Skip to main content
GenieFactoryGenie Factory
SolutionAI Governance

AI Governance: EU AI Act compliance built into the platform

IT governs. Business builds. RBAC, traceability, AI Act — natively integrated at every layer. Not a module added on: a substrate. Your teams control access, compliance, data.

Try the platformBook a guided demo
AI Act
compliance by design
RBAC + SSO
natively integrated
Audit logs
exportable

The 4 pillars of GenieFactory governance

Everything your CTO and DPO need — natively integrated into the platform.

Traceability

Structured log of every agent execution: prompts, called tools, retrieved documents, decisions. Exportable for audit.

RBAC + SSO

Roles and permissions per use case, propagated to all components. Standard SAML / OIDC SSO.

AI Act compliance

Risk-level classification, documentation produced at every iteration, integrated controls. Microsoft rents you a workshop in its ecosystem. We give you a platform you own — with compliance built in.

Code ownership

The code generated belongs to you, delivered in your repository. Zero lock-in — you stay in control of your assets.

How to make an AI use case compliant?

The 5 steps the platform executes with you — without leaving your environment.

  1. 1

    Classify the AI Act risk level

    Categorise the use case according to the 4 AI Act risk levels to determine applicable obligations.

  2. 2

    Document specifications and method

    Produce the functional spec, test suites, and evaluation method — l'Établi does it natively.

  3. 3

    Enable RBAC and SSO

    Define roles, permissions, and integrate authentication (SAML/OIDC) before deployment.

  4. 4

    Deploy with traceability and logging

    Every agent execution produces a structured log, browsable and exportable for audit.

  5. 5

    Monitor and audit continuously

    Dashboard per use case, periodic review, documented remediation plan.

FAQ

Frequently asked questions

The platform integrates risk-level classification for each use case, compliance documentation, model decision traceability, and audit logging. Compliance is not bolted on after the fact — it is produced at every iteration.
Yes. Roles and permissions are defined per use case and propagated across all components — agents, RAG, connectors. SSO integration (SAML, OIDC) is standard.
Each agent execution produces a structured log: prompts, tools called, documents retrieved, decisions made. This log is queryable per use case and exportable for audit.
Yes — sovereign cloud or on-premise hosting, your choice. No business data leaves your perimeter without an explicit decision.
The generated code belongs to you and is delivered into your own repository. You can export it, audit it, and evolve it without the platform — no technical lock-in.