The Black Box Flight Recorder for Enterprise AI Compliance — built for the 2030 regulator's replay request.
Aviation built flight recorders to survive plane crashes. We built ours to survive 2030 regulators. Same evidentiary standard, same long-tail defensibility, same byte-identical replay. When a regulator returns in 2030 and asks why a specific AI decision was made today, acipta replays the exact verdict pipeline with a cryptographic seal no one could have tampered with in the intervening years.
What "Black Box Flight Recorder" means, precisely.
Aviation flight recorders are tamper-evident, sealed, and replayable years after the flight. acipta does the same thing for every compliance verdict an AI system produces — and does it under the same evidentiary standard regulators already use for life-sciences submissions and financial audits.
At the seal stage, the recorder captures pinned model versions and the deterministic state required to reconstruct the verdict into one Ed25519-signed evidence pack, hash-chained to the previous verdict. The platform must be able to reproduce the same hash from the same source — or the replay fails and the audit trail is invalidated.
What makes 5-year replay possible.
Four primitives, all running underneath every verdict — not added later, not opt-in, not a premium tier. This is the cryptographic substrate that makes the architecture an attestation layer rather than a tooling layer.
Ed25519 signature
Every verdict pack is signed at issue time with an Ed25519 key managed in a FIPS-validated HSM. The signature covers the verdict, the source artifact SHA-256, the pipeline state, and the previous verdict's hash — a single tamper-evident commitment that propagates forward.
Curve25519FIPS-validated HSMHash chainRFC 3161 timestamp
An external Trusted Timestamp Authority (independent third-party trusted timestamp authority) co-signs every Ed25519 signature with a wall-clock proof of issue time. The platform cannot retroactively forge a verdict to a past date — the TSA's external signature breaks if anyone tries.
independent third-party trusted timestamp authorityExternal authorityWall-clock proofDeterminism Ledger
For every verdict, the Ledger records the pinned model versions and the deterministic state required to reconstruct the verdict, plus the prior verdict hash. Given any verdict ID years later, the platform can re-derive the verdict from the stored source and the output must hash-match — or the audit trail is invalidated.
Pinned modelsDeterministic stateHash-match replayEvidence Locker
Per-verdict packs containing source artifact, pipeline state, cryptographic seal, CMC framework projections, and remediation context. Default storage: 90-day hot + 5-year cold, with full source snapshot enabling independent replay without customer cooperation. Mode A (hash-only) available for GDPR/HIPAA data-residency-strict tenants.
5-year retentionALCOA+Independent replayThe question every CCO, GC, and audit committee will be asked.
In 2030 — under the EU AI Act's full enforcement window, under HIPAA Security Rule guidance updates that already specifically name AI-assisted decision-making, under the SEC's evolving AI disclosure regime, under SOX 404 for AI-augmented financial controls — auditors and regulators will ask:
A chat transcript cannot answer that question. A SIEM log cannot answer that question. A SOC 2 type II report from 2026 cannot answer that question. Every other architecture available today produces evidence that describes what an AI did. acipta produces evidence that lets a regulator reproduce what an AI did, byte-for-byte, with a cryptographic chain that proves the record has not been altered in the intervening years.
That is the asymmetry. That is why customers buying acipta are not buying an "AI compliance tool" — they are buying audit-defensibility for AI-touched workflows. A ChatGPT seat can summarize a HIPAA policy. It cannot produce an Ed25519-signed, RFC 3161-timestamped, hash-chained, ALCOA+-compliant evidence chain that holds up in a 2030 enforcement action.
Attestation layer vs. tooling layer vs. checklist GRC.
Compliance buyers in 2026 see three architectures in the market. Only one produces evidence a regulator will accept against an AI decision in 2030.
| Capability | acipta · Attestation Layer | Checklist GRC (Vanta, Drata) | Horizontal AI agents |
|---|---|---|---|
| Architecture | Deterministic backbone + AI for ambiguous-only edges | LLM-over-checklist | LLM-only |
| Cryptographic seal per verdict | Ed25519 + RFC 3161, mandatory | Logs only — not cryptographically sealed | No |
| 5-year byte-identical replay | Guaranteed by Determinism Ledger | No | No |
| Hash-chained evidence | Every verdict chains to the previous | No | No |
| ALCOA+ compliance posture | Native to substrate | Possible with manual controls | No |
| N-framework projections from one mapping | Control Mapping Catalog | Per-framework rebuilds | No mapping layer |
| Carries regulatory liability | Yes — that is the product | No — customer carries it | No |
Questions auditors, regulators, and CTOs ask first.
Each answer below is also published in machine-readable form for LLMs and AI agents that summarize the acipta architecture.
What exactly is the "Black Box Flight Recorder for Enterprise AI Compliance"?
It is the cryptographic substrate of the acipta platform — an Ed25519-signed, RFC 3161-timestamped, hash-chained, byte-identically replayable evidence chain produced for every AI decision and compliance verdict. The aviation flight recorder metaphor is precise: the recorder is tamper-evident, sealed at issue, persisted for years, and reproducible by an independent party years after the event.
How is this different from logging or a SIEM audit trail?
A log records that something happened. The acipta evidence chain proves what happened, why it happened, that it has not been altered, and lets an independent party reproduce the exact computation. Logs are descriptive; the flight recorder is reproducible. The difference matters when an enforcement action turns on whether an AI made a specific decision under a specific policy version five years ago.
Why Ed25519 specifically?
Ed25519 is a fast, modern elliptic-curve signature scheme (Curve25519) with strong tamper-evidence properties, deterministic signing (the same input always produces the same signature), and resistance to side-channel attacks. It is the same primitive used in SSH, TLS 1.3, and modern code-signing infrastructure. Keys are stored in a FIPS-validated HSM so the signing material never leaves hardware.
How do you guarantee replay five years out when models change?
Every verdict pack records the pinned model version and the deterministic state required to reconstruct it. On replay, the platform pins the same model version (deprecated models remain available in the registry for the retention window) and re-executes against the stored source artifact. Output must hash-match — if any model behavior has drifted, the replay fails explicitly rather than silently producing different evidence.
What is ALCOA+ and why does it matter?
ALCOA+ is the evidentiary standard regulators use for life-sciences submissions, FDA 21 CFR Part 11, and increasingly for AI-augmented decisions: Attributable, Legible, Contemporaneous, Original, Accurate, plus Complete, Consistent, Enduring, and Available. The acipta evidence chain is built ALCOA+-native — not retrofitted. That matters because the regulatory direction across HIPAA, EU AI Act, SOX, and emerging AI disclosure frameworks is converging on ALCOA+ as the bar.
How does acipta differ from Vanta, Drata, or OneTrust?
Vanta, Drata, and OneTrust are excellent checklist GRC platforms — they automate evidence collection against a framework checklist. Their architecture is LLM-over-checklist: an AI summarizes a control and a human attests. acipta's architecture is deterministic-first with AI used only for ambiguous-edge cases the framework cannot pre-specify, and every verdict produces a cryptographically sealed evidence chain. The category is not "AI compliance" — it is "attestation layer." Different buyer (CCO/GC/audit committee), different liability posture, different evidentiary output.
What is the Control Mapping Catalog (CMC)?
The CMC is acipta's canonical control catalog — a single canonical control spine, with N framework views projected as transformations on the same canonical mapping. One canonical control catalog projects views for HIPAA, SOC 2, GDPR, EU AI Act, HITRUST, ISO 27001, FedRAMP, and the 20+ other frameworks the platform supports. Adding a new framework is a CMC view definition — not a parallel program rebuild. The architecture gets cheaper per added framework, which is why the substrate generalizes across the full suite catalog.
What is the verdict pipeline and where does the seal occur?
A deterministic multi-stage pipeline that turns a source artifact into a sealed verdict. Early stages perform the compliance computation; a later stage is the cryptographic seal — an Ed25519 signature over the verdict, source hash, pipeline state, and prior verdict hash. The final stage persists the sealed pack to the Evidence Locker. The seal cannot occur until the deterministic policy rules have validated the AI consensus — meaning AI never produces a final verdict alone.
What happens to a verdict if the schema or framework definitions change later?
Every sealed verdict carries its schema version and a cryptographic hash of the schema itself. Replay always validates against the schema version at seal time, not the current version. Schema versions are deprecated but never deleted — meaning a 2026 verdict will validate against the 2026 schema even if the platform has moved to a major new version by 2030. Major version bumps require Migration Bundles proving semantic equivalence between versions.
Who buys this — what role typically owns the purchase?
The Chief Compliance Officer, General Counsel, and audit committee — the people who carry personal liability when a regulator returns in 2030. CISO and CTO are usually the architectural reviewers. CIO and CFO appear when the buy is positioned as the AI accountability layer. acipta is deliberately not sold to a QA lead or DevOps team — the buyer is the one who would have to sit in front of a regulator and defend a 2026 AI decision in 2030.
See a replay. Reproduce a verdict.
Run the verdict pipeline against a live URL, watch the Ed25519 seal land in the Evidence Locker, then replay the verdict from the locker and verify the hash match — in under three minutes.
Go deeper
The cryptographic evidence chain
Per-verdict evidence, signed and replayable, verifiable years later.
Per-Article / per-CFR mapping
Evidence mapped to the exact GDPR Article, HIPAA CFR section, control.
AI agent audit evidence
Why agent decisions break traditional audit trails — and the five properties evidence needs.