Skip to content

Early Access opens July 12 · $99/mo · all suites during the launch window · price locked through Q1 2027 · Join the waitlist →

Compliance Suite

EU AI Act + ISO 42001

GPAI obligations are now in force; high-risk (Annex III) requirements are staged. Agents maintain your AI system register, technical documentation, and risk-management records — signed at write time, mapped to ISO/IEC 42001, so the evidence stands up when a regulator asks.

10 agentsGA · Aug 23, 2026Release: GA · Aug 23, 2026Buyer: CISO · CCO · CTO · General Counsel

What this suite does

Regulation (EU) 2024/1689 · GPAI + high-risk AI · ISO/IEC 42001 — enforced per control, per framework, per evidence artifact. Every verdict is signed at write time and replayable byte-identically for five years.

  • AI system register — every model in production inventoried and classified
  • Technical documentation auto-built from observed system behavior + design records
  • Continuous risk-management records (identify · estimate · evaluate · mitigate)
  • ISO/IEC 42001 AI management-system evidence mapped to the same control catalog

Key agents in this suite

A representative slice of the 10 agents in this suite. Each ships with deterministic verdicts, a cryptographic evidence chain, and per-framework control mapping.

AI System Register

Continuously maintained inventory of AI systems in production, classified by risk tier.

GPAI Obligations Tracker

Maps general-purpose-AI documentation and transparency obligations to signed evidence.

Risk Management Agent

Runs the continuous risk-management cycle and records each pass as replayable evidence.

Technical Documentation Generator

Builds and version-pins technical documentation from observed behavior and design records.

ISO 42001 Mapper

Projects the same evidence onto the ISO/IEC 42001 AI management-system controls.

Why the substrate matters

Every agent in this suite shares one foundation: a canonical control catalog that projects the same evidence across frameworks, and an evidence chain that is signed at write time, independently timestamped, tamper-evident, and deterministically replayable. The auditor accepts the same artifact at year five that they accept today.

That is the difference between agent-based compliance that is workflow-grounded and AI compliance tooling that is a black box. Agent-based defensibility platform — workflow-grounded.

Read next

Get this suite

Join the early-access cohort ahead of Full GA on August 23, 2026. The substrate the auditor accepts — not legal advice; your counsel stays in the loop.

Last reviewed · Reviewed by the acipta compliance & accessibility team.

Was this page helpful?