What happened
The day’s closing session turned from models to agents (systems that plan, act and execute tasks on their own) and to the question the whole day had been circling: once AI acts on your behalf, how do you trust it? David Shrier’s keynote supplied the economic frame; the panel supplied the missing technical one, converging on a single idea: verification, not just openness, is the precondition for trust.
The keynote: “intelligence capital”
Shrier argued that value is shifting from future cash flows to future intelligence flows, and that intelligence is the first asset that increases in value the more you use it. His unit of production is a human paired with an agent, owning a business process, capturing and compounding knowledge. His warning for the UN: intelligence capital is hyper-concentrated in the “hyperscalers” (worth some $25 trillion today, on his forecast $52–80 trillion by 2033), and sovereign AI is how that value might reach entire populations instead of a handful of firms, with 50+ countries already building sovereign-AI initiatives.
The panel: trust has to be verifiable
- Sara Hooker: the “slow death of scaling.” The former Cohere research lead argued that simply scaling model size is “largely at its end as a formula.” Progress is moving to how a model interacts with the world (post-training and agentic use), which is far more distributed and lowers barriers to entry. Automating AI training itself, she said, is changing who gets to shape AI.
- Tricia Wang: from a claims world to an evidence world. Today we live in a “claims-based AI world” where systems merely assert what they did; the shift needed is to verification backed by tamper-resistant, cryptographic evidence. Just as the community once had to define open source, she argued, it must now define open verification, because “verification cannot belong to the verified.”
- Mostafa El Kordy: a UN reference architecture for agents. The UN International Computing Centre is developing OSARA (an Open Sovereign Agent Reference Architecture) plus an “AI Bill of Rights”, specifying which parts of an agent’s “harness” must stay open, treating the underlying model like a swappable “battery,” and defining the roles of individuals, enterprises and governments. His insistence: build in cybersecurity, identity and cryptography “from the very beginning.”
- Yonghua Lin: open compute, not just open models. The Beijing Academy of AI’s CTO described an open software stack (FlagOS) that lets models run across different hardware without re-coding, so countries need not “struggle on which country’s technology” to choose. Much of the world’s installed compute is under-utilized or a generation behind; putting it to work (as in a UN / African Union education pilot) is how open source becomes genuinely inclusive.
The hard question they left open
Asked about data residency, the panel was candid that agents crossing clouds and borders collide with national data-sovereignty rules, and that the problem “just got a lot messier,” not cleaner. Verification, identity, provenance, and a chain of delegation are being “figured out right now”; the plane, as Wang put it, is being built while it is flown.
Why it matters for the SDGs
Autonomous agents raise the same divide the rest of the day named (between those who own the intelligence and those who rent it), but at higher stakes, because agents act. The panel’s throughline is squarely developmental: sovereign AI and open compute (SDG 9, SDG 10) to spread the value of agents, and open, independent verification as the public good (SDG 16’s accountable-institutions logic, applied to machines) that lets any country, enterprise or citizen trust a system acting on their behalf. It also set up the Geneva Global Dialogue on AI Governance, where open source was flagged as part of the agenda.
Watch & read
- UN Web TV, recording of the AI Day closing sessions (23 June 2026).
- Full AI Day recap, the day’s other sessions.
Speaker names and affiliations reflect roles at the time of the event; quotations are lightly edited from an automated transcript and should be read as close paraphrase.