MIT Delphi Study of 272 Experts: 18 of 24 AI Risks Carry >10% Chance of Catastrophic Harm by 2030 Even With Pragmatic Mitigations

A new Delphi study from the MIT AI Risk Initiative asked 272 international experts to rate 24 distinct AI risks on severity, likelihood of catastrophic outcomes, who is most vulnerable, and who should be held responsible. The June 2026 report, “Prioritization of Risks from Artificial Intelligence,” is the largest structured expert elicitation on this topic to date. It draws on the MIT AI Risk Repository taxonomy that synthesized 1,725 risks from 74 existing frameworks.

The single most governance-relevant finding is this: under a business-as-usual trajectory, experts assigned at least a 10% probability of catastrophic harm — more than one million deaths, more than $100 billion in financial loss, or equivalent civilizational-scale damage — to 18 of the 24 risk domains between late 2025 and 2030. Even when experts assumed organizations and governments implemented pragmatic, cost-effective mitigations, five risks remained above the 10% catastrophic threshold: dangerous capabilities, weapons and cyberattacks, environmental harm, inequality and unemployment, and power centralization. All 24 risks stayed above 5%.

The study also revealed a structural mismatch that enterprise governance programs must confront directly. AI users and affected stakeholders (the public, employees subject to automated decisions) were judged the most vulnerable across nearly every risk. In contrast, general-purpose AI developers and governance actors — governments, regulators, and standards bodies — received the highest responsibility ratings. Infrastructure providers were rated among the least vulnerable and least responsible.

This asymmetry maps directly onto the accountability gap we has documented across the four control layers. When the actors who bear the greatest exposure lack the capability or incentive to act, and the actors best positioned to intervene face competitive pressures against precaution, catastrophic outcomes become more likely unless explicit accountability infrastructure is built. The report gives governance teams a clear, evidence-based map of which risks demand immediate attention and where responsibility must be assigned if mitigation is to be effective.

Key Findings

• The three-round Delphi study gathered input from 272 international AI experts drawn from academia, industry, government, and civil society across 37 countries, with 214 completing all rounds.

• Under the business-as-usual scenario, experts judged 18 of the 24 AI risks to have more than a 10% probability of producing catastrophic outcomes by 2030, defined as more than one million human deaths, more than USD $100 billion in financial loss, or equivalent civilizational-scale intangible harms.

• The five risks rated highest in expected severity under business-as-usual conditions were dangerous capabilities, competitive dynamics, weapons and cyberattacks, power centralization, and false information, each receiving mean severity scores between 3.44 and 3.49 on a 1–5 scale.

• In the pragmatic mitigations scenario, where organizations and governments implement cost-effective efforts to address AI risks, expected severity declined across all 24 risks, yet five risks retained more than a 10% probability of catastrophic outcomes: dangerous capabilities (12%), weapons and cyberattacks (12%), environmental harm (12%), inequality and unemployment (11%), and power centralization (11%).

• Even under the pragmatic mitigations scenario, experts assessed that every one of the 24 risks carried at least a 5% probability of catastrophic outcomes by 2030.

• AI users and affected stakeholders received the highest vulnerability ratings across nearly all risks, with median scores of 4–5 (highly to extremely vulnerable) and expert consensus on most actor-risk pairs.

• AI infrastructure providers were judged the least vulnerable actors overall, receiving a median vulnerability rating of 2 (minimally vulnerable) across the majority of risks, with consensus that they remain largely insulated except from environmental harm, weapons and cyberattacks, and dangerous capabilities.

• General-purpose AI developers and AI governance actors (governments, regulators, and standards bodies) were assigned the highest responsibility ratings across nearly all 24 risks, with median scores of 4–5 (highly to primarily responsible) and strong consensus on these assignments.

• Affected stakeholders and AI users were judged to bear only moderate responsibility (median ratings of 2–3) for addressing risks despite being rated the most vulnerable, creating a clear separation between exposure to harm and obligation to mitigate it.

• The information, finance and insurance, and national security sectors received the highest vulnerability ratings across the 24 risks, with expert consensus that these sectors face extreme exposure to content-related harms, fraud, cyberattacks, and decision-making failures.

• When all experts were asked to select their three greatest concerns for the 2025–2030 period regardless of personal expertise, weapons and cyberattacks (26.8%), power centralization (23.5%), disinformation and influence (22.1%), loss of consensus reality (21.6%), and dangerous capabilities (21.6%) emerged as the most frequently chosen risks.

• Expert consensus on vulnerability and responsibility ratings was strongest at the extreme ends of the scale (extremely vulnerable or primarily responsible) and weakest for moderate ratings, with 81% of “extremely vulnerable” assessments reaching the defined consensus threshold compared to only 14% of moderate assessments.

• The study documented that severity reductions from pragmatic mitigations were largest for risks that had the highest baseline catastrophic probabilities under business-as-usual conditions, including dangerous capabilities, weapons and cyberattacks, competitive dynamics, and AI misalignment.

What the Report Covers

The report “Prioritization of Risks from Artificial Intelligence: A Delphi Study of 272 International Experts” is a large-scale expert elicitation published in June 2026 by the MIT AI Risk Initiative. It systematically prioritizes 24 distinct AI risks drawn from the MIT AI Risk Repository, which had previously synthesized 1,725 risks across 74 existing frameworks into seven domains and 24 subdomains. The study’s central goal is to determine which risks are most severe, who is most vulnerable to them, and who should bear responsibility for addressing them.

The methodology is a three-round Delphi process conducted between September and November 2025. A panel of 272 international experts from academia, industry, government, and civil society participated, with 214 completing all rounds. Experts rated only risks within their areas of expertise. In each round they provided numerical ratings and qualitative rationales, then received aggregated results and peer comments before revising their judgments. The study used two scenarios: a business-as-usual scenario in which no additional AI-specific mitigations are implemented, and a pragmatic mitigations scenario in which organizations and governments apply cost-effective measures. For severity, experts distributed 100 percentage points across five levels (negligible to catastrophic), with catastrophic harm explicitly defined as more than one million deaths, more than $100 billion in financial loss, or equivalent civilizational-scale intangible damage. Vulnerability and responsibility were measured on 5-point scales for seven actor types and 14 industry sectors.

The report examines four main areas in depth. First, it presents expert probability distributions for harm severity under both scenarios, including mean severity scores and the percentage of experts placing probability mass on catastrophic outcomes. Second, it assesses how vulnerable each of the seven actor categories (general-purpose developers, specialized developers, deployers, infrastructure providers, governance actors, users, and affected stakeholders) is to each risk, along with the level of responsibility each actor should hold. Third, it evaluates vulnerability across 14 sectors using the North American Industry Classification System. Fourth, it captures experts’ overall top concerns by asking all participants to select the three risks they worry about most, regardless of their specific expertise. The document also includes extensive qualitative rationales, a discussion of structural mismatches between vulnerability and responsibility, a detailed limitations section, and full transparency on recruitment, screening, consensus criteria, and data availability (all data are published on the Open Science Framework).

In addition to the core findings, the report contains a methods section that documents the exact risk definitions shown to participants, the construction and piloting of the severity rubric, the iterative Delphi procedure, and the pre-specified rules for determining consensus. Supplementary materials provide the full severity anchors, domain-specific sample sizes, complete confidence intervals, and additional figures. The document functions as both a prioritization of AI risks and a transparent record of how a large, diverse expert panel reached its collective judgments.