Regulatory Compliance

Compliance & Security

Built for auditors, not against them. Every architectural decision was made with regulatory compliance in mind — not retrofitted.

Privacy by Design

Technical Implementation

PII Vault · Audit Trail · Execution Rings · Token Tracking

Data Sovereignty

Data Locality

All data stays on your SovereignNode. No byte leaves your network — unless you explicitly allow it.

SovereignNode (Your Server) User Channels Agent Processes PostgreSQL + SQLite LLM (Local Runtime) PII-Vault Anonymization De-Anonymization External (optional) Cloud-LLM API Web-Search API anonymized Internal (secure) Via PII Vault (anonymized) External (anonymized data only)

Privacy Engine

PII-Vault

Automatic anonymization of personal data before every external API call.

User "Max Müller hat" "3000 EUR bezahlt" Agent Processing PII-Vault Anonymize "[PER_1] hat" "[AMT_1] bezahlt" External API Cloud-LLM PII-Vault De-Anonymize "Max Müller hat" "3000 EUR bezahlt" User Complete Response Mapping (session-bound) [PER_1] = "Max Müller" [AMT_1] = "3000 EUR"
Session

Mappings are session-bound and not persistently stored

Regex + NER

Detection via regex patterns and named entity recognition

Audit

Every anonymization is documented in the audit log

Logging

Audit-Trail

Every agent action is comprehensively logged. The audit trail captures six event types:

SYSTEM_PROMPT Complete system prompt for traceability
REQUEST Incoming user request
RESPONSE Complete agent response
TOOL_START Tool call with parameters
TOOL_OK Tool result (success or error)
LLM_USAGE Token usage, model, latency
// Example: Audit Log Entry
{
  "id": 42847,
  "timestamp": "2026-03-22T14:32:17.445Z",
  "session_id": "ses_7f3a2b91",
  "agent": "logistics",
  "event_type": "TOOL_START",
  "tool": "sql_query",
  "ring": 1,
  "params": {
    "connector": "uyumsoft_db",
    "query": "SELECT item, qty FROM stock WHERE qty < 10"
  },
  "user_id": "tg_12345",
  "pii_anonymized": false
}
// Corresponding LLM_USAGE Entry
{
  "event_type": "LLM_USAGE",
  "session_id": "ses_7f3a2b91",
  "model": "qwen3.5:27b",
  "prompt_tokens": 2847,
  "completion_tokens": 312,
  "total_tokens": 3159,
  "latency_ms": 4280,
  "cognitive_balance": 3
}

Access Control

Execution Rings — Trust Levels

How execution rings prevent unauthorized actions.

Example: Agent (Ring 1) attempts file_write (Ring 2) Logistics Agent Ring 1 (Standard) file_write() Ring-Dispatcher Ring-Check: 1 < 2 BLOCKED "Tool file_write requires Ring 2" Audit Log Entry TOOL_BLOCKED | agent=logistics | tool=file_write | required=2 | actual=1

Resource Monitoring

Token-Tracking

Every LLM call is documented with exact token usage, model name, and latency.

Prompt + Completion

Exact breakdown into prompt_tokens and completion_tokens per request.

Latency Measurement

Every LLM request is recorded with latency_ms, including model name and session context.

Cognitive Balance

Remaining LLM calls per session are tracked as cognitive_balance.

Regulatory Compliance

Standards

GDPR · ISO 9001 & 27001 · GoBD

EU Data Protection

DSGVO / GDPR

AIMOS meets GDPR not through retrofitting but through architectural decisions — Privacy by Design.

Art. 25 — Data Protection by Design

  • Data processing locally by default (SovereignNode)
  • PII Vault anonymizes before every external transmission
  • No cloud service in the default configuration
  • Data minimization: only relevant context data in the LLM prompt

Art. 32 — Security of Processing

  • Encryption: PostgreSQL SSL, SQLite on-disk
  • Access control through Execution Rings (3 levels)
  • Comprehensive audit trail of all processing operations
  • Session-bound PII mappings (no persistent PII storage)

Standards Compliance

ISO 9001 & 27001

AIMOS supports the requirements of both standards through built-in mechanisms.

ISO 9001 — Quality Management

  • Traceability: Every decision in the audit log
  • Traceability: Session IDs link all events
  • Documented processes: System prompts as SOPs
  • Corrective actions: Dreaming cycle learns from errors

ISO 27001 — Information Security

  • Classification: Execution Rings define access levels
  • Access control: Tool authorization configurable per agent
  • Event logging: All 6 event types captured
  • Physical security: Data does not leave the SovereignNode

Bookkeeping

GoBD Compliance

The GoBD (Principles for the proper management and storage of books, records, and documents in electronic form) imposes special requirements on AI-assisted systems.

AIMOS solves this through strict architectural separation:

Separation: Draft vs. Finalization

Agents prepare booking entries (draft). Finalization is performed exclusively by authorized clerks in the target system (ETA V8, DATEV, etc.). No LLM has transaction rights.

Human-in-the-Loop

Ring 2 actions (write access) require explicit authorization. Booking-relevant operations always require human approval — architecturally enforced, not by policy.

Finanz-Agent Creates booking draft DRAFT Booking entry (not finalized) HUMAN REVIEW Clerk reviews and approves FINALIZATION In the target system (ETA, DATEV, etc.)

EU AI Act

EU AI Act

Risk Classification · Transparency · Human Oversight · Documentation

Effective from August 2026

EU Regulation

EU AI Act (AI Regulation)

The EU AI Act (EU) 2024/1689 takes effect in phases and affects every company that deploys AI systems. AIMOS is architecturally designed for compliance — not retrofitted.

Risk Classification: Limited Risk

AIMOS agents are assistance systems with human oversight (human-in-the-loop). No autonomous decisions about individuals, no biometric surveillance, no social scoring functions. This places them in the "limited risk" category — not "high-risk".

Transparency Requirement: Fulfilled

Art. 50: Users must know they are interacting with AI. Every AIMOS agent identifies itself in its system prompt as an AI assistant. All actions are traceable in the audit trail.

Human Oversight: Architecturally Enforced

Art. 14: Execution Rings ensure that no agent independently performs critical actions. Bookings, emails, and orders are presented as drafts — the human decides.

Technical Documentation: Complete

Art. 11: System architecture, data flows, model description, performance metrics, and risk assessment are documented and accessible. MIT License: full source code access.

Logging: Comprehensive

Art. 12: Every agent action is logged — tool calls, LLM requests, token usage, decision chains. Audit-proof trails with session IDs and timestamps.

Data Sovereignty: Complete

Art. 10: Training data and processing data do not leave the SovereignNode. PII Vault automatically anonymizes external API calls. No cloud dependency.

Advantage of Local AI

Cloud AI services must comply with stricter "General Purpose AI" (GPAI) requirements. AIMOS uses a locally operated open-source model — GPAI obligations fall on the model provider (Alibaba/Qwen), not the operator.

Provability

Audit Security

Comprehensive traceability of every AI-assisted decision.

Token-Tracking

Every LLM call is documented with exact token usage (prompt + completion), model name, and latency.

Complete Trail

From user request through tool calls to response — every step is traceable with timestamp and session ID.

PII-Vault Traces

Session-bound anonymization mappings. Traceable which data was anonymized and de-anonymized when.

Source Code Access

MIT License: Auditors can review every line of code. No black box, no proprietary logic.

Verifiable through Audit-Logs · PII-Vault Traces · Session-IDs · Token-Tracking · Source Code Access