What Is AIUC-1? The First Security Standard Built for AI Agents

If you're building AI products for enterprise buyers, AI is likely coming up in any security-related discussions. In fact, in a recent analysis we ran at Workstreet, we found that around 3% of questionnaire questions are now related to AI — a small number for now, but we expect it to grow fairly quickly. 

Questions buyers have about AI tend to focus on hallucination, prompt injection defenses, and what happens when your agent makes an unauthorized call. Challenges that aren’t covered by SOC 2 reports. 

AIUC-1 was built to fill that gap. It's the first auditable security standard designed for AI agents. In this guide, I’ll be sharing what you need to know about the AIUC-1 framework, why agentic compliance matters, and how to decide if AIUC-1 is right for your business. 

What is AIUC-1?

AIUC-1 is a framework designed to help ensure AI agent security, safety and reliability, so that enterprise buyers can trust the agents. AIUC-1 was created by the Artificial Intelligence Underwriting Company alongside 100+ Fortune 500 CISOs. 

The AIUC-1 framework is made up of 51 requirements and 130 controls across six risk pillars:

1. Data & Privacy
2. Security
3. Safety
4. Reliability
5. Accountability
6. Society

AIUC-1 was launched in mid-2025 with Schellman becoming the first accredited auditor and ElevenLabs the first company to earn the certification.

Due to the speed at which AI changes, AIUC-1 updates quarterly, rather than annually like many other compliance standards.

Why AI Agents Need Their Own Standard

An AI agent can consume data, draw conclusions, make predictions, and take action — increasingly without human oversight. At each stage, that introduces risks that aren’t generally covered by traditional security controls. 

I look at AI governance and guardrails around agentic workers in the same way I do humans. We’ve spent decades building compliance frameworks to minimize the risks from human workflows, AIUC-1 applies the logic to agentic workers where the risks are different. 

With human workers, accountability is built into our organizational structures and responsibilities. When a human teammate makes a mistake, there’s a chain of command and processes to follow. If an AI agent hallucinates a response, that’s a whole different story, and something not covered by existing frameworks like SOC 2 or ISO 27001.

And the risks are real. According to EY, 64% of companies with over $1B in revenue have already lost more than $1M to AI-related failures. And Cisco's 2025 AI Readiness Index found that only 29% of companies believe they're equipped to defend against AI-specific threats, so the gap between how companies are deploying AI and how they're securing it is wide.

The Six Pillars that Make Up AIUC-1

The 51 AIUC-1 requirements are organized into six pillars:

• Data & Privacy: Covers PII (personally identifiable information) leakage, cross-customer data isolation, and IP protection
• Security: Covers prompt injection defense, adversarial robustness, and unauthorized agent actions
• Safety: Covers harmful output prevention, pre-deployment testing, and risk taxonomy
• Reliability: Covers hallucination prevention and tool call restrictions
• Accountability: Covers AI failure response plans, vendor due diligence, and AI disclosure
• Society: Focuses on preventing AI-enabled cyber attacks and CBRN (chemical, biological, radiological, nuclear) misuse

Of the 130 total controls, 65 are mandatory and 65 are optional. Generally, a straightforward agent will typically need to meet around 40 controls, whereas a complex, multi-modal agent needs closer to 65.

AIUC-1 is Backed by an Insurance Model

AIUC-1 certification comes backed by Lloyd's of London insurance, which changes the incentive structure of the audit itself.

With most compliance certifications, the auditor issues a pass/fail verdict with no further downstream exposure to your security posture and outcomes, whereas AIUC-1 ties certification to underwriting.

The Artificial Intelligence Underwriting Company, which issues all certificates, also underwrites the risk associated with using your agent. So all customers using your agent will be insured against the failures AIUC-1 is supposed to prevent.

How AIUC-1 Compares to ISO 42001, NIST AI RMF, and the EU AI Act

AIUC-1 isn't the only framework or regulation focused on how vendors are using AI within their products and across internal operations.

In recent years, ISO 42001 has picked up steam, the EU AI Act has been introduced and The NIST AI Risk Management Framework (AI RMF) has been rolled out.

Here’s how AIUC-1 compares to other frameworks:

AIUC-1 vs ISO 42001

ISO 42001 certifies that an organization has guidelines in place focused on how they develop, deploy, and operate AI systems responsibly. AIUC-1 incorporates a number of controls directly from IS) 42001 and translates its management systems into auditable requirements and extends some requirements to protect against risks like hallucinations and jailbreak attempts.

Organizations that have ISO 42001 in place are starting to investigate and pursue AIUC-1 to prove its policies translate into effective controls.

AIUC-1 vs NIST AI RMF

NIST AI RMF (the National Institute of Standards and Technology's AI Risk Management Framework) provides high-level guidance but doesn't prescribe specific controls or testing. AIUC-1 translates NIST's functions into auditable controls.

AIUC-1 vs EU AI ACT

The EU AI Act is a law that regulates artificial intelligence, and like GDPR, it reaches beyond the EU’s borders. AIUC-1 provides the specific controls that help meet those obligations and maps 30+ EU AI Act articles to auditable requirements.

Who Should Get AIUC-1 Certified

Any company building or deploying agentic AI that sells to enterprises should be paying attention to AIUC-1. If your product uses AI agents in customer-facing operations, handles confidential data through autonomous workflows, or makes decisions that affect critical business processes, this is relevant.

As a new framework, AIUC-1 is still establishing its place in the market, but momentum is growing fast. Six months ago, nearly every AI compliance conversation we had focused on ISO 42001, then the EU AI Act started to drive some conversations with organizations selling into the EU. Now, AIUC-1 is coming up more and more, especially since the Schellman accreditation and ElevenLabs certification.

The interest we're seeing in AIUC-1 is mostly driven by enterprise buyers that want independent assurance that the AI products they're adopting have been tested against agent-specific risks that aren't generally covered by SOC 2, ISO 27001, or ISO 42001.

How Certification Works

AIUC says that AIUC-1 certification typically takes between four and eight weeks, depending on the organization’s security posture and maturity. Here’s what the process looks like:

• Scoping and kickoff (1-2 weeks): Figure out what’s in scope for the audit, appoint internal leaders, identify evidence, and find any gaps between what you have in place and what AIUC-1 requires. 
• Evidence collection and evaluation (3-5 weeks): Gather documentation on operational practices, legal policies, and technical implementations + remediate any gaps found during scoping. Test your systems for hallucinations and other risks. 
• Finalize audit (1-3 weeks): Combine evidence, develop the report, obtain signoff.

AIUC-1 certificates are valid for 12 months but require quarterly technical testing to maintain status. The AIUC-1 Consortium (which I’m a member of), develops the standard, the Artificial Intelligence Underwriting Company issues certificates, and accredited auditors prepare the reports.

Where AIUC-1 Is Heading

The quarterly update cadence means this standard will change more frequently than SOC 2, ISO 42001, or almost any other compliance framework. The January 2026 update alone modified 26 requirements and added 40+ voice-specific requirements. The update cadence is much more frequent than other frameworks because of the speed at which AI is developing — with every new leap the technology makes, AIUC-1 needs to keep pace.

For companies building AI products that sell to enterprises, buyers are starting to ask about AI-specific certifications. Getting ahead of that could be the difference between closing deals and your pipeline getting stuck during procurement. 

Our AIUC-1 practice helps you design, implement, and certify your AI agent program to meet AIUC-1. If you're exploring AIUC-1 and want to understand what it would look like for your company, talk to our team.

AIUC-1 FAQs

Does AIUC-1 replace SOC 2?

No, AIUC-1 covers AI-specific risks like hallucinations, prompt injection, unauthorized tool calls  that SOC 2 doesn't currently address. SOC 2 still covers your general cybersecurity posture and will continue to be required for any business selling into enterprise customers. 

Can I pursue AIUC-1 and ISO 42001 at the same time?

Yes, and many companies likely will. ISO 42001 builds your AI governance framework, whereas AIUC-1 validates that the technical safeguards behind that framework hold up under independent testing so the two work well together. 

What happens when the standard updates after I'm certified?

AIUC-1 updates quarterly. Your certificate is valid for 12 months, and quarterly technical testing keeps your certification current. New requirements get evaluated as part of your next annual re-audit.

Who performs the quarterly technical testing?

The Artificial Intelligence Underwriting Company performs all quarterly technical testing directly. Accredited auditors like Schellman prepare the audit reports and handle evidence collection, but the ongoing technical evaluations are centralized to maintain consistency.