What is the Hiroshima AI Reporting Framework?
AI regulation: concepts, institutions and standards
As of June 2026, the Hiroshima AI Reporting Framework is an OECD-hosted, voluntary disclosure system created under the G7 Hiroshima AI Process. It gives organisations across the advanced AI value chain a standard way to publish how they manage AI risk, governance, transparency, incident handling and related safeguards against the Hiroshima Code of Conduct. It is not a law, certification or audit. It is a soft-law reporting tool for comparable public disclosures.
What this means
The framework sits one layer below the Hiroshima Code of Conduct. The code says, in broad terms, what organisations developing advanced AI systems should do. The reporting framework turns those broad expectations into a structured public questionnaire and a published report.
OECD uses the label "Hiroshima AI Reporting Framework" on the live portal. Other official materials still call it the "Hiroshima AI Process Reporting Framework" or "HAIP Reporting Framework". They refer to the same mechanism.
That matters because many international AI instruments stop at principles. This one adds a practical reporting layer: common questions, public submissions, recurring updates and a format that others can compare. Since version 2.0, launched on 28 May 2026, it is aimed not only at large model developers but also at application developers, deployers and other actors in the advanced AI value chain in eligible jurisdictions.
Why it matters
For organisations building, adapting or using advanced AI, the framework is becoming a common international language for explaining how governance actually works. It pulls risk identification, AI evals, red-teaming, incident handling, security, transparency and provenance into one public record that boards, procurement teams, investors, counterparties and policymakers can read.
Its value is not only external. A serious HAIP submission forces product, legal, safety, security, privacy and policy teams to reconcile what they really do, what they can evidence and what they are willing to say in public. In a world where binding AI rules differ across jurisdictions, that can reduce duplicated questionnaires and surface weak controls before a regulator, customer or incident does.
How it works
It comes from the Hiroshima AI Process, but it is a separate instrument
The G7 Hiroshima AI Process in 2023 produced the Hiroshima Code of Conduct for organisations developing advanced AI systems. That code is a voluntary set of actions, not a reporting portal. The reporting framework is the OECD-hosted mechanism built afterwards to monitor and make visible voluntary uptake of those actions. It went live on 7 February 2025, and version 2.0 was launched on 28 May 2026.
It is soft law with political backing, not enforceable law
The framework has clear political backing. G7 Digital and Technology Ministers, meeting in Paris on 29 May 2026, commended the revised framework and described it as a key platform for greater coherence across AI risk assessment, reporting and mitigation assessment. Even so, it remains voluntary. It creates no direct legal duty, no regulator power and no OECD licence to operate. It does not replace domestic statutes, regulator guidance, sector rules or contract terms.
Version 2.0 widened participation across the AI value chain
The underlying code is titled for organisations developing advanced AI systems, including advanced foundation models and generative AI systems. The current reporting framework is broader in practice. OECD says it is open to developers, deployers and providers of advanced AI systems, and version 2.0 distinguishes between model developers, application developers and deployers so that each sees questions tied more closely to its role. Participation is not universal, though. The organisation must be based in a jurisdiction that is an OECD member, a GPAI member or an adherent to the OECD Recommendation on AI.
The questionnaire turns broad principles into operational evidence
The framework is organised into seven sections that map to the code's 11 actions. In practice, organisations report on risk identification and evaluation; risk management and information security; transparency on advanced AI systems; organisational governance and incident management; content authentication and provenance; research and investment for AI safety; and support for human and global interests. That means the exercise pulls together material that often sits in separate teams, such as evaluation methods, red-teaming records, incident processes, privacy controls, security controls, technical standards work and post-deployment monitoring.
Submission creates a public record, but not a verified seal
A submission is intended for public display on OECD.AI. The organisation must attest that its information is accurate to the best of its knowledge and answer all questions. The OECD Secretariat checks baseline matters such as jurisdictional eligibility, whether the questionnaire is complete and whether supporting links are accessible. It may ask for additional non-public information. But it does not verify the substance of the organisation's claims. If the organisation commits to the code and completes the framework, its published report can carry the HAIP Brand. That brand is explicitly not an endorsement and not a certification. To remain active, organisations are expected to update or resubmit at least every 12 months.
As of June 2026, the live framework is expanding and still evolving
Version 2.0 is designed to broaden uptake, especially among smaller organisations, through a simpler structure, role-specific questions and links to OECD's catalogue of tools and metrics. OECD says more than 50 organisations have already pledged to submit under the revised framework, and reports submitted by 1 September 2026 will feed the next analytical review. OECD materials on first-year participation need slight care when read together. The 2025 analytical paper is based on 20 submissions received between February and June 2025, while the live OECD portal now says the first round produced 25 reports. The sensible reading is that the paper captures an earlier analytical cut, while the portal reflects the fuller live record.
Examples
A frontier model developer can use the framework to explain threshold based governance. Microsoft's published HAIP report describes a risk taxonomy, a Frontier Governance Framework, tracked high-risk capabilities such as CBRN, offensive cyber and advanced autonomy, and a mix of manual red-teaming, automated red-teaming and automated measurement before deployment.
A deployer or service provider can use the same structure very differently. TELUS Digital's published report describes an AI tool inventory, risk assessment aligned to EU AI Act categories, quarterly vulnerability assessment or penetration testing, and a formal incident response process covering preparation, identification, containment, eradication, recovery and follow-up.
The OECD's first analytical review shows that the framework can also surface comparable practices across participants. It reports that some organisations use capability thresholds that trigger stronger safeguards, while others report AI-assisted evaluation methods. The paper gives examples such as Fujitsu's LLM Vulnerability Scanner and Google's AI-assisted approaches to testing and risk mapping.
Common misunderstandings
Misunderstanding: It is the Hiroshima Code of Conduct itself.
Correction: The code is the underlying voluntary conduct document. The reporting framework is the OECD-hosted disclosure mechanism built to operationalise and monitor voluntary uptake.
Misunderstanding: A published report means OECD has audited the organisation.
Correction: OECD checks eligibility and completeness, not the truth of every substantive claim.
Misunderstanding: The HAIP Brand is a compliance badge.
Correction: It marks participation and current reporting status. It is not an endorsement and not a certification.
Misunderstanding: It is only relevant to frontier model labs.
Correction: Version 2.0 is designed for model developers, application developers, deployers and providers of advanced AI systems in eligible jurisdictions.
Misunderstanding: One report finishes the job.
Correction: Active participants are expected to update or resubmit annually if they want to remain listed under the brand.
Risks and boundaries
The main strength of the framework is also its main limit: it is self-report. A published HAIP report is evidence of what an organisation has disclosed at a given point in time, not proof that its controls are effective in practice.
It is also not a substitute for legal compliance. An organisation can participate and still fail to meet duties under the EU AI Act, product safety law, privacy law, consumer law, sector rules or contract requirements. The framework may help organise evidence for those regimes, but it does not satisfy them by itself.
Scope is another boundary. The framework is centred on advanced AI and, in version 2.0, on actors across that value chain. It is not a universal template for every low-risk software supplier or basic internal automation project. It is also not open to every organisation worldwide, because eligibility depends on the jurisdictional criteria set by OECD.
There is also some point-in-time ambiguity in OECD's own participation figures. The 2025 analytical paper examines 20 submissions from an earlier window, while the live portal now refers to 25 first-round reports. That does not undermine the framework itself, but it is a reminder to treat report counts as time-sensitive and to rely on the live portal for the latest participation picture.
Finally, the framework is live but still maturing. Version 2.0 only launched on 28 May 2026. Its design, uptake and practical influence on buyers, governments and peer practice may continue to change over the next reporting cycle.
What to do next
First, decide whether your organisation is genuinely in scope: model developer, application developer, deployer or provider working with advanced AI in an eligible jurisdiction. If yes, assign a single accountable owner and treat the exercise as governance work, not a communications task.
Next, map your existing material against the seven sections. Pull together risk taxonomies, evaluation and red-teaming records, post-deployment incident and vulnerability processes, transparency notes, governance policies, security controls, provenance practices and any relevant public interest work. Then decide what can safely be disclosed in public, close obvious evidence gaps and set a yearly refresh cycle.
If you do submit, make sure the HAIP narrative matches whatever hard-law duties already apply. The framework is most useful when it acts as a disciplined public layer over real internal controls, not as a standalone trust signal.
FAQs
Is the Hiroshima AI Reporting Framework legally binding?
No. It is a voluntary reporting mechanism. It has G7 political support, but it does not create direct legal duties or OECD enforcement powers.
Is this the same thing as the HAIP Reporting Framework?
Yes. OECD uses "Hiroshima AI Reporting Framework" on the portal, while official materials also use "Hiroshima AI Process Reporting Framework" and "HAIP Reporting Framework". They describe the same OECD-hosted mechanism.
Who can participate?
As of June 2026, the framework is open to organisations across the advanced AI value chain, including developers, deployers and providers, if they are based in an OECD member country, a GPAI member country or a jurisdiction that adheres to the OECD Recommendation on AI.
What does the framework ask organisations to disclose?
It asks about risk identification, testing and evaluation, risk management, transparency, governance, incident handling, content provenance, safety research and work tied to human and global interests.
Does OECD verify or approve each submission?
Not in the way an auditor or regulator would. OECD checks eligibility, completeness and accessible supporting links, and it may ask for extra information, but it does not verify the substantive truth of every claim.
Does the HAIP Brand mean an organisation is certified?
No. The brand indicates participation in the reporting framework and current reporting status. OECD states that it is not an endorsement and not a certification of compliance with the code.
How often should a report be updated?
Organisations are invited to submit on a rolling basis and to update their reports annually. To remain recognised as active participants under the brand, they are expected to refresh or resubmit at least every 12 months.
Does this replace the EU AI Act or other national AI rules?
No. It can complement domestic law by giving an organisation a structured public account of its governance practices, but it does not replace legal compliance work under any binding regime.