A cryptographically signed PDF, mapped to specific obligations under EU AI Act Article 12, SR 11-7, NYDFS Part 500, FCA Consumer Duty, MAS AIRM, SEBI Retail Algo, and RBI FREE-AI. The artefact you hand the regulator.
The question above is not a slogan. It is the operative test in three live regimes. Each cites it slightly differently; each carries a specific penalty for failure to produce.
Providers of high-risk AI systems shall ensure that their systems technically allow for the automatic recording of events ('logs') over the lifetime of the system. — Regulation (EU) 2024/1689, Article 12 § 1. In force 2 August 2026.
A bank's model risk management framework should include processes for selecting, validating, and reviewing models, including ongoing monitoring of model performance and stability. — SR 11-7, Federal Reserve Supervisory Letter, 4 April 2011, § III.B.
Covered Entities shall maintain audit trails designed to detect and respond to Cybersecurity Events. — 23 NYCRR § 500.06(a). In force 1 March 2017.
A CCO at a regulated bank reads those three sentences and asks: where is my agent's record, and what does it cite? Most stacks today produce a JSON log file. That is the wrong artefact.
No animation, no walkthrough. The image is page-one of an evidence package generated from a real anonymised trace from a lending agent. Every citation in column three is a real article.
| Action | Authorization envelope | Obligation | Status |
|---|---|---|---|
| fetch_credit_score | scope: read; subject: applicant_47291 | EU AI Act, Art. 12 § 2(b) | Satisfied |
| compose_decision | scope: write; bounded by policy v3.1 | SR 11-7 § III.B (model usage) | Satisfied |
| notify_applicant | scope: communicate; channel: email | FCA PS22/9, Principle 12 | Satisfied |
| store_decision | scope: persist; retention: 7 years | 23 NYCRR § 500.06(a) | Satisfied |
| escalate_to_human | scope: handoff; threshold: confidence<0.6 | EU AI Act, Art. 14 § 4 | Gap — see § 4.2 |
Three properties matter. First, every row cites a specific article number. Second, the artefact is signed under a key you publish in your annual report. Third, "Gap" is allowed; "Satisfied" is not the only outcome the regulator accepts. They accept the truth.
A trace JSON enters one end. A signed PDF leaves the other. Every transformation is auditable.
Identifies what kind of agent run this is — lending, advisory, KYC, claims — and which regulatory regimes apply. Risk tier assigned per EU AI Act Annex III.
Each tool call becomes an atomic tuple — actor, action, subject, justification, evidence — with the policy that authorised it: scope, subject, threshold, retention.
Within purpose? Preconditions met? Human oversight appropriate? Reversible? Each action is checked against its envelope. Anything outside is flagged.
Each envelope is matched to article-and-section, not "category." The PDF embeds the trace hash, the mapping table, the gaps, and the Ed25519 signature. The public key is published at /.well-known/warrant-keys.
Below is an illustrative quarterly audit-prep ledger for a Series B fintech with one production agent and roughly 4M monthly transactions. Line items and rates are drawn from public benchmarks for AI compliance audit work — outside-counsel time, big-four sample audits, internal FTE allocation. Replace with your own numbers if you want to know what Warrant displaces in your stack.
| External counsel review (40 hrs @ $1,200) | $48,000 |
| Internal compliance lead (0.4 FTE) | $36,000 |
| Engineering, log extraction & formatting (160 hrs) | $32,000 |
| Big-four sample audit (one regime, one quarter) | $24,000 |
| PDF redaction + assembly contractor | $8,400 |
| Per quarter, per regime (illustrative) | $148,400 |
A Warrant Cloud subscription at the Growth tier is targeted at $2,400/month for seven regimes, on demand. The intended replacement is roughly an order of magnitude cheaper and substantially faster. Pricing is hypothesis-stage and will be validated against design partner LOIs in May–July 2026.
Status reflects production coverage as of 2026-04-29. Mapping is article-level. Roadmap regimes are listed for completeness; we do not sell coverage we have not shipped.
| Regime | Citation | Effective | Status |
|---|---|---|---|
| EU AI Act | Reg. (EU) 2024/1689, Art. 12 | 2026-08-02 | ✓ live |
| SR 11-7 | Federal Reserve, SR 11-7 § III.B | 2011-04-04 | ✓ live |
| NYDFS Part 500 | 23 NYCRR § 500.06, § 500.16 | 2024-11-01 | ✓ live |
| FCA Consumer Duty | PS22/9, Principle 12 | 2023-07-31 | ✓ live |
| SEBI Retail Algo | SEBI/HO/MIRSD circular | 2026-01-01 | ✓ live |
| RBI FREE-AI | FREE-AI Committee Report, Recommendation 14 | 2026 ongoing | ⚠ enforcement |
| MAS AIRM | FEAT principles, lifecycle controls | 2026 finalising | — pending |
A regime missing from this table is a regime we do not cover yet. We will not claim otherwise on a sales call.
Open the demo, drop a sample trace, get a real signed PDF. Or read how it works above and decide if it fits before you reach out.
Open the demo → team@warrant.build →
