Trust, responsible AI and frameworks
We claim trust by evidence, not adjective.
Governance is not a policy we hand over. It is the mechanism we write into the systems we build. Here are the controls in code, our method for keeping a human accountable, the UK frameworks our work is designed around, and how we handle data.
Advisory by design, and a named person always decides.
Across our builds, AI assists and a human decides, and we can prove who decided and when. These four rules hold in every system we ship.
Advisory by design
Our systems assist. They do not act on their own. The AI never scores a bid, posts to a ledger, contacts anyone externally or finalises a report. Those decisions stay with a named person.
Human-in-the-loop
Cost approvals, outbound contact and final outputs pass through a recorded human decision gate. Below a set confidence, deterministic code overrules the model and routes the case to a person.
Traceable
Append-only decision ledgers record the model, the input, the output and who accepted, modified or rejected it. Quoted evidence must be a literal substring of its source, with chunk-level citations.
No automated decisions
There is no path where the model decides and acts unobserved. Schema-constrained outputs and denied-vocabulary checks mean the system can only do what it has been bounded to do.
The controls are specific. That specificity is the trust signal.
These are not promises. They are the mechanisms we write into the systems we build, each leaving an artefact you can show an auditor.
Read-only by construction
Where AI only needs to read, the database itself rejects any write. It is enforced at the engine, not by a prompt.
Produces
A database role a reviewer can inspect, where every write path is closed at the engine.
Append-only audit ledgers
Every AI suggestion records the model, the input, the output and the named human's accept, modify or reject decision. No silent edits.
Produces
An exportable decision log: model, input, output and the named human's verdict, with no silent edits.
Human-in-the-loop gates
Cost approvals, external contact and final reports require a recorded human decision before anything happens.
Produces
A timestamped approval record for every cost, contact and final report before anything happens.
Confidence floors & reason codes
Below a set confidence, deterministic code overrules the model and routes the case to a person, with an explicit reason for the hold.
Produces
A held case with an explicit reason code, routed to a person rather than auto-resolved.
Anti-hallucination checks
Quoted evidence must be a literal substring of its source, or the extraction fails. The system can't invent a citation.
Produces
A failed extraction instead of an invented citation, so nothing unsupported reaches the output.
Denied-vocabulary blocklists
Prohibited language is injected into the prompt and re-scanned on output; a violating result is rejected, not published.
Produces
A rejected result and a log entry when prohibited language appears, never a published one.
Schema-constrained outputs
AI returns data validated against a strict schema, so downstream logic never acts on free-form text.
Produces
Validated, typed data that downstream logic can act on, never free-form text.
Chunk-level citation provenance
Answers cite the exact passage, with page, source tier and link, so every claim is traceable to where it came from.
Produces
A claim traceable to an exact passage, with page, source tier and link.
UK data residency
Where we control the infrastructure, data stays in the UK, and model calls run under enterprise data-processing terms with no training on your data.
Produces
Data at rest in the UK where we run the infrastructure, under enterprise data-processing terms with no training on your data.
Tenant isolation
Multi-tenant systems are scoped per organisation with least-privilege authorisation enforced on every write.
Produces
Organisation-scoped access with least-privilege authorisation enforced on every write.
The standards regulated UK organisations ask for.
Treat these as a floor we are fluent in: the language a board, an auditor or a combined authority expects before go-live. We align to them and prepare you for certification. We do not issue it.
That fluency matters more each quarter, as EU AI Act high-risk obligations phase in through 2026 to 2027 and UK regulators sharpen what they expect to see.
ISO/IEC 42001
The first international AI management system standard. We help you build an AIMS aligned to it and prepare for certification by a UKAS-accredited body.
NIST AI RMF
We structure AI risk using the framework's Govern, Map, Measure and Manage functions.
EU AI Act
Binding, risk-based EU regulation. The UK isn't bound by it, but many UK organisations are caught through their EU exposure.
UK GDPR & the ICO
The regime that already applies in the UK today. The ICO is the lead regulator wherever AI touches personal data.
NCSC Cloud Security Principles
We map public-sector builds to the NCSC's 14 cloud security principles, the language a combined authority asks for before go-live.
ATRS
The Algorithmic Transparency Recording Standard: how public bodies record the AI tools they use and why.
Cyber Essentials
The UK baseline security scheme our security controls are designed around.
UK Corporate Governance Code
Our BoardServe platform is built for the Code and ready for Provision 29's internal-controls declaration.
We align work to these standards and prepare clients for certification by accredited bodies. We are not a certification body, and we don't claim certifications we don't hold.
UK-hosted where we control the infrastructure.
We are precise about what is in place today versus what is designed for. We do not publish a hardened posture we have not shipped, and we tell you where the boundary sits.
UK-hosted where we control the infrastructure
Where we run the infrastructure ourselves, data is hosted in the UK. Our public-sector evidence workspace keeps its embeddings and data at rest in UK South. We are explicit about the boundary: we frame residency by where we genuinely control it, not as a blanket promise.
Model calls under enterprise data-processing terms
AI model calls run under enterprise data-processing agreements with no training on your data. Where a provider's regional residency for a given model is not yet available, we say so rather than imply it.
UK GDPR alignment and least-privilege access
We design to UK GDPR and the Data Protection Act 2018, keeping DPIA and Article 30 records where they apply, with organisation-scoped, least-privilege authorisation enforced on every write.
Designed for a hardened posture
Private endpoints, rate limiting and the wider hardened-infrastructure posture are designed for and on our roadmap to certification. We do not present roadmap controls as already-shipped fact.
Our current certification and assurance status is available on request. We hold no certifications we have not earned, and we will tell you plainly what is in place and what is on the roadmap.
Request our statusFind out where your AI exposure sits.
We'll tell you plainly what's worth doing, what isn't, and what a board or regulator will expect to see. No pitch deck.
No obligation · no pitch.