The Certifiers

In May 2026 Illinois passed SB 315, the first US law to require independent third-party safety audits of frontier AI labs. It reads as a brake. Read the structure and it is something more familiar: a state that makes the labs hire and pay the people who certify them, draws the bar so it names only the largest six, and lets the act of being audited stand in for the answer to whether the thing is safe. This is the fourth discharge move — the integration stamp — written into law.

A note on what this is, and is not

§01 — The laundered claim

The sentence the law makes available is short: “Independently audited for safety.” It is the same shape as every claim in this series — it answers a question by pointing at a procedure rather than an outcome. SB 315 cleared the Illinois House 110–0 and the Senate 52–5; Governor Pritzker has said he will sign it. It applies to developers above $500 million in revenue running frontier-scale compute, with annual third-party audits and publication requirements, effective 2028. Those are real obligations. The question this Edition asks is the one the headline sentence forecloses: audited by whom, paid by whom, and does the audit certify safety — or only that the audit happened?

§02 — Move four, in statute: swap the verdict

The integration stamp offers the running of a procedure as the verdict on the procedure’s subject. “The process was followed; case closed.” Case 16 documented it as Canada’s tenth laundering layer; the Edition The Supply Side of the Sentence found it in a military investigating itself. SB 315 installs the same move at the level of law: an annual audit, published, becomes the artifact a lab points to. The audit running is evidence the audit ran. Whether the model is safe is a different question, and the certificate does not answer it — it answers whether the paperwork exists.

Counter: the audit ran, fine. Is the model safe? That is the question on the table — and a passed audit is not a yes.

§03 — The tell: who pays the auditor

The structural tell is the same one OHCHR named about a military auditing itself, and the same one that sank Arthur Andersen and the credit-rating agencies before 2008: the auditor is paid by the audited. SB 315 requires labs to employ third-party auditors — issuer-pays. The likely auditors are the Big Four (Deloitte, EY, KPMG, PwC), with smaller AI-evaluation shops (METR, Transluce) also eligible. An auditor whose next contract depends on the client it just graded is structurally pointed toward the grade the client wants. This is not an accusation against any firm; it is the incentive the design builds in.

Counter: independent means independent of the cheque. Who signs the auditor’s invoice is who the auditor answers to.

§04 — The definitional dodge: a bar that names six firms

The first discharge move is to set the standard rather than meet it. SB 315’s thresholds — $500M revenue plus a frontier-scale compute floor — are drawn high enough that they name only a handful of companies. Everything below the line is, by definition, not a “frontier risk” and not covered. That is not necessarily wrong as triage; capability does cluster at the top. But it means the law’s reach is a line someone drew, and the firms most able to lobby where that line sits are the firms it lands on. A standard set this way decides who is inside the regime before any audit is run.

Counter: a threshold is a choice, not a fact of nature. Ask who is one notch below it, and why the line sits exactly there.

§05 — The sentence, scope-shrunk

This is the Case 17 move — a claim issued broad and true at a scope narrower than it sounds. “Frontier AI is now independently audited” will be literally true and materially partial: one state, six firms, on a timeline that starts in 2028, under audits the labs commission. The form of a safeguard is preserved; whether the function — actually constraining the labs — is delivered stays open, and the headline does not wait for the answer. Industry’s own objection (NetChoice testified against the bill) is mostly about burden; the laundering risk is the opposite — that a thin, capturable audit becomes the thing labs cite to say oversight is handled.

Safety, certified by the people the labs pay.

§06 — Where this sits, and what would close the gap

Three of the four discharge moves are present in one statute: the verdict swapped for a procedure, the standard set to name its own subjects, the sentence shrunk in scope while issued broad. The pattern is not proof the law fails — it is the set of places to watch as it is implemented. What would close the gap is concrete: an auditor paid from a pool the labs cannot individually control, published audits with teeth and named failure conditions, and a verdict stated as an outcome (“this model is safe to deploy because X”) rather than a procedure (“an audit occurred”). Until then, the honest reading is the quiet one: a real first step, built on a foundation — issuer-pays certification — that has laundered conduct in every industry it has touched.