AIUC-1: Building trust in AI agents

What It Covers

Emil Lawson, standards lead at the AI Underwriting Company, explains how AIUC-1 — a certification standard for agentic AI — uses a three-part flywheel of standards, audits, and insurance to help AI vendors pass enterprise security reviews and build verifiable trust in deployed agent systems.

Key Questions Answered

• •AIUC-1 Certification Structure: The standard contains 40 mandatory requirements across three layers — organizational governance, infrastructure security, and agentic AI controls. Six of those 40 requirements specifically mandate red teaming. Controls cover hallucination prevention, tool-call restrictions, data access limits, and brand-safe behavior. Vendors pursuing certification submit evidence to accredited auditors like Schellman or Coalfire for third-party validation.
• •Red Teaming Process: Certification red teaming generates between 1,000 and 5,000 unique attack scenarios per agent, split across two rounds with a one-to-four-week remediation window between them. Scenarios escalate from benign queries to multi-turn adversarial pressure, authority invocation, and distress manipulation. No agent has ever achieved a 100% pass rate — nondeterministic systems will always carry residual vulnerability under sufficient pressure.
• •Severity Grading for Pass/Fail: Red team findings are rated P0 through P4, where P0 is catastrophic and P4 is insignificant. A company cannot pass AIUC-1 with any unmitigated P0 or P1 vulnerabilities. Lower-severity findings appear transparently in the 60-to-100-page audit report, which enterprises use to evaluate vendor risk rather than receiving a falsely clean compliance document.
• •Quarterly Recertification Requirement: Maintaining AIUC-1 certification requires a quarterly re-test via API access to the live agent. Each quarter the standard itself is also updated by a 250-member consortium of CISOs, security engineers, and GRC managers. Recent quarterly additions include MCP protocol risk controls and strengthened runtime security requirements, reflecting the pace at which agentic attack surfaces evolve.
• •Enterprise Vendor Due Diligence Shortcut: Enterprise procurement teams currently run 100-question security questionnaires for every AI vendor, a process painful on both sides. A completed AIUC-1 audit report functions as a pre-validated answer set, accelerating vendor onboarding. Companies like Fin — acquired by Salesforce for $3.6 billion — and UiPath pursued certification specifically to unblock enterprise deals rather than for marketing purposes.