Illinois Just Passed the First US Law Requiring Annual Safety Audits for Frontier AI Models

Illinois has become the first state in the United States to legally require annual independent safety audits for frontier AI models — a historic milestone achieved at precisely the moment federal AI regulation has stalled. The Illinois Artificial Intelligence Safety Measures Act, carried by Senate Bill 315, passed the state House 110-0 and the Senate 52-5 in May 2026. Governor J.B. Pritzker has signaled his intent to sign it into law.

The vote margins speak volumes. A 110-0 House vote is not a close call — it is a statement. Whatever Illinois legislators disagree on, they found near-unanimous consensus that frontier AI developers need to be accountable under state law.

What the Law Requires

SB 315 creates five interlocking obligations for covered companies, effective January 1, 2027, with the most demanding requirement — mandatory third-party audits — kicking in January 1, 2028:

1. Frontier AI Safety Framework: Covered companies must annually publish a comprehensive safety framework documenting catastrophic-risk assessments, mitigation strategies, cybersecurity protocols, governance structures, and summaries of third-party evaluations. This is not a checkbox exercise — it requires companies to publicly articulate what could go wrong with their most powerful models and what they are doing about it.
2. Transparency Reports: Before deploying a new frontier model or significantly modifying an existing one, companies must publish a transparency report. This creates a pre-deployment accountability layer that does not currently exist at the federal level.
3. Mandatory Annual Independent Third-Party Safety Audits: This is the provision that makes SB 315 historically significant. No US state has ever required independent external audits of AI systems at this level. Starting in 2028, covered companies must submit to annual audits conducted by qualified third parties — not internal reviews, not self-certification, but independent external scrutiny.
4. Incident Reporting: Critical safety incidents must be reported to the relevant authorities. This mirrors incident-reporting frameworks that already exist in aviation, nuclear, and pharmaceutical industries — sectors where the consequences of failure can be catastrophic.
5. Whistleblower Protections: Employees who identify and report public safety hazards related to their company's AI systems are protected from retaliation. This provision acknowledges what industry insiders already know: the people with the most direct knowledge of AI safety risks are often the ones least able to speak publicly about them.

Enforcement falls to the Illinois Emergency Management Agency and the Office of Homeland Security, in consultation with the state Attorney General. Violations carry civil penalties.

Who It Covers

The law targets "large frontier AI developers" — a category defined by roughly $500 million or more in annual revenue and significant compute thresholds. In practice, this means companies like OpenAI and Anthropic are explicitly in scope.

What makes the legislative history of SB 315 genuinely unusual is that both OpenAI and Anthropic publicly supported the bill. That is remarkable. The dominant pattern in technology regulation is for the regulated industry to lobby vigorously against oversight, funding coalitions, filing lawsuits, and warning of innovation-killing consequences. Here, two of the most consequential AI companies in the world said, in effect: this law is reasonable, and we support it.

There are several possible interpretations of that support. One is genuine commitment to safety accountability. Another is strategic calculation — large, well-resourced incumbents can absorb compliance costs that would crush smaller competitors, effectively using regulation as a moat. Likely, it is some mixture of both. Either way, the political optics were significant: it is hard to argue that a safety mandate is unreasonable overreach when the companies it covers are endorsing it.

Why States Are Moving While Washington Stalls

The timing of SB 315's passage is not coincidental. On May 21, 2026, the Trump administration postponed a federal executive order on AI safety, leaving an explicit regulatory vacuum at the national level. States are filling it.

Illinois is not acting in isolation. SB 315 was modeled on AI safety legislation passed by New York and California in 2025. The pattern is familiar to anyone who has watched environmental, privacy, or consumer protection law develop in the United States: when federal action stalls, California moves first, other states follow, and eventually Washington either adopts a national standard or passes federal preemption legislation to regain control.

The EU AI Act's transparency obligations for AI-generated content take effect December 2, 2026. Illinois SB 315, effective January 1, 2027, places the United States — at the state level — in approximate alignment with the international regulatory timeline. Whether that alignment is deliberate or coincidental, it means US-based AI developers will face converging compliance deadlines from multiple jurisdictions in the same 12-month window.

The Audit Problem

NetChoice, the tech industry advocacy group, raised objections to SB 315 that deserve serious attention — not because they are reasons to oppose the law, but because they identify real implementation challenges that will need to be solved.

The core critique: there are no certified AI safety auditors. There are no recognized, standardized frameworks for auditing frontier AI models. The law mandates annual third-party audits beginning in 2028 for systems — GPT-class models, Claude-class models — that no existing auditing infrastructure is equipped to evaluate.

Who will audit GPT-6? What credentials will they hold? What methodology will they use? What does it mean to "pass" or "fail" an AI safety audit? These questions do not yet have answers, and the law does not answer them. It creates the obligation without creating the infrastructure.

NetChoice also flagged the vagueness of the "unreasonable catastrophic risk" standard — a phrase that sounds intuitive but is legally imprecise. What level of risk is unreasonable? Compared to what baseline? These definitional gaps will almost certainly generate litigation.

These criticisms are valid. They are also the kind of problems that tend to get solved precisely because a legal deadline makes them unavoidable. Standards bodies, professional associations, and specialized firms do not typically develop AI audit methodologies because it would be nice to have them. They develop them because a law says audits must happen by a specific date.

What It Means for AI Companies

For companies in scope, the compliance timeline is compressed and the requirements are substantive. The safety framework publication requirement begins January 1, 2027 — less than seven months from now. That means covered companies must, within months, produce and publicly release a comprehensive catastrophic-risk assessment for their most powerful models.

In practice, a "catastrophic risk assessment" requires companies to formally document scenarios in which their models could cause severe, large-scale harm — and to specify what controls they have in place to prevent or mitigate those scenarios. For companies that have been doing this work internally, the challenge is largely one of disclosure. For companies that have not, the challenge is both substantive and reputational.

The transparency report requirement — publishing before each new frontier model deployment — creates an additional pressure point. It means that the release of a major new model is no longer just a product launch; it is also a regulatory event requiring documented safety disclosure.

The third-party audit requirement in 2028 gives companies two years to either identify qualified auditors or help build the auditing ecosystem that will evaluate them. Given that OpenAI and Anthropic supported the bill, they have some incentive to help that ecosystem develop rather than arriving at the deadline without credible auditors available.

The Bigger Picture

This is how consequential technology regulation often begins in the United States: imperfectly, at the state level, with real legal gaps and legitimate implementation questions, but moving forward nonetheless.

California's data privacy law was criticized as vague and difficult to implement. It nonetheless drove CCPA, inspired other state laws, and contributed to federal privacy conversations that continue today. GDPR, widely criticized at passage for its compliance burden, became the de facto global standard that even US companies built systems around.

Illinois SB 315 may follow a similar trajectory. It could become a de facto national standard if other states adopt similar frameworks and companies standardize their compliance infrastructure across jurisdictions. It could be preempted by eventual federal legislation — though that federal legislation, if it comes, will have been shaped by what states like Illinois, California, and New York have already put in place.

Or it could become a cautionary tale about premature regulation — a law that imposes real costs, fails to produce the safety benefits it promises, and gets quietly revised or repealed. That is also possible.

What is not possible is the status quo. Frontier AI models are being deployed at scale, with capabilities that their own developers acknowledge they do not fully understand, in a regulatory environment where the federal government has explicitly stepped back. Some form of accountability framework was always going to fill that vacuum. In Illinois, it just did.

Frontier AI developers now have until January 1, 2027, to publish their safety frameworks — and until January 1, 2028, to find auditors who may not yet exist. The clock is running.