Illinois Raises the Bar on Frontier AI: What Developers Need to Know

15 Jul 2026
Client Alert

Illinois became the third state to enact comprehensive frontier AI legislation and the first to mandate independent third-party safety audits of frontier AI models when Illinois Governor J.B. Pritzker signed SB 315, the Artificial Intelligence Safety Measures Act (the “Act”), into law on July 6, 2026. Taking effect January 1, 2027, the Act establishes a regulatory framework for developers of the most advanced AI systems. Modeled in significant part on California’s SB 53 and New York’s RAISE Act, the Act requires covered developers to publicly disclose their safety practices and report significant safety incidents, and creates confidential reporting channels and whistleblower protections for employees who raise AI safety concerns. Unlike California’s SB 53 and New York’s RAISE Act, the Illinois Act notably requires large frontier developers to undergo annual independent third-party audits.

This alert summarizes the Artificial Intelligence Safety Measures Act, highlights how the Act compares with California and New York’s frontier AI laws, and presents recommended next steps for AI developers.

Scope and Applicability

The Act applies to developers of frontier models, defined as foundation models trained using a quantity of computing power greater than 10^26 integer or floating-point operations. The quantity of computing power includes the original training run and any material modifications to a preceding foundation model.

Enhanced obligations apply to “large frontier developers,” defined as frontier developers that, together with their affiliates, had annual gross revenues in excess of $500 million in the preceding calendar year.

Key Requirements

1. Frontier AI Framework

Beginning January 1, 2028, a large frontier developer must write, implement, comply with, and clearly and conspicuously publish on its website a frontier AI framework describing how it approaches, among other things:

  • Incorporating national and international standards and industry-consensus best practices;
  • Defining and assessing thresholds for identifying whether a frontier model poses a catastrophic risk (potentially using multiple tiers);
  • Applying mitigations based on those risk assessments;
  • Reviewing assessments and mitigations before deployment or extensive internal use;
  • Engaging third parties to assess catastrophic risk and mitigation effectiveness;
  • Cybersecurity practices to protect unreleased model weights;
  • Identifying and responding to critical safety incidents; and
  • Governing and managing catastrophic risk from internal use of frontier models.

The framework must be reviewed, and updated as appropriate, at least annually, and any material modification must be published, together with a justification, within 30 days.

2. Transparency Reports

Before, or concurrently with, deploying a new or substantially modified version of an existing frontier model, the Act requires:

  • A frontier developer to clearly and conspicuously publish on its website a transparency report including the frontier developer’s website; a mechanism allowing individuals to communicate with the frontier developer; the release date of the frontier model; the languages supported by the frontier model; the modalities of output supported by the frontier model; the intended uses of the frontier model; and any generally applicable restrictions or conditions on uses of the frontier model. A published system card or model card that includes the necessary items satisfies the requirement. While redactions are permitted to protect trade secrets, or for reasons of cybersecurity, public security, or national security, the frontier developer must describe the character of, and justification for, the redactions in the report and retain the unredacted information for five years.
  • A large frontier developer to include summaries of specified information in its transparency report, including assessments of catastrophic risks from the frontier model conducted pursuant to the large frontier developer’s frontier AI framework; the results of those assessments; and the extent to which third-party evaluators were involved.

All summaries must be provided in a machine-readable format to facilitate verification of model claims.

3. Independent Third-Party Audits

Beginning January 1, 2028 (or, if later, 90 days after a developer first qualifies as a large frontier developer), large frontier developers must annually retain an independent third party to audit compliance with the Act's framework requirements. The auditor must possess demonstrated competence in frontier model safety, and neither the developer nor the auditor may have a financial interest in the other; payment cannot be conditioned on the audit’s results.

The resulting audit report must address the developer’s substantial compliance or material deviations, its internal controls and governance, the audit methodology, and any conflicts of interest, and must be signed by the lead auditor. Developers must retain an unredacted copy for as long as the model is deployed plus five years, publish a high-level summary and a redacted copy within 30 days of receipt, and transmit the redacted report to the Illinois Emergency Management Agency and Office of Homeland Security (the “Agency”) and the Illinois attorney general (“Attorney General”).

4. Reporting Critical Safety Incidents
  • Critical Safety Incidents. The Agency must establish a mechanism for frontier developers and members of the public to report critical safety incidents. The reports must include: (i) the date of the critical safety incident; (ii) the reasons the incident qualifies as a critical safety incident; (iii) a short and plain statement describing the incident; and (iv) whether the incident was associated with internal use of a frontier model.
  • Timeline for Reporting Critical Safety Incidents. The Act requires frontier developers to report any “critical safety incident” to the Agency and the Attorney General within 72 hours of learning facts sufficient to establish a reasonable belief that one has occurred, including the date, the basis for qualification as a critical safety incident, and a short, plain description. Where an incident poses an imminent risk of death or serious physical injury, the developer must separately notify the appropriate law enforcement or public safety authority within 24 hours.
  • Confidential Risk Assessments. Every three months, or another reasonable schedule agreed upon by the Agency, large frontier developers are required to submit to the Agency a written summary of any assessment of catastrophic risk resulting from internal use of its frontier models. The Agency will establish a mechanism to be used by large frontier developers to confidentially submit the required summary.

Beginning January 1, 2029, and annually thereafter, the Agency must produce a public report to the General Assembly and the governor summarizing anonymized and aggregated information about critical safety incidents reviewed, along with recommended updates to the Act and any other relevant developments. The report may not include information that would compromise a frontier developer’s trade secrets or cybersecurity, public safety, or U.S. national security.

5. Interoperability

The Act establishes a process for determining when compliance with designated federal AI safety requirements would satisfy corresponding requirements under SB 315. The Agency, in consultation with the Attorney General, must designate on its website any federal laws, regulations, or guidance documents that impose substantially equivalent (or stricter) requirements for critical safety-incident reporting, catastrophic risk mitigation, and independent third-party audits. A frontier developer that declares its intent to rely on a designated federal regime will be deemed compliant with the corresponding requirements of the Act to the extent that the frontier developer meets the standards of, or complies with the requirements imposed or stated by, the designated federal law, regulation, or guidance document. Unlike the interoperability provisions under California’s SB 53 and New York’s RAISE Act, Illinois requires that any qualifying federal regime also includes independent third-party audit requirements.

6. Large Frontier Developer Disclosure Statement

Beginning January 1, 2027, large frontier developers may not develop, deploy, or operate a frontier model, in whole or in part, in Illinois without a current disclosure statement on file with the Agency and payment of the required fee. The form and manner of filing will be specified by the Agency on its website. The statement must identify the developer’s business names, Illinois office addresses, beneficial ownership information, and designated points of contact. The disclosure must be renewed annually or upon a material change or transfer of ownership, whichever comes first, and developers must pay their pro rata share of the Agency’s administrative costs. The Agency will publish a list of developers that file a statement.

7. Whistleblower Protections

The Act prohibits frontier developers from adopting policies or contracts that prevent a “covered employee” (an employee responsible for assessing, managing, or addressing critical safety-incident risk) from disclosing, and from retaliating against such an employee for disclosing, information reasonably believed to show a specific and substantial danger to public health or safety from a catastrophic risk, or a violation of the Act. Covered employees may use the Attorney General’s Workplace Rights Hotline, and developers must provide covered employees with notice of their rights and responsibilities.

Large frontier developers must also maintain an anonymous internal reporting process with monthly status updates to the reporting employee and quarterly reporting to officers and directors (excluding those implicated).

Enforcement and Penalties

The Attorney General may seek civil penalties of up to $1 million for a first violation and $3 million for subsequent violations, based on the severity of the violation, for failures relating to publication, reporting, false statements, or noncompliance with a developer’s own frontier AI framework.

Operating without a required disclosure statement, submitting false disclosure information, or failing to pay required assessments can result in penalties of $1,000 per day plus the assessments owed, following notice and hearing before the Agency.

The Act expressly disclaims any private right of action and preempts home-rule regulation of frontier AI models by Illinois municipalities.

Key Takeaways

Developers of frontier models should consider taking the following steps to prepare for compliance with the Act:

  • Determine whether they qualify as a “frontier developer” or “large frontier developer” under the Act.
  • Inventory existing frontier AI framework and transparency report materials prepared for California SB 53 or New York RAISE Act compliance to ensure they are up to date.
  • Identify potential third-party auditors before January 1, 2028.
  • Build or update a critical safety-incident detection and reporting process capable of meeting the Act’s 72-hour and 24-hour imminent-risk deadlines.
  • Review whistleblower policies, workplace notices, and anonymous reporting channels for alignment with the Act’s covered-employee protections.
  • Prepare for the Agency disclosure-statement filing and annual renewal obligations, effective January 1, 2027.

Comparison to California’s SB 53 and New York’s RAISE Act

Definitions

  • Artificial Intelligence: “Artificial intelligence” means a machine-based system that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments. “Artificial intelligence” includes generative artificial intelligence.
  • Catastrophic risk: A foreseeable and material risk that a frontier developer’s development, storage, use, or deployment of a frontier model will materially contribute to the death of, or serious injury to, more than 50 people or cause more than $1,000,000,000 in damage to, or loss of, property arising from a single incident involving a frontier model doing any of the following: (1) Providing expert-level assistance in the creation or release of a chemical, biological, radiological, or nuclear weapon; (2) Engaging in conduct with no meaningful human oversight, intervention, or supervision that is either a cyberattack or, if the conduct had been committed by a human, would constitute the crime of murder, assault, extortion, or theft, including theft by false pretense; or (3) Evading the control of its frontier developer or user.
  • Critical safety incident: Any of the following: (1) Unauthorized access to, modification of, or exfiltration of the model weights of a frontier model that results in death or bodily injury; (2) Harm resulting from the materialization of a catastrophic risk; (3) Loss of control of a frontier model causing death or bodily injury; or (4) A frontier model that uses deceptive techniques against the frontier developer to subvert the controls or monitoring of its frontier developer outside of the context of an evaluation designed to elicit this behavior and in a manner that demonstrates materially increased catastrophic risk.
  • Foundation model: An AI model that is (i) trained on a broad data set, (ii) designed for generality of output, and (iii) adaptable to a wide range of distinctive tasks.
  • Frontier AI framework: Documented technical and organizational protocols to manage, assess, and mitigate catastrophic risks.
  • Frontier developer: A person who trains, or initiates the training of, a frontier model using computing power that meets the technical specifications set forth in the definition of “frontier model.”
  • Frontier model: A foundation model that was trained using a quantity of computing power greater than 10^26 integer or floating-point operations. The quantity of computing power described in this definition includes computing for the original training run and for any subsequent fine-tuning, reinforcement learning, or other material modifications the developer applies to a preceding foundation model.
  • Large frontier developer: A frontier developer that, together with its affiliates, collectively had annual gross revenues in excess of $500 million in the preceding calendar year.

Maya Vishwanath, an AI Analyst at Morrison Foerster, contributed to this alert.

We are Morrison Foerster — a global firm of exceptional credentials. Our clients include some of the largest financial institutions, investment banks, and Fortune 100, technology, and life sciences companies. Our lawyers are committed to achieving innovative and business-minded results for our clients, while preserving the differences that make us stronger.

Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Prior results do not guarantee a similar outcome.