Compliance workflows
The EU AI Act wants receipts.
That's what a ledger is.
The Act's obligations for high-risk AI systems lean heavily on two things: records of what the system did, and evidence that humans can see and override it. An immutable behavioral ledger is purpose-built raw material for both.
Where a ledger maps to the Act
- Record-keeping (Article 12)
- High-risk systems must log events automatically over their lifetime. Empress statements are per-interaction, timestamped, immutable, and retained until you decide otherwise — logging as a property of the architecture rather than a feature you remember to add.
- Human oversight (Article 14)
- Oversight requires being able to see what the system is doing and intervene. Statements can carry the reasoning context your system emits, and human overrides are themselves statements — the intervention trail and the activity trail live in one queryable record.
- Transparency & audit
-
When an auditor asks "show me,"
GET /exporthands over the raw evidence as NDJSON — complete, tenant-scoped, and in an open format (xAPI) they can inspect without our tooling.
What we are not claiming
Empress is not a certification, a legal opinion, or an automated report generator. Compliance is a property of your system and your process; what Empress provides is the evidence layer — complete, immutable, exportable — that makes demonstrating it tractable. Your counsel decides what the Act requires of you; your ledger proves what your system actually did.
Start recording before you need the records: quickstart.