Illinois Becomes First State to Mandate Independent Audits of Advanced AI Models
SB 315 is the first U.S. state law to mandate outside evaluations of AI safety practices. Auditors must be independent and free of financial conflicts of interest, according to the governor’s office. The law’s audit requirement is scheduled to begin in 2028, giving the AI safety community time to develop the necessary expertise and infrastructure. The legislation received bipartisan support in both chambers of the Illinois General Assembly and backing from AI safety organizations and industry leaders.
In a press release, Gov. Pritzker said the law “will make Illinois the first state in the nation to require outside evaluations of AI safety practices, conducted by auditors without financial conflicts of interest.” He added that the state is stepping up “with a bipartisan, first‑and‑most‑protective‑in‑the‑nation law” to protect residents from potential AI harms.
Anthropic, whose state and local government team highlighted the law’s transparency and verification components, stated that SB 315 “makes Illinois the first state to pair AI transparency requirements with independent verification, an important step toward the accountability this technology demands.”
The new law reflects a broader trend of state‑level AI governance. California’s Gov. Gavin Newsom issued an executive order in May directing state agencies to prepare workers, small businesses and communities for the economic impacts of AI. Utah established an Office of AI Policy last year to help businesses navigate regulatory challenges and protect the public from potential harms.
Unlike federal efforts, which have yet to produce comprehensive AI legislation, state laws are filling a policy vacuum. The Illinois act builds on frameworks already in place in California and New York, but it goes further by requiring independent audits. This move is expected to set a precedent for other states considering similar measures.
The law’s requirements cover a range of safety and security practices, including the development of internal compliance programs and the reporting of significant incidents. Companies must also disclose their safety and security practices to the public, a step that increases transparency for consumers and regulators.
Whistle‑blower protections are a key feature of the legislation. Employees who raise concerns about AI safety can do so through confidential reporting channels without fear of retaliation. The law also establishes a formal mechanism for reporting incidents, ensuring that significant safety events are documented and addressed.
Industry responses have been largely positive. Anthropic’s statement emphasized the importance of independent verification for accountability. Other AI safety organizations have praised the law for its comprehensive approach, though some experts note that the lack of established auditing standards could pose challenges for compliance.
The Illinois law is part of a growing movement to regulate AI at the state level. As AI systems become more powerful, states are taking on responsibilities that have traditionally been the domain of federal regulators. The new legislation signals a shift toward greater oversight and accountability for advanced AI models.
In summary, Illinois has enacted the nation’s first law requiring independent audits of frontier AI models. The law takes effect on January 1, 2027, with audit requirements beginning in 2028. It mandates public disclosure of safety practices, incident reporting, internal compliance programs, and whistle‑blower protections. The legislation reflects a broader trend of state‑level AI governance and sets a precedent for other states to follow.