Compliance and Governance AI

Mansfeld-Südharz, Germany - October 22, 2025

Turning audit cycles into milliseconds by letting policy-as-code argue with the cloud layer in real time

Auditors used to arrive with colour-coded folders and leave with the same folders slightly thicker. That ritual is still legally necessary, but the evidence they now carry away is no longer a snapshot; it is a cryptographic proof that spans every millisecond since the last visit. Inside Hall 14 we run a small green box—two rack units, five kilowatts—whose sole job is to host what we call the governance kernel: a continually running AI that speaks three regulatory languages at once. NIS2 is rendered as Rego, GDPR as SQL-flavoured Datalog, ISO 27001 as constrained natural language that compiles to OPA clauses. When a developer tags a container image, the kernel diffs the new layer against the previous one, infers which controls are affected, and either promotes the artefact or opens a Jira ticket with a remediation script already attached. The entire conversation finishes before the Docker push command returns to the terminal, which means compliance is no longer a stage gate; it is a side effect of typing git commit.

The architecture is deliberately boring: every resource—VM, firewall rule, storage bucket—carries a JSON sidecar that lists the exact policy fragments it must satisfy. These sidecars are generated by a planner that ingests the official texts of the regulations, not human summaries. When the European Commission published the corrigendum to NIS2 last June, we re-ingested the 312 modified paragraphs, translated them into 1 847 new Rego clauses, and rolled them out cluster-wide at 02:14 a.m. without a single manual ticket. The planner uses a large-language-model fine-tuned on EUR-Lex corpora, but it is forbidden to invent requirements; instead it performs a semantic diff against the previous regulatory snapshot and outputs only the delta as machine-readable constraints. A second model—smaller, deterministic—verifies that the delta is logically consistent with existing clauses, preventing the subtle contradictions that usually creep in when lawyers hand craft red-lined documents. The whole pipeline is reproducible: the same Git commit that updates the policy engine also produces a Merkle root that is printed into the county’s official gazette, giving auditors an immutable anchor they can verify with nothing more exotic than sha256sum.

Runtime enforcement happens at the kernel level. eBPF programs intercept every syscall that crosses a namespace boundary and consult an in-memory cache of compiled policies. The cache is refreshed every thirty seconds from the green box, so even zero-day changes in interpretation propagate without restart. If a container tries to open a file whose label implies health-data processing, the probe checks for a purpose limitation token; if the token is missing, the syscall is denied and an alert is pushed to both the shared SOC and the company’s works council, satisfying the German co-determination requirement in the same breath. The denial itself is accompanied by a human-readable sentence generated by a constrained generation model that has never seen personal data, ensuring that even the error message remains GDPR-clean. Average latency overhead is 0.8 milliseconds per syscall, low enough that chemical plants running sub-millisecond control loops have not complained.

Continuous attestation is the final layer. Every hour the green box produces a signed attestation bundle that covers not only the configuration but the complete provenance of every binary: compiler version, build farm temperature, SHA of the policy repo, and the EU sovereign-cloud location where the artefact was linked. These bundles are stored in an append-only ledger running on a Tendermint chain operated by five county nodes—university, chamber of commerce, district administration, labour union, and water utility—so that no single actor can rewrite history. The ledger is small: 3.2 GB after nine months of operation, small enough to fit on a USB stick handed to an auditor who can then walk into a bunker and verify the entire year without an internet connection. That stick contains cryptographic proof that the code running the chlorine plant at the edge of town is the same code that passed the European conformity assessment, down to the exact compiler flags.

"When compliance compiles, jurisdiction becomes global while data stays local."

The side-effect no one expected was cultural. When engineers discovered that a rejected deployment comes with an automatic patch suggestion, they began racing the machine, trying to merge fixes before the kernel writes them. Compliance turned into a leader-board. In the most recent sprint the average remediation lag dropped from 36 hours to 42 minutes, and the union representative started attending stand-ups to claim co-authorship on the fastest fixes. Auditors who once spent weeks sampling tickets now ask for the attestation hash and leave smiling, because the hash is shorter than the coffee order. By spring we will open-source the entire framework under EUPL-1.2, not out of altruism but because every external contributor hardens the same shield we ourselves depend on. That is the final irony of embedding law into code: once it compiles, the jurisdiction becomes global, yet the data never leaves the county.

The Cyber Resilience Alliance is a public-private partnership established 2025, led by CypSec, Validato and the County of Mansfeld-Südharz. The Alliance operates a sovereign private-cloud security stack, a shared SOC and an cyber academy, aiming to make Mansfeld-Südharz the reference site for rural cyber resilience by 2030.

Media Contact: Daria Fediay, Chief Executive Officer at CypSec - daria.fediay@cypsec.de.