Most AI patent coverage gets read for the model. IBM's mid-April grants reward reading for everything around the model — the audit trail, the jurisdictional rule, the compliance proxy, the energy budget. In the week ending 20 April 2026, the company had a run of patents issue that sits on the governance and operational layer of enterprise AI: not how to build a better model, but how to run one inside data that is regulated, audited, and expensive to power. A granted claim is enforceable coverage rather than an aspiration, so this cluster maps positions IBM has locked in on the controls that determine whether an enterprise — a bank, a hospital, a government agency — can actually deploy AI against its own data. For a vendor whose AI pitch is built on hybrid-cloud and regulated industries, that is the load-bearing layer.

The clearest theme is data governance and auditability. US12602505B2 covers auditing database search queries for privileged data — examining a query plan, detecting that it accesses privileged data, and generating an updated plan flagged for audit. The abstract is terse about the mechanism:

A processor receives a query plan to search the database. A processor determines the query plan includes a request that accesses privileged data. A processor generates an updated query plan with an indication of the request that accesses privileged data.— Auditing of database search queries for privileged data, US12602505B2

The companion grant US12602499B2 covers data access under regulatory constraints, using proxies in two geographic jurisdictions so that data stored in one jurisdiction can be served to a program in another only after a constraint required by the source jurisdiction is enforced. These two grants describe, in concrete terms, the plumbing of running queries — including the AI-driven queries enterprises increasingly run — against data that carries audit and residency obligations. That is precisely the disclosure-and-control problem that determines whether a regulated institution can let a model touch its records at all.

Training data, security, and the cost of running it

A second cluster covers the inputs and the threat surface. US12602551B2 covers generating synthetic business documents to augment a large-language-model training set, building domain-specific document models from key-value-pair distributions — a way to train on data shaped like sensitive business records without the records themselves, which is as much a compliance technique as a data technique. US12602475B2 covers aggregating input/output operation features extracted from storage devices into a machine-learning vector to check for malware — pushing detection down to the storage layer where AI workloads read and write. Both grants treat data itself as the object of control: how to manufacture it safely, and how to watch it for compromise.

A third cluster lands on the operating cost that dominates AI infrastructure conversations. US12602264B2 covers energy-aware workload placement, deriving an energy profile and optimal operating temperature for each server and deploying workloads to the highest-efficiency machine. US12602574B2 covers a network of oscillators whose phase is controlled by thermal coupling, described as a hardware implementation of a neural network — a research-grade angle on the same physical question of how computation and heat interact. Power and cooling are the part of the AI buildout that shows up in operating expense rather than in a model card, and coverage on placing workloads by energy efficiency sits directly on that line.

The model layer is not absent, but it is rendered through efficiency rather than capability. US12602580B2 covers dataset-dependent low-rank decomposition of neural networks — compressing a trained model by ranking how relevant each filter and channel is to a target dataset, which is a method for making a model cheaper to run on a given task. Alongside the governance grants, it reinforces a footprint oriented toward deploying AI economically and compliantly inside an enterprise rather than toward frontier model size. That is consistent, as fact, with the regulated-industry and hybrid-cloud framing IBM uses in its own disclosures.

A footprint shaped like the customer

What ties these grants together is that each one solves a problem an enterprise buyer recognizes from its own compliance and operations functions, not a problem a model researcher would frame. A query-auditing method exists because regulated institutions must prove who touched privileged records; a cross-jurisdiction access method exists because data-residency rules differ by country and a global bank or insurer has to honor both at once; a synthetic-document method exists because the safest way to train on sensitive forms is to not use the real ones. Read in sequence, US12602505B2, US12602499B2, and US12602551B2 trace the lifecycle of regulated data through an AI system — how it is generated for training, how it is accessed across borders, and how its use is audited. The security and efficiency grants, US12602475B2 and US12602264B2, sit at the two ends a buyer also has to answer for: is the data safe, and what does running this cost to power. That the week's coverage maps onto the questions a regulated buyer must answer is the substance of the signal, independent of how any single claim performs.

The limits apply as they always do to a grant cluster, and they bear on how a business reader should weigh it. Enforceable coverage is not a shipped product or a disclosed revenue line — these records describe methods and systems, and they do not state how widely IBM uses each one or what any of them earns. Query auditing, data-residency enforcement, synthetic data, telemetry-based security, energy-aware scheduling, and model compression are all actively worked elsewhere, so coverage on a technique does not foreclose alternatives. And one week of grants reflects examiner timing as much as strategy, so the cluster is a snapshot of sustained investment, not a sudden move. What the week establishes as fact is specific: in the same seven days, IBM had grants issue across privileged-query auditing, cross-jurisdiction data access, synthetic training documents, storage-telemetry malware detection, energy-aware workload placement, and dataset-dependent model compression — a coordinated footprint on the governance, security, and efficiency controls that decide whether AI can run inside regulated enterprise data.