/compliance
The most boring page on the site. We worked the hardest on it.
If you can’t prove what your AI did, you don’t have AI — you have liability. Here’s how Bob earns the right to operate inside a regulated brokerage.
SOC 2 Type II
in progress · audit Q3 2026
NZ Privacy Act 2020
fully compliant
GDPR
EU-resident customers · DPA available
FMA-aware audit
NZ Financial Markets Authority
Row-level RLS
every read, every write, every prompt
Hash-chain ledger
tamper-evident · verifiable on demand
The ledger
Every action Bob takes is a row in a hash-chained ledger you can query.
Reads, writes, prompts, citations, RLS checks, voice handoffs — each line carries a cryptographic hash that depends on the previous line. Tamper with one row and every row after it breaks. The chain is verifiable on demand from the audit page — your compliance officer gets a read-only token and can verify it themselves.
LEDGER · #74,238,910
08:14:02readcustomers.tenants[7138]0xa14f
08:14:02promptgpt-5 · 2.1k tok0x8e22
08:14:03writefacts.driver_age@v750x40bc
08:14:05citewording_NZ-COMP-1.4 §3.20xff19
08:14:05rlstenant_isolation_check ok0x721d
08:14:06rlstenant_isolation_check ok #20x9c4a
The next twenty insurance brokerages will not be built on spreadsheets.
We’re onboarding ten design-partner brokerages this quarter. If your book is between 1,000 and 12,000 policies, we should talk.