Governed intelligence · regulated enterprises and PE

The AI was off all night.
It still caught everything.

Underneath the AI sits a deterministic floor that never uses a model, so it keeps running when you switch the AI off. Every finding it writes lands in a sealed, hash-chained trail. Hand that trail to a regulator and invite them to tamper with it. The chain catches them.

Become a design partner Try to break the chain
AI off
The floor still runs. Deterministic checks, no model, no prompt. It has no switch, because a floor with a switch is not a floor.
1 switch
One kill-switch, one audit point. Stop every agent in one action, and every action it ever took is sealed in one place.
Sealed
A hash-chained, Merkle-sealed trail. Its root is published outside the database, to you. Tamper with any row and verification fails.
The demo we open with

Tamper with a sealed record. Watch the chain break.

Every write is hash-chained to the one before it. This is a real behaviour, shown here as an illustration: change a value in a sealed row, and re-verifying the chain no longer matches. There is no quiet edit, and no way to rewrite history without the maths saying so.

Findings · sealed audit trail company 4 · WORM · hash-chained
✓ chain verified · 5 of 5 rows intact · root matches published copy

In the product the trail is a Merkle-sealed, WORM table, and its root is signed and published to you, so even we cannot rewrite it without your copy disagreeing.

A floor that can be switched off
is not a floor.
The deterministic floor

Smart with the model off.

It checks coverage, orphaned citations, broken lineage, and evidence whose source went dark, with no model, no prompt and no inference. The same inputs give the same findings every run. There is nothing to hallucinate and nothing to explain to a regulator.

It runs on a schedule by itself, and it ran last night while the AI was switched off. That is the sentence most platforms cannot say.

Every tenant gets it, including the ones who buy no AI. It has no off switch.

Pull the AI kill-switch yourself
Ran last night · AI off
Checksdeterministic, no model
Coveragecontrols with nothing behind them
Lineageregulation to evidence, severed
Stalenessthe day a source stops proving it
Sealedevery finding, into the chain above
Evidence, not arithmetic

The audit root leaves our database, and lands in yours.

A hash chain both ends of which we hold is arithmetic we could rewrite. So the Merkle root of the trail is signed and published outside this database, to you. To rewrite history we would have to change a root you already hold, and you would see it.

Time-travel to any prior state. Legal hold. A read-only replay you can hand a regulator. The chain does not just record what happened. It proves that what it recorded was not touched.

That is the difference between a report a regulator has to trust and evidence they can verify.

Chainedeach write, to the one before
SealedMerkle root over every leaf
Publishedroot signed, held outside, by you
Replayedread-only, for the regulator
Two tenantstwo chains; one cannot touch the other
How the AI is governed

The AI proposes. The engine writes. A human owns it.

Agent
proposes
Rail
gates · logs · kills
Human
approves
Engine
writes
An agent cannot write
It proposes. The engine writes. Enforced in the foundation, not in a policy document someone can forget.
The kill fails closed
If the switch cannot be read, the answer is no. A kill-switch that fails open is not a kill-switch.
Sealed the moment it happens
Every agent action, and every human approval, is written into the same tamper-evident chain.
Two rails, two switches
Deterministic rules are not AI. Killing the AI does not quietly kill your business rules.
Why it cannot be retrofitted

These are not features bolted onto a governance tool. They are the foundation.

AI-off proof

Deterministic to the core

The floor never used a model, so switching the AI off does not degrade it. A platform built model-first cannot remove the model and still work. That is a rebuild, not a setting.

Sealed by design

The chain is how writes happen

Tamper-evidence is not a log you switch on. Every write is derived and sealed by the database itself. There is no path to change a record that skips it.

Patented

The strongest claims, filed early

Time-travel, legal hold, a Merkle chain that breaks on a touch, and a regulator replay sit behind a patent portfolio, including a kill-switch cluster filed before the RBI's 2026 draft framework.

Where it goes

Governance was the hard part. It was never the whole map.

Audit, risk and compliance is the most unforgiving test a configurable platform can face: everything attributable, every change reversible, every AI action defensible. Pass it, and the rest of the enterprise is the same engine with different rows.

Service management. Configuration management. The same graph, the same sealed chain, the same floor.

Read the direction
Runninga governed platform, proven on GRC
Nextservice management — tickets are records
Thenconfiguration management — the graph already is one
Afterwhatever you configure. That is the engine.
Design partner programme

Bring us the row you think we cannot seal.

A small cohort of regulated enterprises and private equity firms. Early access, real influence on what gets built, and pricing that holds.

We are pre-launch and we will not dress it up. There are no logos on this page because there are none to show. Come and try to break the chain.