Skip to content

Early Access opens July 12 · $99/mo · all suites during the launch window · price locked through Q1 2027 · Join the waitlist →

Platform · For the CCO whose CTO ships daily · auditor-defensible at year 5

Agent-based defensibility platform — workflow-grounded.

Built for the CCO who has to defend a verdict five years from now — when the engineer who shipped it has left and the LLM that produced it has been deprecated. Every verdict signed at write time. Replayable byte-identically. By the platform alone. One chain · three readers · CTO + auditor + framework portfolio.

Coverage that compounds: SOC 2, HIPAA, GDPR, EU AI Act, CCPA, WCAG 2.1 AA — and more, all on one signed, replayable evidence chain.

Deterministic Precision. Experiential Intuition. Autonomous Agents.

The 3-buyer problem

Compliance is an evidence problem masquerading as a workflow problem.

Three readers — CTO ships, auditor signs, framework portfolio grows. One chain. The architecture commits at launch or the year-5 replay collapses to trust-us.

BUYER 01

The CTO

Wants release velocity. Wants compliance to be a build-time concern, not a quarterly fire drill. Resents anything that becomes a bottleneck in their shipping cycle.

What acipta gives them: compliance grounded in the workflow they already ship — same git, same CI, same evidence pipeline · no parallel compliance org.
BUYER 02

The auditor

Wants defensibility — signed at write time, replayable, tamper-evident. Wants the same artifact at year five that they accept today. Will not accept "trust us, we have the data."

What acipta gives them: Ed25519-signed evidence chain · byte-identically replayable against pinned inputs · verifiable with standard tools, no proprietary viewer.
BUYER 03

The framework portfolio

SOC 2, HIPAA, GDPR, WCAG, EU AI Act, CCPA, framework-of-the-month. Each one growing. Each one adding to the program load. Each one a potential audit.

What acipta gives them: N-framework coverage as N projections from one canonical control catalog · adding a framework is a view, not a rebuild.
The 4 investment tracks

The substrate the CCO buys.

Four canonical tracks · LOCKED in the platform-strategy canonical. Each one a load-bearing architectural commitment underneath the platform-alone-reproducibility guarantee. Remove any one and the year-5 replay collapses.

TRACK 01 · TRUST COLUMN

Every verdict signed at write time. Replayable for five years.

Make every customer-impacting verdict cryptographically signed at write time (Ed25519), deterministically replayable against pinned inputs, and durable for five years. The evidence-engineering substrate that the "platform-alone reproducibility" commitment requires.

Why it serves the approach: everything else assumes it. Without write-time signing and pinned-input replay, the 5-year defensibility commitment collapses to "trust our database."
TRACK 02 · CONTROL MAPPING CATALOG (CMC)

N frameworks. N projections. One canonical catalog.

Turn N-framework coverage from N rebuilds into N projections from one canonical control catalog. Add HIPAA after you ship SOC 2 · same evidence · no rebuild. Adding a framework is a view, not a product.

Why it serves the approach: replayability across a growing framework portfolio is only economical if frameworks are views, not products. The more frameworks acipta projects from one CMC, the cheaper each next framework becomes.
TRACK 03 · BOUNDED AUTONOMY ENGINE

AI judgment. Cheap, interchangeable, replay-safe.

Keep AI judgment cheap, interchangeable, and replay-safe — at the rate the model market improves. Multi-LLM consensus at leaf nodes. When upstream LLM vendors deprecate models, the deterministic backbone holds and evidence replays byte-identically across model swaps.

Why it serves the approach: "without the original LLM in the loop" requires a deterministic backbone with AI judgment at leaf nodes, multi-model consensus, and a replay contract independent of any single vendor.
TRACK 04 · CONFORMANCE & EXTENSIBILITY

Adapters and plugins. Without breaking the replay guarantee.

Let third-party adapters and plugins expand the system without breaking the replay guarantee. Conformance is engineered in — extensibility doesn't get to silently violate the determinism contract.

Why it serves the approach: extensibility is the long-term failure mode for evidence systems. Unbounded plugin surfaces destroy the "platform alone" property unless conformance is engineered in. ASP-1.0 Open Adapter Protocol is the manifestation.
Architectural translation

Features your CTO sees. Audit-defensibility your CCO buys.

Every feature claim translated into the audit-defensibility argument the CCO uses in the room — verbatim — across CCO conversations · auditor technical reviews · Big Four channel pitches.

Feature claim Audit-defensibility translation Who cares
Multi-LLM consensus No single-LLM dependency for the CCO's defensibility argument. Frontier vendor deprecates a model · the chain holds. CCO during audit prep · auditor in technical review · CFO during diligence Q&A on model risk.
Evidence Locker The artifact your auditor will accept. Signed at write time, replayable byte-identically against pinned inputs. CCO when the auditor asks "where's the evidence" · Big Four partner during pre-audit walkthrough.
CMEK · 7-year retention The retention window the auditor required, instrumented at the platform level. No "we'll have to look that up" answer in year 5. CCO during retention-policy review · counsel during litigation hold scoping.
Determinism Ledger When the customer disputes an outcome, the platform replays inputs against pinned models. Byte-identical = outcome stands. Divergent = automatic remediation. No human-relationship adjudication. CCO during contract negotiation · procurement during MSA review · auditor when dispute resolution is questioned.
Reasoning-chain DAG Per-finding attribution — every verdict points to specific evidence artifact, rule firing, judgment chain, and consensus vote. CCO when the auditor asks "why did the platform say this finding" · counsel during evidence chain-of-custody review.
Cryptographic Merkle hash + Bitcoin timestamp anchor Load-bearing crypto without consensus. Consensus and replay determinism are in tension · acipta chose replay. CCO when asked "do you use blockchain" · investor diligence on architecture sophistication · auditor on evidence integrity.
ASP-1.0 Open Adapter Protocol Third-party tools and frameworks plug in without compromising the determinism contract. Extensibility without replay violation. CTO during platform-fit evaluation · CCO when scoping ecosystem integrations.
full suite catalog Cross-framework evidence reuse rate — the share of artifacts that satisfy two or more framework views without re-collection. The substrate generalizes; the suite count proves it. CCO during multi-framework planning · CFO during budget consolidation across frameworks.
Integrity standard alignment

ALCOA+ native to the substrate.

ALCOA+ — Attributable, Legible, Contemporaneous, Original, Accurate, plus Complete, Consistent, Enduring, Available — is the data-integrity standard regulators converge on. Originally formalized for FDA-regulated pharmaceutical and clinical-trial records under 21 CFR Part 11, ALCOA+ is now the integrity bar referenced across HIPAA Security Rule AI updates, EU AI Act Article 12 record-keeping, SOX 404 for AI-augmented financial controls, and emerging SEC AI disclosure requirements. acipta's substrate satisfies all nine principles by construction, not retrofit — each principle maps 1:1 to a specific architectural primitive.

ALCOA+ principle acipta architectural primitive
AttributableCapability tokens (JWT-bound · scoped · time-limited) + signed manifest naming model vendor + model version + tenant + reviewer chain
LegibleCanonical-JSON tool I/O · structured consensus record with named fields · no proprietary viewer required
ContemporaneousHybrid Ed25519 + post-quantum signature applied at write time · RFC 3161 timestamp from external authority (independent third-party trusted timestamp authority)
OriginalHash-chained verdict ledger · editing any prior decision breaks every subsequent hash · tamper-evident by construction
AccurateThree-frontier-model consensus at a high-confidence threshold · sub-floor routes to human reviewer not another model pass
+ CompletePer-verdict signed manifest carries model provenance, per-model confidence, consensus, reviewer chain, and framework projections
+ ConsistentByte-identical 5-year replay via standalone offline verifier · same inputs produce same hash
+ EnduringHybrid post-quantum signing survives a future quantum break of either the classical or the post-quantum signature · a single canonical control spine survives framework-version churn
+ AvailableStandalone offline verifier with no acipta dependency · no network call · no proprietary viewer · 90-day hot + 5-year cold

For the four-question Defensible Agent Test mapping, see The Defensible Agent Test. For auditor-facing detail, see For Auditors. For why decision-time evidence matters more than posture scans for agentic AI, see AI runtime governance.

Canonical answers · verbatim

The two questions every CCO eventually asks.

Locked verbatim per the platform messaging framework. Same wording across customer conversations · auditor technical reviews · investor pitches · Big Four channel meetings. No variants · no drift · no improv.

Question 01 · Do you use blockchain?

The answer that turns the question into a positioning advantage.

"We use cryptographic Merkle hash chains anchored to public Bitcoin timestamps — the part of blockchain that's load-bearing for evidence integrity. We do not use consensus protocols, because consensus and replay determinism are in tension."

Three things this answer does in one sentence. Concedes the load-bearing cryptography — Merkle hash chains plus public-chain timestamp anchor are a real evidence-integrity primitive (Ed25519 + RFC 3161 today · OpenTimestamps anchor on the Wave 2 R&D roadmap as a neutral third-party witness). Rejects consensus theatre — Hyperledger Fabric, Quorum, R3 Corda, Besu introduce ordering ambiguity that breaks the 5-Year Replay Guarantee (5-year replay guarantee). Permanent reject. Names the tension explicitly — consensus and replay determinism are in tension. Auditors register that as competence; investors register it as architectural sophistication.

Question 02 · What happens after certification when a violation occurs?

Certification is a snapshot. Compliance is continuous.

"Certification is a point-in-time attestation. Compliance is continuous. The same Ed25519 evidence chain that produced your certification produces the violation response — automatically, signed at write time, replayable, in the same format your auditor already accepted. The violation joins the chain; it doesn't reset the program."

The 5-stage workflow. Detection · Triage · Notification · Remediation · Re-attestation — every action signed at write time, all joining the same chain. Bridge-letter pack auto-assembles in the same format the original auditor accepted at certification. Chain integrity provable byte-identically. Standard GRC framing puts the violation outside the certified envelope and requires the customer to prove they handled it. acipta framing puts the violation inside the continuous chain and lets the customer demonstrate they handled it.

01
Detection
~4h
Agent flags deviation · Ed25519-signed verdict at write time · added to chain.
02
Triage
<24h
Issues & Actions Register classifies P1–P4 · CMC projects one violation to N framework views.
03
Notification
Regulatory clock
HIPAA 60d · GDPR 72h · NYDFS 72h · SEC 4d · pack on the same chain, filed via standard portal.
04
Remediation
Continuous
Every action signed at write time · access revocation · scope tightening · compensating controls · all join the chain.
05
Re-attestation
~Days
Bridge-letter pack auto-assembled in same format the original auditor accepted · chain integrity provable byte-identically.
Architectural commitments

Reproducible by the platform alone, deterministically, five years from now.

Four non-negotiable invariants — the architectural commitments that separate acipta from every GRC platform. Verbatim per the platform-strategy canonical. Remove any one and "platform-alone" collapses to "trust-us-and-our-database."

COMMITMENT 01

Platform-alone reproducibility

Every customer-impacting verdict re-derives without the original engineer in the loop. Personnel turnover does not break audit defensibility.

COMMITMENT 02

LLM-independent replay

Every verdict re-derives without the original LLM in the loop. Frontier vendor deprecates a model · acipta replays against the pinned bundle and succeeds.

COMMITMENT 03

Five-year durability

The artifact your auditor accepts today is the artifact they verify at year 5 — byte-identically, with standard cryptographic tools.

COMMITMENT 04

Deterministic-only replay

Replay produces byte-identical output or it fails loudly. No "approximately the same" verdicts · no probabilistic audit defensibility.

Built the substrate. Now compounding.

7 suites · 117 specialized agents · 4-track architectural foundation LOCKED. Full GA August 23, 2026. Phase 2 outcome layer with Big Four co-design partner ships December 15, 2026 — co-designed, not co-marketed.

Related guides

Go deeper

What is compliance intelligence?

Per-verdict signed evidence that survives a regulator's replay test — the 2026 category definition.

What is workflow-grounded compliance?

Compliance produced in the build pipeline, signed at write time.

The cryptographic evidence chain

Per-verdict evidence, signed and replayable, verifiable years later.

Per-Article / per-CFR mapping

Evidence mapped to the exact GDPR Article, HIPAA CFR section, control.

EU AI Act compliance

GPAI obligations now in force + Annex III evidence, per article.

HIPAA compliance platform

Per-§164 PHI evidence, BAA available, 6-year retention.