour | GPAI, Agentic, Classical_ML | Both | MIT AI Risk Repository v4 |
| MR-002 | Stereotyping and representational harm | Model & system behaviour | GPAI, Classical_ML | System | MIT AI Risk Repository v4 |
| MR-003 | Toxic, hateful, or harassing content generation | Model & system behaviour | GPAI | System | MIT AI Risk Repository v4 |
| MR-004 | Violent or extremist content generation | Model & system behaviour | GPAI | System | MIT AI Risk Repository v4 |
| MR-005 | Child sexual abuse material and child-safety harm | Model & system behaviour | GPAI | System | MIT AI Risk Repository v4 |
| MR-006 | Disparate performance across groups and languages | Model & system behaviour | GPAI, Classical_ML | System | MIT AI Risk Repository v4 |
| MR-007 | Self-harm, suicide and dangerous-behavior promotion | Model & system behaviour | GPAI | System | MIT AI Risk Repository v4 |
| MR-008 | Sexual content and non-consensual intimate imagery | Model & system behaviour | GPAI | System | MIT AI Risk Repository v4 |
| MR-009 | Leakage of personal or sensitive data3 sub-risks | Data, privacy & content liability | GPAI, Classical_ML | System | MIT AI Risk Repository v4 |
| MR-010 | Prompt injection and jailbreaking10 sub-risks | Security & adversarial | GPAI, Agentic | System | MIT AI Risk Repository v4 |
| MR-011 | Unlawful or non-consensual collection and processing of personal data | Data, privacy & content liability | GPAI, Classical_ML | Both | MIT AI Risk Repository v4 |
| MR-012 | Adversarial examples and evasion attacks4 sub-risks | Security & adversarial | Classical_ML, GPAI | System | MIT AI Risk Repository v4 |
| MR-013 | Disclosure of confidential or proprietary information2 sub-risks | Data, privacy & content liability | GPAI, Agentic | Both | MIT AI Risk Repository v4 |
| MR-014 | Data and model poisoning and backdoors4 sub-risks | Security & adversarial | GPAI, Classical_ML, Agentic | System | MIT AI Risk Repository v4 |
| MR-015 | Residual AI system security and availability weaknesses9 sub-risks | Security & adversarial | GPAI, Classical_ML, Agentic | System | MIT AI Risk Repository v4 |
| MR-016 | Model theft, extraction and weight leakage3 sub-risks | Security & adversarial | GPAI, Classical_ML | System | MIT AI Risk Repository v4 |
| MR-017 | Privacy-invasive inference and re-identification | Data, privacy & content liability | GPAI, Classical_ML | System | MIT AI Risk Repository v4 |
| MR-018 | AI supply-chain and infrastructure vulnerabilities8 sub-risks | Third party & supply chain | GPAI, Classical_ML, Agentic | Both | MIT AI Risk Repository v4 |
| MR-019 | Insecure or vulnerable code generation | Model & system behaviour | GPAI, Agentic | System | MIT AI Risk Repository v4 |
| MR-020 | Insecure integration with external tools, plugins and APIs | Security & adversarial | GPAI, Agentic | System | MIT AI Risk Repository v4 |
| MR-021 | Hallucination and fabricated output | Model & system behaviour | GPAI | System | MIT AI Risk Repository v4 |
| MR-022 | Unsafe or incorrect advice in high-stakes domains | Model & system behaviour | GPAI | System | MIT AI Risk Repository v4 |
| MR-023 | Contribution to misinformation and information-ecosystem degradation | Model & system behaviour | GPAI | Both | MIT AI Risk Repository v4 |
| MR-024 | Defamation and false statements about people | Data, privacy & content liability | GPAI | System | MIT AI Risk Repository v4 |
| MR-025 | Overconfidence, sycophancy and poor calibration | Model & system behaviour | GPAI | System | MIT AI Risk Repository v4 |
| MR-026 | Disinformation and influence operations | Model & system behaviour | GPAI, Agentic | System | MIT AI Risk Repository v4 |
| MR-027 | AI-enabled cyberattacks and offensive cyber operations1 sub-risks | Model & system behaviour | GPAI, Agentic | Both | MIT AI Risk Repository v4 |
| MR-028 | AI-enabled fraud, scams and social engineering2 sub-risks | Model & system behaviour | GPAI, Agentic | Both | MIT AI Risk Repository v4 |
| MR-029 | Facilitation of weapons, CBRN and serious physical harm (capability uplift) | Model & system behaviour | GPAI, Agentic | System | MIT AI Risk Repository v4 |
| MR-030 | Manipulation, persuasion and dark patterns | Human & usage | GPAI, Agentic | System | MIT AI Risk Repository v4 |
| MR-031 | Impersonation, deepfakes and synthetic media2 sub-risks | Model & system behaviour | GPAI | Both | MIT AI Risk Repository v4 |
| MR-032 | Deliberate misuse and repurposing for harm | Human & usage | GPAI, Agentic | Both | MIT AI Risk Repository v4 |
| MR-033 | Mass surveillance and censorship enablement | Human & usage | GPAI, Classical_ML | Both | MIT AI Risk Repository v4 |
| MR-034 | Overreliance and automation bias | Human & usage | GPAI, Agentic, Classical_ML | Both | MIT AI Risk Repository v4 |
| MR-035 | Erosion of human agency and autonomy | Human & usage | GPAI, Agentic | Both | MIT AI Risk Repository v4 |
| MR-036 | Anthropomorphism, emotional dependence and psychological harm | Human & usage | GPAI | System | MIT AI Risk Repository v4 |
| MR-037 | Environmental footprint of AI | Governance & process | GPAI, Classical_ML, Agentic | Both | MIT AI Risk Repository v4 |
| MR-038 | Workforce displacement and job-quality decline | Human & usage | GPAI, Agentic, Classical_ML | Organization | MIT AI Risk Repository v4 |
| MR-039 | Intellectual property and copyright infringement | Data, privacy & content liability | GPAI | Both | MIT AI Risk Repository v4 |
| MR-040 | Regulatory non-compliance and legal liability | Regulatory compliance | GPAI, Classical_ML, Agentic | Organization | MIT AI Risk Repository v4 |
| MR-041 | Academic and professional dishonesty | Human & usage | GPAI | System | MIT AI Risk Repository v4 |
| MR-042 | Unclear accountability and responsibility for AI decisions | Governance & process | GPAI, Classical_ML, Agentic | Organization | MIT AI Risk Repository v4 |
| MR-043 | Inadequate AI governance and oversight processes | Governance & process | GPAI, Classical_ML, Agentic | Organization | MIT AI Risk Repository v4 |
| MR-044 | Exploitative labor in the AI supply chain | Third party & supply chain | GPAI, Classical_ML | Organization | MIT AI Risk Repository v4 |
| MR-045 | Insufficient documentation, transparency and data provenance | Governance & process | GPAI, Classical_ML, Agentic | Organization | MIT AI Risk Repository v4 |
| MR-046 | Inadequate evaluation, testing and benchmarking | Governance & process | GPAI, Classical_ML, Agentic | Organization | MIT AI Risk Repository v4 |
| MR-047 | Vendor/model concentration, monoculture and correlated failure | Third party & supply chain | GPAI, Classical_ML, Agentic | Organization | MIT AI Risk Repository v4 |
| MR-048 | AI competence and skills gaps in the organization | Human & usage | GPAI, Classical_ML, Agentic | Organization | MIT AI Risk Repository v4 |
| MR-049 | Physical safety harm and accidents | Model & system behaviour | GPAI, Agentic, Classical_ML | System | MIT AI Risk Repository v4 |
| MR-050 | Inaccuracy and poor predictive performance | Model & system behaviour | GPAI, Classical_ML, Agentic | System | MIT AI Risk Repository v4 |
| MR-051 | Ethical or value misalignment in outputs and decisions | Model & system behaviour | GPAI, Agentic | System | MIT AI Risk Repository v4 |
| MR-052 | Emergent dangerous capabilities | Model & system behaviour | GPAI, Agentic | System | MIT AI Risk Repository v4 |
| MR-053 | Goal misspecification, specification gaming and reward hacking | Model & system behaviour | GPAI, Agentic, Classical_ML | System | MIT AI Risk Repository v4 |
| MR-054 | Loss of meaningful human oversight and control | Governance & process | Agentic, GPAI | Both | MIT AI Risk Repository v4 |
| MR-055 | Lack of explainability and interpretability | Model & system behaviour | GPAI, Classical_ML, Agentic | Both | MIT AI Risk Repository v4 |
| MR-056 | Lack of robustness to distribution shift and edge cases | Model & system behaviour | GPAI, Classical_ML, Agentic | System | MIT AI Risk Repository v4 |
| MR-057 | Multi-agent interaction risks | Model & system behaviour | Agentic, GPAI | Both | MIT AI Risk Repository v4 |
| MR-058 | Model performance drift and degradation over time | Model & system behaviour | GPAI, Classical_ML | System | MIT AI Risk Repository v4 |
| MR-059 | Poor data quality and representativeness | Model & system behaviour | GPAI, Classical_ML | Both | MIT AI Risk Repository v4 |
| MR-060 | Use outside intended scope | Human & usage | GPAI, Agentic, Classical_ML | Both | MIT AI Risk Repository v4 |
| MR-061 | Over-refusal and excessive safety filtering | Model & system behaviour | GPAI | System | MIT AI Risk Repository v4 |
| MR-062 | Shadow AI and unsanctioned use of AI tools | Governance & process | GPAI, Agentic, Classical_ML | Organization | ISO/IEC 23894 + 42001 (gap analysis) |
| MR-063 | AI inventory blind spots | Governance & process | GPAI, Agentic, Classical_ML | Organization | ISO/IEC 23894 + 42001 (gap analysis) |
| MR-064 | Embedded AI introduced through procurement | Third party & supply chain | GPAI, Classical_ML | Organization | ISO/IEC 23894 + 42001 (gap analysis) |
| MR-065 | Vendor model version churn and undisclosed updates | Third party & supply chain | GPAI, Agentic | Both | ISO/IEC 23894 + 42001 (gap analysis) |
| MR-066 | Change deployed without revalidation | Governance & process | GPAI, Classical_ML, Agentic | System | ISO/IEC 23894 + 42001 (gap analysis) |
| MR-067 | Absence of AI impact assessment | Governance & process | GPAI, Agentic, Classical_ML | Organization | ISO/IEC 23894 + 42001 (gap analysis) |
| MR-068 | Inadequate AI incident response and communication | Governance & process | GPAI, Agentic, Classical_ML | Organization | ISO/IEC 23894 + 42001 (gap analysis) |
| MR-069 | Inadequate logging, record-keeping and traceability | Governance & process | GPAI, Agentic, Classical_ML | System | ISO/IEC 23894 + 42001 (gap analysis) |
| MR-070 | Inadequate AI decommissioning and retirement | Governance & process | GPAI, Classical_ML, Agentic | Organization | ISO/IEC 23894 + 42001 (gap analysis) |
| MR-071 | Autonomous agent hijacking and excessive-agency abuse13 sub-risks | Security & adversarial | Agentic, GPAI | Both | MITRE ATLAS v5.6.0 (gap analysis) |
| MR-072 | Failure to conduct a fundamental rights impact assessment | Regulatory compliance | GPAI, Agentic, Classical_ML | Organization | EU AI Act 2024/1689 (gap analysis) |
| MR-073 | Failure to inform workers before workplace deployment | Regulatory compliance | GPAI, Agentic, Classical_ML | Organization | EU AI Act 2024/1689 (gap analysis) |
| MR-074 | Failure to register a high-risk system or verify its registration | Regulatory compliance | GPAI, Agentic, Classical_ML | Organization | EU AI Act 2024/1689 (gap analysis) |
| MR-075 | Failure to inform individuals subject to high-risk AI decisions | Regulatory compliance | GPAI, Agentic, Classical_ML | Both | EU AI Act 2024/1689 (gap analysis) |
| MR-076 | Failure to monitor operation and meet incident-reporting and suspension duties | Regulatory compliance | GPAI, Agentic, Classical_ML | Organization | EU AI Act 2024/1689 (gap analysis) |
| MR-077 | Deploying or repurposing a system into a prohibited practice | Regulatory compliance | GPAI, Agentic, Classical_ML | Both | EU AI Act 2024/1689 (gap analysis) |
| MR-078 | Failure to meet AI transparency and disclosure obligations | Regulatory compliance | GPAI, Agentic | Both | EU AI Act 2024/1689 (gap analysis) |
| MR-079 | Non-compliance with the AI literacy obligation | Regulatory compliance | GPAI, Agentic, Classical_ML | Organization | EU AI Act 2024/1689 (gap analysis) |
| MR-080 | Provider fails to supply adequate GPAI model documentation | Regulatory compliance | GPAI, Agentic | Both | GPAI Code of Practice 2025 (gap analysis) |
| MR-081 | Provider's inadequate copyright compliance exposes the deployer to IP liability | Regulatory compliance | GPAI, Agentic | Both | GPAI Code of Practice 2025 (gap analysis) |
| MR-082 | Provider's inadequate systemic-risk safety and security management, with no deployer visibility | Regulatory compliance | GPAI, Agentic | Both | GPAI Code of Practice 2025 (gap analysis) |
Part of the Deployer AI Risk Register, an open-source resource developed by MindXO. Version 1.0, 3 July 2026. Derived from the MIT AI Risk Repository (V4, December 2025) under CC BY 4.0; an independent derivative work, not endorsed by or affiliated with MIT. Sub-risk decomposition references MITRE ATLAS™ v5.6.0 (© 2021-2026 The MITRE Corporation, reproduced and distributed with permission). ISO/IEC and EU AI Act references are by number only. License: CC BY 4.0. Full attribution and licensing.