Status: implemented / diligence available.
The compliance ledger is the audit-evidence component of the cybiont governance stack. It binds the inputs, outputs, context, and policy state of an AI interaction into a tamper-evident timeline so that auditors get a single verifiable record and regulators get a replayable evidence trail.
What the ledger does
- Captures inputs, outputs, context, and policy state at the human–AI boundary.
- Produces tamper-evident traces aligned with FINMA Guidance 2024/08 and EU AI Act audit expectations.
- Emits deployment-specific evidence from the trusted-execution layer where present.
Design targets and research directions
The following are design targets of the ledger, surfaced here for technical context. Detailed implementation status, methodology, and protocol mechanics are reviewed only under mutual NDA.
- Layered authorship. Outputs authenticated against the originating compute environment and the supervisory control layer.
- Risk-aware fusion. Statistical signals (entropy, drift, response consistency) fused into a unified index that drives escalation policy.
- Aggregate verification. Batched evidence with predictable per-batch verification cost.
- Privacy-preserving external verification. Evidence covering third-party API calls without exposing sensitive payloads.