AIUC-1: The First Compliance Framework for AI Agents w/ Rajiv from AIUC and Danny from Schellman episode artwork

EPISODE · Mar 5, 2026 · 46 MIN

AIUC-1: The First Compliance Framework for AI Agents w/ Rajiv from AIUC and Danny from Schellman

from GRC Engineer · host Ayoub Fandi

Every compliance framework you know was built for deterministic systems. AI agents are not deterministic. That's why AIUC-1 was born.In this episode, I sit down with Danny from Schellman and Rajiv Dattani, co-founder of AIUC, to break down the first compliance framework purpose-built for AI agents. We cover the six pillars (data & privacy, security, safety, reliability, accountability, societal risks), how the technical testing works with thousands of adversarial simulations, and why tying it to insurance through Lloyd's of London changes the incentive structure for the entire audit market.Key takeaways:- AIUC-1 bridges the gap between governance frameworks (ISO 42001) and technical testing- You can't commoditize it: you either pass thousands of adversarial scans or you don't- Quarterly updates keep the framework current with the fast-moving AI threat landscape- Insurance-backed testing means the tester has skin in the game- The 100-page audit report replaces ~70% of your vendor questionnaire back-and-forth- Three evidence types: adversarial testing, technical controls (code review), and policies- Internal agents emphasize security/data privacy; external agents emphasize safety---CHAPTERS:00:00 Introduction & Guest Intros01:55 Why a New Framework for AI Agents?04:06 Why Schellman Partnered with AIUC08:06 Quarterly Updates & The Consortium Model09:29 The Five Principles Driving AIUC-111:36 The Six Pillars: Data, Security, Safety, Reliability, Accountability, Societal12:38 What You Get: 100-Page Report + Certification14:22 How Testing Works: Thousands of Adversarial Simulations16:12 Testing Stochastic Systems: The Entropy Problem17:05 The Insurance Innovation: From Benjamin Franklin to AI Safety20:39 Lloyd's of London & Synthetic Loss Data21:36 Aligning Incentives Through Insurance23:56 How Enterprises Use AIUC-1: Buyers vs Builders26:06 Deterministic vs Stochastic: The Compliance Challenge29:05 SOC 2 vs ISO 42001 vs AIUC-1 Positioning30:51 Threat Modeling Meets Compliance35:10 Traditional Security Controls & AI-Specific Risks38:11 GRC Engineering & Agentic Auditing42:18 The Hardest Challenge: Articulating Technical Testing44:46 Closing Thoughts------CONNECT WITH GRC ENGINEER:Newsletter: https://grcengineer.com/subscribeLinkedIn: https://linkedin.com/in/ayoubfandiWebsite: https://grcengineer.comCONNECT WITH DANNY:LinkedIn: https://www.linkedin.com/in/danny-manimbo-2b199718/CONNECT WITH RAJIV DATTANI:LinkedIn: https://linkedin.com/in/rajivdattani---#GRC #cybersecurity #compliance #AIagents #AIUC1 #ISO42001 #GRCEngineering

Episode metadata supplied by the publisher feed · Published Mar 5, 2026

Every compliance framework you know was built for deterministic systems. AI agents are not deterministic. That's why AIUC-1 was born.In this episode, I sit down with Danny from Schellman and Rajiv Dattani, co-founder of AIUC, to break down the first compliance framework purpose-built for AI agents. We cover the six pillars (data & privacy, security, safety, reliability, accountability, societal risks), how the technical testing works with thousands of adversarial simulations, and why tying it to insurance through Lloyd's of London changes the incentive structure for the entire audit market.Key takeaways:- AIUC-1 bridges the gap between governance frameworks (ISO 42001) and technical testing- You can't commoditize it: you either pass thousands of adversarial scans or you don't- Quarterly updates keep the framework current with the fast-moving AI threat landscape- Insurance-backed testing means the tester has skin in the game- The 100-page audit report replaces ~70% of your vendor questionnaire back-and-forth- Three evidence types: adversarial testing, technical controls (code review), and policies- Internal agents emphasize security/data privacy; external agents emphasize safety---CHAPTERS:00:00 Introduction & Guest Intros01:55 Why a New Framework for AI Agents?04:06 Why Schellman Partnered with AIUC08:06 Quarterly Updates & The Consortium Model09:29 The Five Principles Driving AIUC-111:36 The Six Pillars: Data, Security, Safety, Reliability, Accountability, Societal12:38 What You Get: 100-Page Report + Certification14:22 How Testing Works: Thousands of Adversarial Simulations16:12 Testing Stochastic Systems: The Entropy Problem17:05 The Insurance Innovation: From Benjamin Franklin to AI Safety20:39 Lloyd's of London & Synthetic Loss Data21:36 Aligning Incentives Through Insurance23:56 How Enterprises Use AIUC-1: Buyers vs Builders26:06 Deterministic vs Stochastic: The Compliance Challenge29:05 SOC 2 vs ISO 42001 vs AIUC-1 Positioning30:51 Threat Modeling Meets Compliance35:10 Traditional Security Controls & AI-Specific Risks38:11 GRC Engineering & Agentic Auditing42:18 The Hardest Challenge: Articulating Technical Testing44:46 Closing Thoughts------CONNECT WITH GRC ENGINEER:Newsletter: https://grcengineer.com/subscribeLinkedIn: https://linkedin.com/in/ayoubfandiWebsite: https://grcengineer.comCONNECT WITH DANNY:LinkedIn: https://www.linkedin.com/in/danny-manimbo-2b199718/CONNECT WITH RAJIV DATTANI:LinkedIn: https://linkedin.com/in/rajivdattani---#GRC #cybersecurity #compliance #AIagents #AIUC1 #ISO42001 #GRCEngineering

PodParley-generated summary based on available episode metadata and transcript content.

NOW PLAYING

AIUC-1: The First Compliance Framework for AI Agents w/ Rajiv from AIUC and Danny from Schellman

0:00 46:21

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

AI Generated - EDU Video Podcast Magnus Lian Explore how video tools and AI are transforming education with Magnus Sæternes Lian, Senior Engineer at NTNU and founder of ReadyMedia. This podcast dives into the latest video technologies, real-world use cases, and actionable insights for educators and tech enthusiasts. Created using cutting-edge AI tools like GoogleLM and ElevenLabs, all content is verified for accuracy. Discover practical solutions and stay ahead in the evolving landscape of educational technology! The Driven To Draw Podcast: Self Improvement|Painting|Drawing|Visual Problem Solving|Unleashing the Creativity Within! Arvind Ramkrishna/Designer/Artist/Engineer The Driven to Draw Podcast will teach you how to solve problems visually, think outside the box, build your confidence, generate ideas, and innovate.You'll hear from top creative artists, designers, engineers, and photographers who share their techniques to create products, broaden their creative abilities, and share the benefits of thinking visually.No matter your background or area of expertise, Driven to Draw will be your constant motivator to help you become your best…and Unleash the Creative Within! Prompt / AI Podcast from Japan Inyu | prompt engineer JPN I'm a Japanese prompt engineer. On this podcast, I talk about my job, research of AI and prompting. Mohammad Qutub Muslim Central Dr. Mohammad Qutub is an Islamic scholar with several decades of experience as a teacher and orator. He completed his Master’s and PhD degrees in Uṣūl al-Dīn and Comparative Religion at the International Islamic University Malaysia (IIUM), and has several Ijāzahs (licenses) and certificates in Qur’an, Hadith, etc. He has spoken internationally in the Middle East, the U.S., and Southeast Asia and regularly holds intensive seminars and university lectures. His passions and research revolve around: Islamic thought and history, Qur’anic Tafsīr, scientific Iʿjāz (inimitability) in the Qur’an and Sunnah, and comparative religion. He teaches students of all different ages and backgrounds in-person and online. He is also an engineer by profession with a Bachelor of Science in Chemical Engineering from the U.S., and extensive experience in the field of Industrial Gases.

Frequently Asked Questions

How long is this episode of GRC Engineer?

This episode is 46 minutes long.

When was this GRC Engineer episode published?

This episode was published on March 5, 2026.

What is this episode about?

Every compliance framework you know was built for deterministic systems. AI agents are not deterministic. That's why AIUC-1 was born.In this episode, I sit down with Danny from Schellman and Rajiv Dattani, co-founder of AIUC, to break down the first...

Can I download this GRC Engineer episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!