I don't see how more advanced models won't get gated to specific known KYC'd entities. Classification-style guardrails will never be sufficient. Distillation attacks too are really hard to prevent. Open-source models can have their guardrails easily stripped away so it'll be incredibly dangerous to continue to release more and more capable OSS models that can and will be used to give bad actors 100x leverage.