Dimension 01
Weight 18
Trust & Safety
Guardrails, red teaming, misuse detection and the measurable prevention of unsafe actions in production.
The Methodology v2.0 published reference for AI agent certification. Seven dimensions. Weighted scoring. Independent assessment. One registry. The Digital Omnibus proposal does not affect this framework. Operators with documented certification are in a stronger position regardless of how the EU AI Act timeline resolves, because certification evidence underwrites both regulatory readiness and insurance underwriting requirements independent of any activation date.
The published reference for AI agent certification. Seven dimensions. Five tiers. Standards crosswalk. Assessment process. The document law firms, insurers, and regulators cite.
Europe is deploying autonomous agents into production faster than any governance framework can track. Agent Certified exists so that insurers, regulators, boards and counterparties have a common way to read whether an agent is safe to rely on.
A structured benchmark that produces a defensible position on governance, oversight, technical controls and operating readiness before an incident, not after.
A consistent signal of risk posture across portfolios. Certification maps to the governance, transparency and human oversight obligations emerging under the EU AI Act.
A clear artefact directors can reference in risk committees, vendor reviews and annual reports without having to construct one from scratch.
Every certified agent is evaluated against seven dimensions. Each dimension carries a weight reflecting its importance to operational safety and regulatory exposure. Together they total one hundred points.
Guardrails, red teaming, misuse detection and the measurable prevention of unsafe actions in production.
How the agent sources, verifies and keeps fresh the data it reasons over, including provenance and lineage.
Who can invoke the agent, under what authority, and how downstream actions are bounded.
Reliability of the agent as a product surface: uptime, regression discipline, evaluation coverage and versioning.
Board oversight, documented policies, risk registers, role accountability and audit trails at the operating level.
How responsibly the agent sits inside existing systems of record, identity, approval and escalation.
The explicit boundary between autonomous action and human confirmation, including revocation, rollback and hard stops. The single most important constraint on operational risk.
The weighted score across all seven dimensions places the agent into one of five recognised tiers. The band is the signal that counterparties read.
Baseline acknowledged. Governance, oversight and technical evidence are not yet sufficient for a certification call.
Operator has initiated formal controls. Recognised as an active candidate, not yet certified.
The agent meets the operating floor. Counterparties may rely on the mark for standard commercial use.
Materially above floor. Suitable for higher exposure deployments including regulated sectors.
Exemplar. Used as a reference profile for insurer underwriting models and for sector standards work.
Long form writing on certification, conformity assessment, and the standards landscape that Agent Certified connects to. Updated as the methodology evolves.
The trust and transparency dimension covers three sub-dimensions: explainability of outputs, human oversight capability mapping to Article 14, and output transparency under Article 50. A deep dive into the scoring rubric, what each sub-dimension requires for certification, and why this dimension is one of the two most consequential for insurance eligibility.
Read analysis → 22 May 2026 · MethodologyGovernance is one of the seven certification dimensions and is consistently the one operators score lowest on. This analysis covers the five evaluation areas, the 1-to-10 scoring rubric, and what "externally verified" governance looks like to underwriters preparing an AI liability submission.
Read analysis → 11 May 2026 · MethodologyThe autonomy envelope is the single document that makes Article 14 human oversight evidenceable, defines the scope of insurance cover, and anchors the 1-to-10 Autonomy dimension score. A deep dive into the five specification categories, the scoring rubric, and what operators need to certify.
Read analysis → 28 April 2026 · MethodologyThe mandatory conformity assessment verifies eight requirements across Articles 9 to 15. Most Annex III systems use the self-assessment procedure. This guide reads each step in statutory order and maps where voluntary certification fits alongside the mandatory process.
Read analysis → 25 April 2026 · Implementation GuideTwelve named GenAI risks, four adapted RMF functions, more than 200 suggested actions, and a full crosswalk to ISO/IEC 42001 and the EU AI Act. What alignment with NIST AI 600-1 actually requires of an operator deploying autonomous agents.
Read analysis → 23 April 2026 · MethodologyGenerative agents fail the four assumptions that make point-in-time software audits valid. This analysis maps the four failure modes, what red-teaming can and cannot do, and why continuous monitoring is the only certification model that holds.
Read analysis → 17 April 2026 · MethodologyWhy independent certification reduces the information asymmetry that makes AI risk difficult to price, and how the seven dimensions map onto the four questions every European AI insurer is asking.
Read analysis → 16 April 2026 · Market AnalysisHow the AIUC-1 standard compares to the Agent Certified framework, where Europe's certification infrastructure falls short, and what operators need before the August 2026 deadline.
Read analysis → 15 April 2026 · ExplainerWhy the framework weights Trust & Safety, Governance and the Autonomy Envelope the way it does, and what each dimension asks of an operator.
Read analysis → 15 April 2026 · ComparisonA practical comparison of the three instruments every European AI operator now has to read, with the overlaps and the gaps.
Read analysis → 15 April 2026 · BriefingConformity assessment, voluntary certification, third party assurance. Why the three are not the same thing and why the distinction matters.
Read analysis → 15 April 2026 · Implementation GuideA clause-by-clause guide to ISO/IEC 42001:2023, with Annex A control mappings to EU AI Act obligations and the Agent Certified seven-dimension framework.
Read analysis →The framework is built on existing, recognised instruments rather than in parallel to them. Every dimension traces back to at least one primary reference.
| Reference | Issuer | Relevance |
|---|---|---|
| ISO/IEC 42001:2023 | International Organization for Standardization | AI management system requirements. Informs Governance and Product Maturity dimensions. |
| NIST AI Risk Management Framework | US National Institute of Standards and Technology | Risk function model. Informs Trust & Safety and Context Integrity dimensions. |
| EU AI Act, Articles 9, 10, 14, 15 | European Parliament and Council | Risk management, data governance, human oversight and accuracy. Maps directly to dimension scoring. |
| EU AI Act, Article 26 | European Parliament and Council | Deployer obligations. Informs Distribution Control and Autonomy Envelope dimensions. |
| EIOPA supervisory statements on AI in insurance | European Insurance and Occupational Pensions Authority | Sector alignment for insurer reliance on the framework. |
Assessments are scheduled in quarterly cohorts. Q3 2026 slots are open to European enterprises and scale ups operating agents in production environments. Submit a request to receive an intake briefing.
The Agent Certified framework is calibrated to Article 26 of the EU AI Act, the revised Product Liability Directive, and the supervisory expectations of EIOPA and the AI Office. Agent Liability EU is the operator desk on those instruments.