Shaping trustworthy AI: Early insights from the Hiroshima AI Process Reporting Framework

As artificial intelligence (AI) systems become increasingly integrated into our economies and societies, questions about their trustworthiness, safety, and societal impact have never been more pressing. To address these concerns, the Hiroshima AI Process (HAIP) was launched by G7 countries in 2023, culminating in a landmark international code of conduct for organisations developing advanced AI systems.

To support the implementation of this code, the OECD worked with experts from government, business, academia, and civil society to design a voluntary reporting framework. This framework aims to promote transparency, foster peer learning, and align AI development with democratic values and shared global interests. It was piloted in mid-2024 and officially launched in February 2025 at the French AI Action Summit.

In this blog post, we share preliminary insights from the first wave of organisational reports submitted through the HAIP framework. These findings offer a glimpse into how leading companies and institutions are addressing AI-related risks, promoting transparency, and aligning their systems with the public interest.

Participants from around the world, from big tech to small research institutes

Between February and April 2025, 19 organisations voluntarily submitted reports using the HAIP framework. Most were developers or deployers of advanced AI systems, with representation from Japan, the United States, Germany, Canada, Korea, Romania, and Israel. Participants included both large tech firms and smaller advisory or research institutions, providing a wide array of perspectives on how to responsibly develop and deploy AI.

What does the framework cover?

The HAIP reporting framework is organised around seven thematic areas that correspond to the actions of the G7 code of conduct:

1. Risk identification and evaluation
2. Risk management and information security
3. Transparency reporting
4. Organisational governance and incident management
5. Content authentication and provenance
6. Research and investment in AI safety
7. Advancing human and global interests

Each section offers a structured approach for organisations to reflect on and communicate their practices, assisting in benchmarking against emerging international standards.

Key findings

1. Diverse approaches to AI risk evaluation

Organisations are using a variety of methods to identify and evaluate risks. These range from technical assessments and adversarial testing to stakeholder engagement and expert review. Larger companies often focus on systemic risks, such as societal bias or large-scale misuse, while smaller organisations emphasise sector-specific concerns.

Notably, the use of AI tools to test other AI systems is increasing. Several participants are also implementing structured risk frameworks and testing procedures, such as red and purple teaming, to identify vulnerabilities.

2. Layered risk management and security

All participants reported using multi-layered strategies to manage AI risks, including technical safeguards (such as model fine-tuning and secure testing environments), procedural controls, and real-time monitoring. Secure testing environments and robust cybersecurity practices—often aligned with ISO or NIST standards—are standard.

There is also attention to privacy and intellectual property: some organisations allow web content providers to opt out of data scraping, while others use privacy filters and contractual safeguards.

3. Transparency practices vary by sector

Consumer-facing companies frequently publish comprehensive reports, such as model cards and transparency disclosures. Business-to-business (B2B) firms often share such information privately with their clients. Overall, transparency regarding AI system limitations, risks, and updates is increasing.

However, practices regarding training data transparency remain inconsistent. While some open-weight models are thoroughly documented, others are less forthcoming, especially among B2B providers.

4. Stronger organisational governance

Most organisations are incorporating AI risk into their overall risk management systems or establishing dedicated AI governance frameworks. These initiatives generally encompass staff training, incident response protocols, and, in some instances, oversight at the board level.

Some organisations also depend on third-party audits or expert panels to validate their risk management practices. Incident management is becoming increasingly transparent, with several companies publishing updates and engaging in threat information-sharing initiatives.

5. Early steps on content authentication

Many organisations are now notifying users when they interact with AI, using disclaimers or interface design. However, the technical tools for verifying AI-generated content—such as watermarking or cryptographic credentials—remain in the early stages. Currently, adoption is led by a few major tech companies.

Despite limited uptake, several organisations are investing in these tools and contributing to international standard-setting efforts, including initiatives such as C2PA and NIST’s Synthetic Content Task Force.

6. Investing in AI safety and research

Organisations are increasingly investing in R&D to enhance AI safety, fairness, and interpretability. These efforts include internal safety labs, open-source tools, and collaborations with academia and civil society.

Several participants are contributing to the development of global safety norms through initiatives such as the Frontier Model Forum, the AI Safety Consortium, and the OECD’s Catalogue of Tools and Metrics for Trustworthy AI.

7. AI for public good and global priorities

Many organisations reported applying AI to address societal challenges, ranging from climate resilience and public health to education and accessibility. Examples include AI-powered diagnostics for tuberculosis, digital literacy programmes, and sustainable data infrastructure powered by renewable energy.

These initiatives are often linked to ESG priorities and the UN Sustainable Development Goals. Importantly, some organisations are tailoring tools for underserved regions and collaborating with civil society groups to design inclusive AI systems.

Ideas to improve the framework’s value for future reporting

Participants found the HAIP reporting process valuable for internal coordination, benchmarking, and clarifying roles and responsibilities around AI governance. While the framework has already proven useful, there is room to strengthen its relevance and usability:

• Keep pace with technological change: As AI capabilities evolve, the framework should adapt. Participants suggested updating it annually to reflect new risks and practices.
• Make reporting easier: Providing structured response options, drop-down menus, and clearer guidance could improve consistency and reduce barriers to participation.
• Offer tailored support: Role-specific modules for developers, deployers, and policymakers could help broaden engagement across the AI value chain.
• Encourage peer learning: Facilitated discussions and best practice exchanges among participants could strengthen the community of practice around trustworthy AI.

A foundation for global AI transparency

The HAIP reporting framework is a promising step towards greater transparency and accountability in the development of advanced AI systems. By voluntarily disclosing their practices, organisations not only build public trust but also help shape a shared understanding of what responsible AI looks like in practice.

The OECD will continue working with partners to refine the framework, support participating organisations, and expand its reach. These early insights mark the beginning of a broader journey towards operationalising the Hiroshima AI Process and advancing trustworthy AI on a global scale.