AI Governance
As of: 24.05.2026
Every agent we build ships with governance documentation sufficient for audit, oversight, and EU AI Act compliance. Here's the short version.
1. Risk classification
We classify each agent under the EU AI Act's four risk tiers (unacceptable, high, limited, minimal). For each tier we define the applicable obligations — transparency, oversight, data quality, robustness.
2. Human oversight
Each agent has explicit escalation paths. Decisions with potential legal or material consequence are referred to a human or require explicit approval.
3. Data quality and provenance
We document which data sources each agent uses, at what granularity, with which permissions and retention windows.
4. Technical documentation
Architecture, prompts, tool calls, model versions, hyperparameters and safety controls are versioned and documented.
5. Monitoring and drift detection
We monitor answer quality, hallucination rate, tool-call accuracy and drift. Anomalies trigger automated alerts.
6. Incident response
Each agent has a runbook for security and compliance incidents: detection, containment, forensics, notification of the relevant supervisory authority.
7. Audit-grade logs
Every agent decision is stored with inputs, model output, tool calls and final state in audit-grade form.