AIUC-1 certification: the next chapter in trusted agentic automation

Enterprise leaders are moving fast on agentic automation—and hesitating for the same reason: AI agents don’t just generate content; they take actions.

When agents are operating in production workflows, the risks are real: hallucinations that become decisions, tool misuse that crosses boundaries, data leakage, and attacks designed to manipulate behavior.

That’s why the most important question isn’t “do you have an AI program?”. It’s: “can your agents be trusted in the real world under pressure, adversarial conditions, and when handling sensitive data?”.

Last quarter, we shared how UiPath became one of the first enterprise automation vendors to achieve ISO/IEC 42001:2023 certification, validating that our AI governance framework we’ve built from day one meets rigorous standards.

Now, UiPath has achieved AIUC-1 certification, becoming the first enterprise automation platform to meet the world's first standard for AI agent security and reliability.

UiPath is the first enterprise automation company to achieve AIUC-1 certification. To achieve this, they subjected their suite of agentic AI systems to 2,000+ technical evaluations, and a comprehensive audit of their AI policies and technical guardrails. This demonstrates UiPath’s commitment to responsible AI agent deployment in enterprise environments.”

Rajiv Dattani, Co-founder, Artificial Intelligence Underwriting Company

While ISO 42001 validates that we have the right governance system in place, AIUC-1 is designed to validate something different: that AI agents behave safely in real-world conditions (including in production environments handling your most sensitive workflows).

Why AIUC-1 matters for enterprise automation

We've always believed that for agentic automation to transform enterprises, it must be both powerful and trustworthy. Our customers operate agents in the most demanding environments: processing financial transactions, handling patient data, detecting fraud, executing procurement decisions. In these contexts, trust isn't optional: it's fundamental.

AIUC-1 provides independent validation that the AI agents orchestrating these critical workflows meet enterprise security and reliability expectations. Unlike broader AI governance frameworks, this certification focuses on the specific risks enterprises face when deploying autonomous agents:

• Hallucinations that could lead to costly errors or customer-facing mistakes

• Tool misuse where agents exceed their authorized boundaries

• Data leakage that exposes sensitive business or customer information

• Prompt injection attacks designed to manipulate agent behavior

• Brand and reputation risks from agents producing inappropriate content

To achieve our AIUC-1 certification, we underwent rigorous independent audits by Schellman, the largest specialized cybersecurity auditor, ensuring the right policies, safeguards, and technical controls were in place. Alongside this, UiPath IXP (Intelligent Xtraction Processing), Agents, and UiPath Autopilot™, were comprehensively tested by third-party evaluators and red-teamers across more than 2,000 enterprise risk scenarios. This wasn’t a one-time assessment: technical evals continue each quarter, ensuring our safeguards evolve as quickly as AI capabilities and threats do.

UiPath’s achievement of AIUC-1 certification reflects a real commitment to the governance, transparency, and security standards that enterprise AI now requires. As the independent auditor for both their ISO 42001 and AIUC-1 certifications, we can attest that this validation was earned through rigorous evaluation. This is where the market is heading. Responsible AI is no longer optional. Organizations that invest in strong governance now will be the ones that lead in the years ahead, and UiPath is setting a meaningful benchmark for the industry.

Avani Desai, CEO, Schellman

How AIUC-1 complements our existing certifications

Our customers have told us repeatedly: they need multiple layers of assurance when adopting agentic automation. That's why we've pursued a comprehensive approach to trust and compliance.

ISO 42001 validates our AI management system, proving we have the governance, processes, and controls to manage AI responsibly at an organizational level. It covers everything from how we design and develop AI features to how we monitor and improve them over time.

AIUC-1 validates agent behavior, proving that the technical safeguards we've built actually work when put to the test. It's behavior focused, with real adversarial testing that simulates how malicious actors or edge cases might cause AI agents to fail.

Together, they create complete confidence: the AI management system is well governed and agents are technically secure.

What makes AIUC-1 particularly powerful is its living nature. The standard is updated quarterly to keep pace with rapid advances in AI capabilities and emerging threat patterns. As the field evolves, so does the bar for safety, and our commitment is to stay ahead of it.

UiPath is also proud to be recognized as a Founding Technical Contributor to AIUC-1, joining a select group of industry leaders actively shaping how enterprises can safely deploy AI agents. This role reflects our commitment to elevating agentic automation security and our dedication to building standards that work in the real world, not just in theory.

What this means for our customers: trusted by design, validated by experts

For UiPath customers, AIUC-1 certification provides tangible assurance at a critical moment in your automation journey. As you move from automating individual tasks to orchestrating entire processes with AI agents, you need confidence that:

• Your data won't be exposed or misused

• AI agents will stay within approved boundaries

• Systems can resist sophisticated attacks

• Failures will be caught before they cause damage

AIUC-1 gives you confidence through independent, third-party validation.

As AI agents become more capable and autonomous, we will continue to evolve our safeguards, deepen our governance practices, and contribute to the standards that define responsible AI. Our promise is simple: to build agentic automation that doesn't just transform your business, but earns and keeps your trust every single day.

You can learn more about our certifications and access our security and compliance documentation in the UiPath Trust Center.

Related resources:

• ISO/IEC 42001:2023 ushers in a new era of trusted agentic automation

• Governance and security for the agentic enterprise: new in the 2025.10 release

• UiPath responsible AI principles

• UiPath becomes Founding Technical Contributor to AIUC-1