Compliance & Regulatory Mapping
Last Updated: February 12, 2026 ABS Core is designed to help enterprises meet strict regulatory requirements for AI Agents. This page maps our features to key frameworks.[!CAUTION] DISCLAIMER: The information on this page is for technical and informational purposes only. It does not constitute legal advice. Regulatory compliance is the sole responsibility of the Licensee.
EU AI Act
ABS Core assists with General Purpose AI (GPAI) and High-Risk AI System obligations:| EU AI Act Article | Requirement | ABS Core Solution |
|---|---|---|
| Art. 12 | Record-Keeping | Immutable Ledger automatically logs all agent inputs/outputs with cryptographic proofs. |
| Art. 14 | Human Oversight | Policy Engine enforces “Human-in-the-Loop” triggers for high-risk decisions. |
| Art. 15 | Accuracy & Cybersecurity | Secret Vault protects credentials; Shield blocks prompt injection attacks. |
SOC 2 (Security)
We align with the Trust Service Criteria (TSC):- CC6.1 (Logical Access): RBAC and API Key rotation.
- CC8.1 (Change Management): Policies are versioned as code (GitOps).
- A1.2 (Data Retention): WORM (Write-Once-Read-Many) storage options for audit logs.
HIPAA (Healthcare)
For customers in the healthcare sector:- BAA: Enterprise Risk Addendum available.
- PII Redaction: Automatic stripping of PHI (Protected Health Information) from logs before storage.
- Encryption: End-to-end encryption for all data streams.
LGPD / GDPR
- Data Minimization: We store only metadata by default. Payload storage is opt-in.
- Right to Erasure: API endpoints to purge specific decision logs.