SiteTrust AI Disclosure Standard v1.0

The framework for AI disclosure, trust, and accountability: verifiable transparency, structured governance, regulatory readiness, and workforce sustainability

View Full StandardGet Certified

Executive Summary

The SiteTrust AI Disclosure Standard establishes a framework for organizations to disclose how they develop, deploy, and govern artificial intelligence systems - and demonstrate AI trust and accountability.

This standard addresses the growing need for consumer trust, regulatory compliance, and ethical AI governance in an era of rapidly advancing generative AI technology.

Core Principles

Transparency First

Organizations must clearly disclose the presence, purpose, and limitations of AI systems

Consumer Empowerment

Users must have access to information about AI systems and recourse mechanisms

Accountability

Organizations must designate responsible parties for AI governance

Verifiability

Claims about AI transparency must be substantiated through documentation

Workforce Sustainability

Organizations should assess how AI affects employee roles, workload, and decision quality — ensuring AI adoption strengthens rather than degrades the workforce experience.

Certification Plans Overview

1

Disclose ($1,500/year)

Foundation AI disclosure through a structured disclosure framework, published AI policy, badge, and registry listing.

Key Requirements:

  • Published AI Usage Policy
  • Point-of-use disclosure
  • Transparency contact
  • Quarterly self-reported updates
2

Verify ($3,000/year)

CTA-led independent verification of your disclosures, with a living AI policy and deeper review cadence.

Key Requirements:

  • Everything in Disclose +
  • CTA-led independent verification
  • Living AI policy
  • Verification report
  • Quarterly CTA-reviewed updates
  • Annual re-verification
3

Audit ($6,000/year)

Comprehensive AI systems, governance, compliance, and disclosure audit with stakeholder-ready documentation.

Key Requirements:

  • Everything in Verify +
  • Full AI systems audit
  • Governance and compliance assessment
  • Detailed audit report
  • Audit certificate
  • Compliance readiness report

SiteTrust AI Transparency Standard v1.0 - Complete Documentation

Table of Contents

1. Introduction

The SiteTrust AI Transparency Standard v1.0 establishes a comprehensive framework for organizations to demonstrate responsible, transparent practices in their development, deployment, and disclosure of artificial intelligence systems. This standard addresses the growing need for consumer trust, regulatory compliance, and ethical AI governance in an era of rapidly advancing generative AI technology.

The standard is designed to be accessible to organizations at all stages of AI maturity, from those just beginning their transparency journey to those with advanced AI governance frameworks. Our three-plan certification system allows organizations to start at the appropriate level and progress as they enhance their practices.

2. Scope and Applicability

This standard applies to organizations that develop, deploy, or use artificial intelligence systems in their products, services, or operations. The standard is applicable to:

  • Organizations using AI systems in customer-facing applications
  • Companies deploying AI for internal operations that affect stakeholders
  • Organizations subject to US state AI regulations (Colorado AI Act, California TFAIA, etc.)
  • Companies operating in jurisdictions with AI transparency requirements (EU AI Act)
  • Any organization seeking to disclose AI usage clearly and verifiably

The standard is designed to align with emerging regulatory requirements while providing a clear, actionable framework for transparency practices.

3. Detailed Plan Requirements

Disclose - Detailed Requirements

Disclose establishes the foundation for AI transparency through a structured disclosure, public AI policy, badge, and registry listing. This level is designed for organizations beginning their transparency journey or with limited AI usage.

3.1.1 Published AI Usage Policy

Organizations must publish a publicly accessible AI usage policy that clearly explains:

  • How the organization uses AI systems
  • What types of AI systems are deployed
  • How AI decisions are made and who is responsible
  • Data practices related to AI systems
3.1.2 Point-of-Use Disclosure

Organizations must clearly disclose when users are interacting with AI systems. Disclosure must be:

  • Visible and accessible at the point of interaction
  • Written in clear, non-technical language
  • Available in all languages in which the service is offered
3.1.3 Transparency Contact

Organizations must provide a designated contact method (email or form) for transparency-related inquiries. Response time expectations must be clearly communicated.

3.1.4 Annual Self-Certification

Organizations must complete quarterly self-reported updates confirming that disclosures remain accurate. This includes updating policies and disclosures as AI usage changes.

Verify - Detailed Requirements

Verify adds CTA-led independent verification and enhanced documentation. This level is recommended for organizations that need a credible external review of their AI disclosures.

3.2.1 All Disclose Requirements

Organizations must meet all Disclose requirements as a foundation.

3.2.2 CTA-Led Verification

Organizations must undergo independent review by a Certified Trust Advisor. The verification confirms:

  • Accuracy of published policies and disclosures
  • Implementation of stated transparency practices
  • Compliance with documented procedures
3.2.3 Enhanced AI Policy

The AI usage policy must be enhanced to include:

  • Risk assessment and mitigation processes
  • Data governance practices
  • Model training and development practices
  • Bias detection and mitigation efforts
3.2.4 Consumer Recourse Process

Organizations must establish and document a clear process for consumers to:

  • Report concerns about AI systems
  • Request information about AI decisions
  • Appeal decisions made by AI systems
  • Receive responses within defined timeframes
3.2.5 Annual Transparency Report

Organizations must publish an annual transparency report that includes:

  • Summary of AI systems in use
  • Incidents and resolutions
  • Policy updates and improvements
  • Compliance status and audit results
3.2.6 Employee Training

Organizations must provide training to employees on AI transparency practices, policies, and their responsibilities.

Audit - Detailed Requirements

Audit represents the highest level of AI disclosure review. This level is designed for organizations with higher-risk AI systems, procurement scrutiny, or strict regulatory documentation needs.

3.3.1 All Verify Requirements

Organizations must meet all Verify requirements as a foundation.

3.3.2 Evidence Review and Technical Documentation

Organizations must provide deeper evidence for AI systems, governance practices, compliance readiness, and disclosure claims. This includes:

  • Content provenance tracking
  • Digital signatures for AI-generated content
  • Metadata preservation throughout content lifecycle
3.3.3 Real-Time Monitoring

Organizations must implement real-time monitoring systems to detect:

  • Anomalous AI behavior
  • Performance degradation
  • Security incidents
  • Compliance violations
3.3.4 Advanced Governance Framework

Organizations must establish and document:

  • AI ethics board or committee
  • Clear accountability structures
  • Regular governance reviews
  • Stakeholder engagement processes
3.3.5 Quarterly Reporting

Organizations must publish quarterly transparency reports with enhanced detail on:

  • AI system performance metrics
  • Incident reports and resolutions
  • Risk assessments and mitigations
  • Compliance status updates
3.3.6 Legal Advisory

Organizations receive access to legal advisory services for:

  • Regulatory compliance guidance
  • Policy development support
  • Contract review for AI-related agreements
  • Incident response legal support

4. Application Process

4.1 Initial Application

Organizations begin the certification process by submitting an application through the SiteTrust portal. The application includes:

  • Organization information and contact details
  • Desired certification plan
  • Description of AI systems in use
  • Current transparency practices
  • Compliance requirements (if applicable)

4.2 Review Timeline

  • Disclose: 3-5 business days for disclosure review
  • Verify: 1-2 weeks for CTA-led verification
  • Audit: 2-4 weeks for comprehensive review and documentation

4.3 Certification Decision

Upon completion of the review process, organizations receive a certification decision. If approved, they receive their certification badge, registry listing, and access to SiteTrust resources. If additional work is needed, organizations receive detailed feedback and guidance for improvement.

5. Badge Usage Guidelines

5.1 Approved Usage

Certified organizations may display the SiteTrust certification badge on:

  • Organization websites and landing pages
  • Marketing materials and advertisements
  • Product documentation and user interfaces
  • Email signatures and business communications
  • Social media profiles and posts

5.2 Badge Requirements

  • Badge must link to the organization's public registry listing
  • Badge must not be modified, distorted, or altered
  • Badge must be displayed with sufficient size for visibility
  • Badge must include current certification plan designation

5.3 Prohibited Usage

  • Displaying badge after certification has expired or been revoked
  • Using badge to imply certification of products or services not covered by certification
  • Modifying badge design or colors
  • Using badge in misleading or deceptive ways

6. Compliance and Monitoring

6.1 Ongoing Compliance

Certified organizations must maintain compliance with their tier requirements throughout the certification period. This includes:

  • Keeping policies and disclosures up to date
  • Maintaining required documentation
  • Completing annual or quarterly reporting requirements
  • Responding to SiteTrust inquiries and audits

6.2 Monitoring and Audits

SiteTrust conducts periodic reviews and audits to verify continued compliance. Organizations may be subject to:

  • Annual compliance reviews
  • Random audits
  • Incident-based investigations
  • Consumer complaint reviews

6.3 Certification Revocation

Certification may be revoked if organizations:

  • Fail to maintain compliance with tier requirements
  • Provide false or misleading information
  • Violate transparency commitments
  • Engage in practices that undermine consumer trust

7. Regulatory Alignment

7.1 US State Regulations

SiteTrust certification aligns with emerging US state AI regulations:

  • Colorado AI Act: Disclose and above support basic disclosure readiness; Verify and Audit provide deeper documentation
  • California TFAIA: Audit helps frontier model developers prepare for comprehensive documentation expectations
  • Other States: Certification framework adapts to state-specific requirements as they emerge

7.2 EU AI Act

SiteTrust certification helps organizations prepare for EU AI Act compliance, particularly for general-purpose AI models and high-impact systems. Verify and Audit provide documentation and governance structures aligned with EU requirements.

7.3 Federal Guidance

Certification aligns with emerging federal guidance on AI transparency, including Executive Order 14110 and OMB guidance. Organizations certified at Verify and Audit levels are well-positioned to meet federal procurement and compliance requirements.

Ready to Get Certified?

Start your certification journey today and demonstrate your commitment to AI transparency.

Apply for Certification