SB 315 · Illinois · introduced Jan 23, 2025Enacted

SB 315

Artificial Intelligence Safety Measures Act

Medium RiskMay require changes to AI practices. Monitor and prepare.

TL;DR

Illinois just enacted SB 315, the Artificial Intelligence Safety Measures Act, sponsored by Senators Mary Edly-Allen and Sue Rezin. It requires the largest AI developers (companies with over $500M in revenue training massive 'frontier' models above 10^26 compute operations) to publish safety frameworks, report critical incidents within 72 hours, and undergo annual third-party audits. Penalties reach $1M per first violation and $3M for repeat violations, enforced solely by the Illinois Attorney General.

How This Might Impact Your Business

Only applies to 'large frontier developers': companies training AI models with more than 10^26 compute operations AND generating over $500M in annual gross revenue (think OpenAI, Google DeepMind, Anthropic, Meta, xAI scale).

Starting January 1, 2028, covered developers must publish a public frontier AI safety framework and a transparency report for each new frontier model, including catastrophic risk assessments and third-party evaluator findings.

Critical safety incidents must be reported to the Illinois Agency and Attorney General within 72 hours; incidents posing imminent risk of death or serious injury require 24-hour notification.

Large frontier developers must submit quarterly summaries of catastrophic risk assessments from internal AI use to state regulators.

Annual independent third-party compliance audits are required, with a public summary and redacted full report posted within 30 days of receipt.

Civil penalties cap at $1M for a first violation and $3M for subsequent violations, prosecuted exclusively by the Illinois Attorney General (no private lawsuits allowed).

The Act takes effect January 1, 2027, with the main transparency and audit obligations kicking in January 1, 2028; smaller AI developers, enterprise AI users, and downstream deployers are not covered.

What Should You Do

1

If your company trains foundation models at or near the 10^26 compute threshold, task your legal and ML infrastructure teams with confirming whether you meet the 'large frontier developer' definition and begin drafting your public AI safety framework now.

2

Enterprises that license frontier models from OpenAI, Anthropic, Google, or similar vendors should ask those vendors how they plan to comply, since their published transparency reports and audit summaries may reveal usage restrictions relevant to your deployments.

3

Build a 24/72 hour incident escalation playbook if you are a covered developer, including clear internal criteria for what triggers 'reasonable belief' of a critical safety incident.

4

Budget for annual third-party AI safety audits starting in fiscal year 2028 and identify qualified independent auditors early, since the market for frontier model auditors is thin.

5

Monitor Illinois Attorney General guidance and Agency rulemaking through 2026 and 2027 for definitions, reporting templates, and enforcement priorities before the January 2028 compliance date.

Who It Affects

Foundation Model DevelopersCloud ComputingEnterprise AI SoftwareLegal and Compliance ServicesCybersecurityAI Audit and Assurance

Sponsors

Status Timeline

  1. enacted

    Public Act . . . . . . . . . 104-0538

    July 6, 2026

AI-generated analysis for informational purposes only. Not legal advice. Always consult a qualified attorney for legal guidance.Last action Jul 6, 2026

Need help preparing your team for AI compliance?

Talk to LaunchReady about AI Training

Get the Weekly AI Law Roundup

Plain-English summaries of the AI laws that matter for your business. Every Monday. Free.

No spam. Unsubscribe anytime.