Illinois AI Safety Act Requires Annual Audits
New law mandates independent audits for AI developers in Illinois.
Model Diplomat10 min readNorth America

Illinois adds audit teeth to state AI safety laws California and New York left out
Governor JB Pritzker signed the Illinois AI Safety Measures Act on July 6, 2026, making Illinois the first US state to require annual independent audits of frontier AI developers.
Illinois Governor JB Pritzker on July 6, 2026 signed Senate Bill 315 into law as Public Act 104-0538, and the substantive shift is not that a third state has now regulated frontier artificial intelligence — it is that Illinois is the first to require an independent third-party audit of the companies building the largest models. California's SB 53 and New York's RAISE Act asked developers to publish their own safety frameworks and self-report incidents; Illinois converts "trust, but verify" from slogan into statute, and it does so at the precise moment the Trump administration's new AI Litigation Task Force is preparing to challenge exactly this kind of state law.
The signing ceremony in Chicago was low-key. The regulatory arithmetic is not. With Illinois joining California and New York — the states hosting a plurality of US frontier developers, users and financial exposure — an entity-based state regime governing OpenAI, Anthropic, Google DeepMind, Meta, Microsoft and xAI is now effectively in place, well ahead of any federal statute. That is the story.
What the Illinois law actually does
The Artificial Intelligence Safety Measures Act was passed as a floor substitute that gutted an unrelated Predatory Loan Prevention Act shell and replaced it with an entirely new statute, according to the Illinois General Assembly bill status page for SB0315. Its core obligations fall on "large frontier developers" — companies with more than $500 million in annual gross revenue that train foundation models above a compute threshold aligned with California's 10^26 FLOPs bar, per an
analytical brief from Let's Data Science. The law takes effect January 1, 2027.
Covered developers must publish and annually update a frontier AI framework covering catastrophic-risk assessment, mitigations, cybersecurity, internal governance, third-party evaluations, and internal-use risks. They must file transparency reports before deploying any new or substantially modified frontier model, and they must submit to annual independent third-party safety audits with results published. Critical safety incidents must be reported to the Illinois Emergency Management Agency and Office of Homeland Security, working with the Attorney General. Whistleblowers are protected — the Whistleblower Act itself was amended to bar retaliation for good-faith disclosures of AISMA violations, per the Illinois General Assembly synopsis.
Enforcement runs through the Illinois Attorney General, which can seek civil penalties of up to $1 million for a first violation and up to $3 million for subsequent violations, according to JURIST. Those numbers are lighter than California's — SB 53 authorizes penalties up to $10 million for repeat violations, per the
United States Studies Centre — and dramatically lighter than New York's RAISE Act ceiling of $10 million and $30 million for first and subsequent violations, as summarized by
Brookings. The teeth are elsewhere: in the audit.
The audit is the point
For a year, the debate over state frontier-AI law has been dominated by the "trust but verify" template that California's SB 53 set. Carnegie Endowment analysts called it the framework that "fills a void Congress has left open," and Carnegie's October 2025 explainer noted its central weakness plainly: neither SB 53 nor the RAISE Act creates an external verification mechanism. Companies self-attest. If they lie, the sanction is retrospective — after a critical incident — not prospective.
That gap is exactly what Illinois closes. The Bloomberg Law summary called AISMA the "nation's strongest frontier AI model law" on the strength of its audit provision — a description Carnegie's earlier tracking of state proposals had reserved for the
Michigan bill, which pioneered the third-party audit idea but has not passed. Illinois beat Michigan to enactment.
Third-party audits matter for one narrow reason: they generate an evidentiary base that regulators, courts and legislatures elsewhere can use. Frontier labs already publish variants of "preparedness" or "responsible scaling" policies; what they do not publish, and what SB 53 and RAISE do not force them to publish, is external assurance that they are following those policies. A 2026 arXiv working paper by Delaney and colleagues argues that internal-deployment risk is now the most under-verified segment of frontier AI, precisely because "external deployment frameworks may fail to address" the six-to-eight-week window when a lab uses its most capable models in-house before public release — the paper cites Anthropic's Mythos Preview, available internally for at least six weeks before public announcement. The Illinois audit reaches into that window.
Who benefits, who loses
The load-bearing actors are five or six companies. Brookings estimates the SB 53 thresholds capture "approximately five to eight companies, including OpenAI, Anthropic, Google DeepMind, Meta, and Microsoft," and the Illinois thresholds are calibrated to match. Startups are exempt — the Startup Intelligence Brief notes that the $500 million revenue floor keeps venture-backed labs outside the perimeter until they scale up, converting the law from a general burden into a targeted one.
The immediate winner is the emerging AI-audit industry. A statute-mandated market for annual third-party assurance is now on the books in the third-most-economically consequential US state for AI users. Firms building capability evaluations — Apollo Research, METR, ARC Evals, and the risk-advisory arms of the Big Four — gain a captive customer base of six developers with a hard January 1, 2027 deadline. Carnegie's state-law tracker had already flagged this as the sleeper effect of the Michigan proposal; Illinois has now delivered it.
The immediate loser is the Trump administration's preemption push. On December 2025, President Trump signed an executive order creating an AI Litigation Task Force at the Department of Justice to challenge state AI laws as "unconstitutional, preempted, or otherwise unlawful," and directing the Commerce Department to withhold Broadband Equity Access and Deployment funding from non-compliant states, according to a White House fact sheet. That order followed the collapse of the 10-year state AI moratorium in the One Big Beautiful Bill Act; the Senate voted 99-1 to strike the moratorium on July 1, 2025, per the
Center for American Progress. Carnegie's
post-mortem noted that Republican governors and the House Freedom Caucus had joined Democrats to kill the pause. Illinois signing SB 315 six months after Trump's executive order — with a Democratic governor and a bipartisan enactment record — hardens the third pole of a state-federal fight the administration was already losing on procedural grounds.
The pattern: convergence, then divergence
The three state laws now converge on a common core: the $500 million revenue threshold, the 10^26 FLOPs compute threshold, the frontier framework, incident reporting, and (in Illinois and California) whistleblower protections. Carnegie's February 2026 analysis of the RAISE Act's convergence with SB 53 noted that New York "in many cases directly copies the text of the California law," including the definitions of catastrophic risk, critical safety incident and foundation model. Illinois follows the same architecture. That convergence — deliberate, drafted across state lines — undercuts the strongest industry argument against state regulation: that a "patchwork" imposes duplicative compliance costs. If the three biggest state laws share definitions, thresholds, and framework requirements, compliance is materially unified.
The divergence is on enforcement style. California relies on public transparency and modest fines. New York relies on high dollar penalties. Illinois relies on the audit. Together, they cover the three enforcement tools available to a subnational government that cannot legislate directly on interstate commerce. Any frontier developer that operates in all three states will now face all three mechanisms — which was almost certainly the design.
Illinois is also, quietly, a jurisdictional problem for the industry that California is not. Chicago hosts trading firms and financial infrastructure that rely on frontier AI models, and the state's Attorney General has consumer-protection authority that reaches out-of-state defendants when they harm Illinois residents. According to WAND-TV, the law explicitly requires "ChatGPT and Claude" developers — the report named both — to supply the state with an independent annual report documenting how they address catastrophic risks. That is a different litigation posture from a purely West Coast-based statute.
What Pritzker said, and what he didn't
Pritzker, at the signing, framed the law as pro-innovation. According to Northern Public Radio WNIJ, he explicitly said Congress "ought to be passing similar legislation," but has not because of "special interests." Government Technology's
account of the signing noted the bill's bipartisan Senate cosponsor list — 31 senators, including Republicans Sue Rezin, Darby Hills, Chris Balkema and Donald DeWitte — a striking marker in a polarized field.
What Pritzker did not say publicly, but which the record suggests: Illinois is not stopping. In August 2025 the state enacted Public Act 104-0054, the Wellness and Oversight for Psychological Resources Act, banning AI therapy — a sector-specific rule the American Enterprise Institute called a "bold first step into uncharted regulatory territory" and one that led Ash Therapy, marketing itself as "the first AI designed for therapy," to voluntarily block Illinois users. AISMA is the horizontal counterpart. Illinois now has a stacked regime: sector-specific bans plus frontier-model audits. That posture — used sequentially by the same governor — is a template other Democratic-led states with active AGs (Massachusetts, Washington, Minnesota) can replicate.
The historical parallel
There is a useful parallel: the federal Sarbanes-Oxley Act of 2002. Before SOX, corporate financial reporting relied on self-attestation and audit relationships the company itself controlled. SOX mandated independent auditor oversight of internal controls and criminal accountability for officers — and it created, within five years, the modern financial-audit market. Illinois has effectively done the small-scale, subject-matter equivalent for frontier AI. Frontier labs' current safety practice, as The AI Chronicle put it in coverage of the bill, has been a mix of "voluntary self-attestation" and selective third-party access. AISMA converts that into a legal requirement, and — like SOX — the second-order effect will be the professionalization of the assurance function itself.
Carnegie analysts have argued this is where frontier-AI regulation was always going to land. Their July 2025 paper on entity-based regulation noted that the most durable governance regimes attach to firm characteristics (R&D spend, revenue, aggregate compute) rather than to specific model thresholds, because compute thresholds erode as hardware improves. Illinois carries a model-based trigger inside an entity-based enforcement mechanism — the audit follows the company, not the model.
The federal collision course
The next fight is legal, and it is coming fast. Trump's December executive order directed the Attorney General to identify state AI laws for litigation and directed Commerce to publish an evaluation of "State AI laws that conflict with national AI policy priorities." Illinois — with a Democratic AG, a Democratic governor, and a bipartisan enactment record — is a difficult defendant to characterize as fringe.
The industry's own position is fractured. OpenAI, Google, xAI and Microsoft agreed in May 2026 to give the Commerce Department's Center for AI Standards and Innovation pre-deployment access to models for national security testing, per Al Jazeera. Anthropic, meanwhile, was designated a "supply-chain risk to national security" by the Pentagon in February 2026 after refusing to permit military uses of Claude, per
NPR. The administration then partially reversed course on Anthropic's Mythos 5 and Fable 5 models in July 2026, according to
Chatham House — a whiplash that leaves the industry without a coherent federal counter-position to point to. A unified industry lobby against state law is not currently available.
Congress has one credible bipartisan vehicle. Senators Dick Durbin and Josh Hawley introduced S.2937 on September 29, 2025, which would create federal developer and deployer liability standards for advanced AI products and includes an express preemption clause. That bill, referred to Judiciary, is the only serious federal frontier-AI proposal with cross-party sponsorship — and its preemption section is the fulcrum on which Illinois' law will ultimately stand or fall.
Diplomat View
Illinois' AI Safety Measures Act is not a copycat. It is the first US state law that would embarrass a frontier developer whose safety framework does not survive external audit — and that is a materially different accountability regime than transparency-plus-fines. Expect three consequences. First, the "trust but verify" template becomes "verify" by default: any state legislature that copies SB 53 or RAISE now has a live example of a stronger audit clause it can adopt without waiting for California to move. Second, the audit vendor market becomes the fastest-growing segment of AI governance infrastructure, because six named companies now have a January 1, 2027 deadline in a state economy exceeding $900 billion. Third, the Trump DOJ's litigation task force will likely test Illinois or California in federal court before the audits actually happen — the incentive is to strike before the empirical record forms.
The forecast that would change: if the DOJ obtains a preliminary injunction against SB 315 on preemption grounds before Q3 2027, or if Congress passes a bipartisan federal frontier-AI framework with express preemption (S.2937 is the most credible candidate), the state-first trajectory collapses. Neither is currently probable. Both are the correct things to watch.
What to watch next
- January 1, 2027: AISMA takes effect. First frontier-AI frameworks and internal-use risk reports due from covered developers in Illinois and New York.
- Q2 2027: First independent third-party audit cycle begins under Illinois law — the first hard test of whether a state can compel external assurance from OpenAI, Anthropic and Google DeepMind.
- Pending: DOJ AI Litigation Task Force filings under the December 2025 executive order; expected first challenge to a state AI law before end of 2026.
- 119th Congress: Movement on S.2937 (Durbin–Hawley), the only bipartisan federal frontier-AI vehicle with a live preemption clause.
The Bottom Line
Illinois did not add a third state to the list of frontier-AI regulators — it added the enforcement mechanism the other two forgot. By requiring independent annual audits of OpenAI, Anthropic, Google DeepMind, Meta, Microsoft and xAI, Public Act 104-0538 converts state AI safety law from disclosure into verification, and it does so at the precise moment the Trump administration is trying to preempt the field. The next real question is not whether more states copy Illinois — Michigan, Massachusetts and Washington are already close — but whether the DOJ can enjoin the audit clause before it produces its first report.
Discover more

Global Politics
US Seizes Iranian Ship, Tensions Surge
The US seizure of the Iranian ship Touska highlights a shift in control over the Strait of Hormuz, favoring Iran's strategic position.

India
Congress Accuses Modi of Stalling Women's Law
Congress accuses Modi of stalling women's reservation law by linking it to delimitation, revealing a deeper electoral strategy.
Global Politics
Trump's Conflicting Messages on Iran War
Trump's mixed messages on Iran reflect a strategy of audience management, benefiting Tehran amid a complex geopolitical landscape.

Tech Policy
U.S. Grants UAE License-Free AI Chip Access
U.S. Commerce reclassifies UAE to Country Group A:5, granting license-free AI chip access to G42 and American tech giants, rewarding Emirati China divestment and Operation Epic Fury sacrifices.