"The EU AI Act does not exist to generate paperwork. It exists to ensure that AI systems affecting people's lives are documented, understood, and accountable. We take that seriously — and we built a platform that reflects it."
Four principles that
shape every decision.
Every security feature — SSO, MFA, comprehensive audit logging, tenant isolation, encryption at rest and in transit — is available to every customer on every plan. We will not use your compliance obligations as leverage to upsell you security. The burden of securing the platform rests with us, not with you.
The EU AI Act is 144 pages. Cross-referencing Articles, Annexes, and recitals is the platform's job, not yours. Every questionnaire section, every output, and every gap flag traces back to a specific regulatory obligation. We do not abstract the regulation away — we make it navigable.
The AI Regulatory Navigator is advisory. It says so — clearly and persistently. Every citation it produces is validated against the EU AI Act corpus before it reaches you. The formal risk classification is a separate, user-driven step. We designed the distinction deliberately, because the consequences of over-reliance are real.
The platform runs on AWS eu-central-1 in Frankfurt. All LLM inference uses the Anthropic EU endpoint. A GDPR Article 28 Data Processing Agreement is in place. EU data residency is not a premium feature or a configuration option — it is the default, and it is the only option.
Standard Intelligence is built in accordance with NCSC Secure by Design principles. We take ownership of your security outcomes — not because we have to, but because it is the correct approach for a platform that holds sensitive AI governance documentation.
MFA enforced by default. Phishing-resistant MFA (passkeys, FIDO2) supported. SSO available at all tiers. No insecure configurations are enabled by default.
Public vulnerability disclosure policy. Tenant-accessible audit logging with 10-year retention aligned to Article 18. No security theatre.
The burden of securing the platform sits with us. We report on our security posture publicly and respond to valid vulnerability reports within defined SLAs.
Built on a deliberate,
auditable stack.
Every infrastructure decision has been made with EU data residency, security, and long-term maintainability in mind. We do not use the most fashionable technology; we use the right technology.
Shipping to the
enforcement deadline.
The platform release schedule is governed by the EU AI Act enforcement calendar. Every release milestone is tied to a regulatory date — not an arbitrary sprint goal.
Risk classification, guided questionnaire, documentation output, gap analysis, approval workflows, AI literacy, and post-market monitoring.
Certification module, provider/deployer handover, SCIM 2.0, custom branding, and dataset schema analysis enhancements.
Full AISDP creation workflow available to early-access tenants. Provisioning in under 60 seconds.
Compliance task export to project management tools, regulatory corpus editor, public API with Annex VIII EU database integration, and full notified body workflow.
Ready to get structured?
Early access is open for organisations with high-risk AI systems that need to be compliant by 2 August 2026. Provisioning takes under 60 seconds.