Built for the audit

The definitive security risk list for AI agent systems. VeriSwarm covers all 10 risks.

• 10/10 risks covered on Max plan
• Cross-model verification for memory poisoning
• Guard injection detection + PII tokenization
• Vault immutable audit ledger

EU regulation on artificial intelligence. Maps high-risk AI system requirements to VeriSwarm features. High-risk obligations effective December 2, 2027 (delayed from August 2026 by the May 7, 2026 Omnibus deal); general-purpose AI model obligations effective August 2, 2028.

• Article 9: Risk management via Gate scoring
• Article 12: Record-keeping via Vault ledger
• Article 14: Human oversight via Workflows
• Article 15: Robustness via Guard + circuit breakers
• Article 50: AI content labeling via signed provenance manifests

First US state high-risk AI law with deployer obligations. Names NIST AI RMF and ISO 42001 as alignment anchors.

• §6-1-1703: Risk management policy aligned to NIST AI RMF or ISO 42001
• §6-1-1703(3): Impact assessments with 3-year retention via Vault
• §6-1-1704: Consumer notification audit events
• §6-1-1705: Annual review via human_review workflow

Consolidated coverage for the four state chatbot safety bills signed in March–April 2026. Disclosure, crisis intervention, and minor protections.

• AI disclosure to users, persistent for minors
• Self-harm detection + 988 / Youthline referrals
• Sexually explicit content prevention for minors
• Manipulative engagement prohibition for minors
• Annual safety report (Oregon SB 1546)

New York's transparency and incident-reporting framework for large frontier-model developers. 72-hour and 24-hour critical-incident windows.

• Published Frontier AI Framework (catastrophic risk management)
• 72-hour critical safety incident reporting
• 24-hour expedited reporting for imminent harm
• Third-party catastrophic-risk evaluation
• Pre-deployment mitigation review via human_review workflow

First in force of the new wave. Annual framework, pre-deployment transparency reports, 15-day / 24-hour incident reporting, and whistleblower protections. Civil penalties up to $1M per violation.

• Annual Frontier AI Framework (large developers)
• Pre-deployment transparency reports for every frontier model
• 15-day critical incident reporting to CalOES
• 24-hour expedited reporting for imminent public threat
• Alignment with NIST AI RMF or ISO 42001 cross-mapping

US federal framework for AI risk management. Four core functions: Govern, Map, Measure, Manage.

• Govern: Policy engine + plan-gated governance
• Map: OWASP attestation + 4-axis scoring
• Measure: Error budgets + Guard finding tracking
• Manage: Kill switch + circuit breakers

International standard for AI management systems. Covers organizational context through continual improvement.

• Operations: Cortex Workflows + Guard scanning
• Performance: SLO tracking + cost analytics
• Improvement: Vault audit trail for trend analysis

Federal confidentiality regime for substance use disorder treatment records. Stricter than HIPAA on consent and re-disclosure. On HHS OCR's 2026 'what we are watching' list.

• §2.13: Consent-bound disclosure via Cedar policy + Guard PII tokenization
• §2.16: Vault hash chain as the contemporaneous security log
• §2.24: Right-of-Access fulfillment via Cortex Workflows
• §2.25: Vault export = §2.25 accounting of disclosures verbatim
• §2.31: Consent capture workflow with human_review gate
• §2.32: Re-disclosure notice automatic in disclosure workflows
• §2.51: Cedar emergency-override branch with Vault rationale event

National Association of Insurance Commissioners model for state-level AI governance of insurers. Twenty-four states plus DC have adopted; departments are issuing market-conduct exam questions against it.

• §3: Written AI/ML governance program via Cedar policies + Vault audit
• §4.1: Pre-deployment testing via Gate scoring + Guard scans
• §4.2: Drift detection through error budgets + reliability scoring
• §4.3: Third-party AI governance via integration registry + manifests
• §4.4: Adverse-outcome explainability via Vault decision logs

Colorado Division of Insurance regulation distinct from the general Colorado AI Act. Mandates algorithm inventory, quantitative bias testing, risk-tier controls, and an annual compliance report filed with the DOI.

• §A: Algorithm inventory via Fleet manifests with use-disclosure metadata
• §B: Quantitative bias testing via routing rules + scoring profile audits
• §C: Risk-tier controls enforced through Cedar policy + lifecycle gates
• §D: Annual compliance report via Vault export + assessor endpoint

New York Department of Financial Services cybersecurity regulation extended via the October 2024 AI Industry Letter. Covers NY-licensed banks, insurers, and investment advisers operating AI in production.

• §500.2: AI cybersecurity program via Guard + Cedar + Vault stack
• §500.3: AI-specific risk assessment via Fleet inventory + scoring
• §500.13: Access controls + MFA enforced via lifecycle policy
• §500.17: Incident notification + hash-chained audit trail

Anti-fraud framework for SEC-registered investment advisers. After the March 2024 enforcement sweep against AI-washing, the SEC requires substantiation for every AI marketing claim.

• §206(1): Anti-fraud — truthful marketing via claim-by-claim Vault substantiation
• §206(2): Material-omission discipline via mandatory disclosure workflows
• §206(4)-1: Marketing Rule advertisement pre-publication review (Cedar)
• §206(4)-7: AI coverage in the firm's compliance program — assessor evidence pack

Equal Credit Opportunity Act applied to AI-driven credit decisions. The CFPB's 2023 circular makes clear that 'the model is too complex' is not a §1002.9 defense. State AGs (NY, CO, CA) coordinate enforcement.

• §1002.9: Adverse-action notices with specific reasons via Vault decision logs
• §1002.6: Disparate-impact testing via routing rules + scoring profile audits
• §1002.13: Application-level AI disclosure via Guard transformation
• State AG coordination evidence via assessor's multi-jurisdiction report

Federal model risk management framework extended to AI by the OCC's 2024 guidance. Applies to all OCC-supervised banks (national + federal savings associations) using AI in credit, fraud, AML, or customer-facing flows.

• §III: Model development standards documented via Fleet manifests
• §IV: Independent validation via cross-model verification
• §V: Model risk governance via Cedar + tenant-scoped policy versioning
• §VI: Effective challenge via human_review + dissent capture

American Bar Association ethics framework for lawyers using AI. Each state bar publishes its own AI opinion under these rules; California, Florida, and New York have already issued formal opinions.

• Rule 1.1: Technological competence — Cortex docs + run-history evidence
• Rule 1.6: Client confidentiality — Guard PII tokenization on every LLM call
• Rule 3.3: Candor to the tribunal — hallucination guardrails + grounding checks
• Rules 5.1 / 5.3: Supervision via human_review queues + assignment audit
• Per-state Cedar policy variants for jurisdiction-specific bar opinions

Federal Rules of Civil Procedure sanctions framework for inadequately-checked AI filings. The Oregon $110K sanction precedent (Jan 2026) sets the current floor; every federal filing relying on AI must show pre-submission verification.

• Rule 11(b)(2): Legal contention warranted — citation-check workflow + Vault proof
• Rule 11(b)(3): Factual contention has evidentiary support via grounding + sources
• Rule 11(c): Sanctions prevention evidence via human_review pre-filing
• Oregon $110K precedent — assessor maps your controls to the precedent's standard

California's companion-chatbot statute. Mandates AI disclosure, self-harm/suicide safety protocols, minor safeguards, and creates a private right of action with statutory damages.

• §22760.6: User AI disclosure via persistent Guard transformer
• §22760.7: Self-harm + suicide safety protocols via crisis-intervention rules
• §22760.8: Known-minor safeguards via lifecycle policy + age-gate evidence
• §22760.9: Private-right-of-action evidence preservation via Vault

California's content-provenance and AI-disclosure law for covered providers. Requires AI content marking, a detection tool, conversational AI disclosure, and records-of-use retention.

• AITA §1: AI content marking via signed provenance manifests
• AITA §2: AI detection tool provision via OATS-compatible endpoints
• AITA §3: Conversational AI disclosure via Guard transformer
• AITA §4: Records of AI use via Vault hash chain (statutory retention)

Federal Trade Commission deceptive-practices enforcement. Operation AI Comply has produced five enforcement priority lanes; the bulletin applies to any business making AI claims to US consumers.

• Don't misrepresent AI capabilities — Vault substantiation per public claim
• Don't deploy without harm mitigation — Guard always-on + lifecycle gates
• Don't exploit emotional relationships — Cedar rules on companion behaviors
• Don't make unsubstantiated claims — pre-publication review workflow
• Don't mislead with automation — disclosure transformer + audit trail