SOC 2 built SaaS trust.
Meet the framework built to do the same for AI.

AIUC-1 is the world's first compliance standard for AI agents, and if you are shipping AI into enterprise, it is the framework your buyers will start asking about next.

When businesses first began outsourcing critical operations to cloud vendors in the early 2000s, enterprise procurement teams faced a fundamental problem: how do you trust a vendor you cannot see inside? You cannot audit every piece of infrastructure. You cannot run security tests on someone else's stack. You need a proxy for trusting something independent, credible, and consistent.

SOC 2 solved that problem. It created a common standard, required independent auditors, and gave enterprise buyers a trusted signal they could act on without needing an in-house security team to verify it. It unlocked an entire generation of SaaS deals. Companies that had it won enterprise contracts. Companies that didn't stall in procurement.

Twenty years later, the same problem has arrived for AI, and existing frameworks are not equipped to solve it.

Companies are now shipping AI agents that make autonomous decisions, generate customer-facing outputs, process sensitive data, and interact with enterprise systems in ways no human team can fully supervise in real time. The compliance frameworks that enterprise buyers rely on, SOC 2, ISO 27001, HIPAA, and GDPR, were designed before any of this existed. They can tell a buyer whether your infrastructure is secure. They cannot tell them whether your AI will hallucinate a critical recommendation, leak PII into a response, execute an action nobody authorized, or produce an output that creates legal liability.

That is the trust gap AIUC-1 was built to close.

What is AIUC-1?

AIUC-1 is the world's first compliance standard designed specifically for AI agents. It works the same way SOC 2 works. Independent third-party auditors assess your controls against a defined framework, and you receive a certificate that enterprise buyers can rely on, but it does not cover the risks that SOC 2 was never designed to address.

The standard was developed by the AIUC-1 Consortium, a body comprising AI vendors, security practitioners, and enterprise buyers, which identified the specific controls required for AI systems to be trustworthy in commercial deployments. Unlike SOC 2, which conducts a single annual audit, AIUC-1 requires ongoing compliance: technical controls must be tested at least quarterly, and the certificate must be renewed annually, or it lapses entirely.

This makes AIUC-1 a forward-looking standard rather than a backward-looking attestation. SOC 2 tells you what happened over the past year. AIUC-1 tells you which safeguards are currently in place.

The six pillars of AIUC-1

The framework is built around six domains, each mapped to the specific ways AI systems can fail, cause harm, or erode enterprise trust:

Pillar A

Data & Privacy

Input and output data policies, PII leakage prevention, IP protection, cross-customer data exposure controls

Pillar B

Security

Adversarial robustness testing, prompt injection detection, real-time input filtering, unauthorized agent action prevention

Pillar C

Safety

Pre-deployment testing, harmful output prevention, high-risk output flagging for human review, and real-time AI risk monitoring

Pillar D

Reliability

Hallucination prevention and third-party testing, safe tool call enforcement, and output accuracy controls

Pillar E

Accountability

AI failure plans for breaches and harmful outputs, activity logging, vendor due diligence, and regulatory compliance documentation

Pillar F

Society

Prevention of AI cyber misuse, controls against catastrophic misuse, and broader societal harm mitigation

Together, these six domains cover the full lifecycle of an AI agent deployment — from how data enters the system, to what the model does with it, to how failures are detected, documented, and remediated. No existing certification standard covers this ground.

What SOC 2 got right — and where it ends

SOC 2 became the enterprise default because it solved the right three problems: independent validation that procurement teams could rely on, a common language that removed friction from security reviews, and concrete coverage of the controls that actually blocked deals. AIUC-1 keeps every one of those principles. What changes is the scope.

SOC 2 Type II vs. AIUC-1 — side by side

The critical difference: SOC 2 tells an enterprise buyer your infrastructure was secure at a point in time. AIUC-1 tells them your AI is actively governed, tested against real-world attack vectors, and held accountable on an ongoing basis, not just when an auditor visits.

How AIUC-1 compares to other AI governance frameworks

AIUC-1 is not the only framework addressing AI risk, but it is the only one structured as a certifiable standard with third-party auditors, a formal certificate, and a defined renewal process. Here is how it sits alongside the others:

AI governance frameworks — scope comparison

Why your enterprise buyers will ask about this next

AIUC-1 is not yet a regulation. But enterprise procurement does not wait for mandates. The companies that requested SOC 2 reports in 2012 did so years before any regulation required them. They did it because it answered a real question: Can we trust this vendor's security posture without auditing it ourselves?

The same dynamic is playing out now for AI. Enterprise security teams are already building AI-specific vendor questionnaires. Legal teams are asking about model governance and output accountability. Procurement teams at financial institutions, healthcare companies, and public-sector buyers are adding AI risk to their standard review templates — and no existing certification addresses it.

• If you are shipping an AI agent into a regulated enterprise, expect a governance question in the next security review that your SOC 2 report cannot answer

• If you are in a sales cycle with a financial institution or healthcare buyer, AI risk is already entering their vendor questionnaire templates in 2026

• If your competitors achieve AIUC-1 certification before you, they will use it to differentiate in exactly the deals you are trying to close

• If you wait for AIUC-1 to become a requirement before preparing, you will be six months behind the companies that treated it as an opportunity

SOC 2 did not become mandatory because a law was passed. It became mandatory because enterprise buyers demanded it — and vendors who had it won deals that vendors without it lost. AIUC-1 is on the same trajectory, moving faster, in a market where AI trust failures are front-page news every week.

The result: a new trust layer for the AI era

SOC 2 provided the SaaS generation with a standard that enabled enterprise adoption. It worked because it kept the three things that matter: independent validation, a common language, and coverage of what buyers actually care about. AIUC-1 is built on those same foundations and adds the scope that AI demands.

For AI vendors, AIUC-1 is a concrete way to prove your AI systems are safe, reliable, and accountable, and to stop losing procurement cycles to a question your SOC 2 report was never designed to answer. A certificate puts the focus back on building great technology instead of spending months on security reviews.

For enterprise buyers, AIUC-1 makes AI vendor evaluation possible for the first time. Not by asking whether the vendor's infrastructure is secured, but whether the AI operating inside that infrastructure is actively governed, tested, and held to a standard that an independent third party has verified.

The trust gap between enterprises and the AI systems being deployed inside them is real. AIUC-1 is the standard built to close it — and the companies that move early will be the ones that enterprise buyers learn to trust first.