VouchRail
EU AI Act Article 12 · Full enforcement 2 Aug 2026

The audit-log layer
your AI stack is missing.

VouchRail wraps your existing LLM calls and agent frameworks and emits tamper-evident, hash-chained, Article-12-structured audit logs into storage you own. One config line. Framework-agnostic. GDPR-compatible.

Get early access See what makes it complete
Days until enforcement
Annex III standalone systems · 2 Aug 2026
Penalty ceiling
€15M or 3% global turnover
Article 12 violation, whichever higher
Retention minimum
6 mo deployer · 7 yr provider
GDPR conflict must be resolved
// One config line. Article 12 compliant. Drops into your stack.
import { AuditLogger } from '@vouchrail/sdk';
import Anthropic from '@anthropic-ai/sdk';

const audit = new AuditLogger({
  systemId: 'hireflow-resume-screener',
  storage: { type: 's3', bucket: 'audit-eu-west-1', workMode: true },
  retention: { minimumDays: 180, targetDays: 2555 },
  hashChain: { enabled: true, algorithm: 'sha256' },
  piiRedaction: { strategy: 'pseudonymize' },
  signingKey: process.env.AUDIT_SIGNING_KEY,
});

const anthropic = audit.wrap(new Anthropic());
// Every call through `anthropic` now produces a verifiable Article 12 log entry.
01 · The problem

LangSmith is for debugging. Regulators need something else.

Every observability tool on the market was built for engineers triaging incidents — not for an EU regulator demanding a reconstructable decision trail six months from now.

Plain logs · syslog · print()

Unstructured. Silently editable. No retention enforcement. No hash chain. Zero evidentiary value.

APM — Datadog APM, Sentry

Designed for crash triage. No prompt-template versioning, no agent call tree, no tamper-evidence, retention SLA mismatched.

AI observability — LangSmith, Langfuse, Braintrust, Helicone, Weave

Engineer debug + evals. Vendor controls storage — you can't prove no tampering. 30–90 day retention. Article-12 fields absent.

Blockchain attestation

On-chain logs are immutable → incompatible with GDPR right-to-erasure. Public visibility leaks customer data. Per-action gas costs don't scale.

Static scanners — mcp-eu-ai-act, CodeSlick

They lint your code; they don't record anything at runtime. Complementary tools — not Article 12 evidence.

VouchRail

Runtime-integrated. Article-12-shaped. Hash-chained. Customer-owned storage. GDPR-compatible PII pipeline. The complete evidence chain.

02 · Five-Stack Completeness

A real Article 12 solution needs all five. Today, nobody else ships them together.

Attestation services prove existence but don't log. Scanners lint code but don't record. Observability tracks debug but not regulation. We deliver the entire evidence chain in one product.

  1. 01

    Production SDK integration

    Wraps raw Anthropic / OpenAI / Google SDKs plus agent frameworks (LangGraph, Anthropic Agent SDK, OpenAI Agents SDK, LlamaIndex). No code rewriting. Article 12 demands logging at the decision boundary — this is impossible without runtime integration.

    TypeScriptPythonSync · Async
  2. 02

    Regulator-grade schema

    Every entry carries model identity, prompt template + version, input/output fingerprints, agentic call tree, operator identity, human-review record, reason codes, risk flags, retention bounds — mapped field-by-field to Article 12 paragraphs.

    Article 12(1)–(3)Article 14 oversightArticle 26(6) retention
  3. 03

    Tamper-evident hash chain

    Each entry SHA-256-hashed in JCS-canonical form, linked to the previous entry, signed by a KMS-held key outside the agent trust boundary. WORM-locked storage. Logs without cryptographic integrity have zero court value.

    SHA-256RFC 8785 JCSAWS KMS · Vault
  4. 04

    Customer-owned storage

    Logs land in your S3 bucket (or compatible store) under your KMS keys with S3 Object Lock in Compliance mode. The evidentiary chain depends on the regulator believing the customer controls it — vendor-cloud logs are circumstantial.

    EU-WEST-1 · EU-CENTRAL-1Object LockSSE-KMS
  5. 05

    GDPR-compatible PII handling

    Article 12 says retain six months+. GDPR says delete on request. We resolve the conflict: pseudonymized tokens in the log, raw values in a separate deletable escrow. Decisions stay reconstructable; individuals stay forgettable.

    PseudonymizationKey escrowDual-approval reveal
03 · Architecture

An additive layer on the stack you already run.

You keep LangSmith for debug, Datadog for ops, OneTrust for policy. VouchRail slots between your framework and your storage — never replaces, never blocks.

Application
Your product — resume scoring, credit decision, triage
Agent framework · raw SDK
LangGraph · Anthropic Agent SDK · OpenAI Agents SDK · LlamaIndex · Vercel AI · raw provider SDKs
VouchRail SDK
wraps LLM calls · structures Article 12 entries · computes hash chain · applies PII policy
our product
LLM provider
Anthropic · OpenAI · Google · Bedrock · Azure · self-hosted
Customer-owned storage
S3 + Object Lock · SSE-KMS · EU region of your choice · 7-year WORM retention
Auditor portal · CLI phase 3
case lookup · hash-chain verification · GDPR-aware reveal · regulator-ready PDF export
04 · The schema is the contract

Field-for-field traceable to the regulation.

Same on-disk shape across TypeScript and Python SDKs. Byte-identical canonicalisation. Cross-language conformance vectors gate every release.

// One audit log entry — mapped to Article 12 paragraphs
{
  "callId":               "7b0d3a14-7f4f-4f12-9e90-3b1b9a16c2c1",
  "parentCallId":         "4a1c9b22-...",            // Article 12(2) — agentic call tree
  "caseId":               "candidate-12345",
  "systemId":             "hireflow-resume-screener",

  "startedAt":            "2026-08-15T14:32:00.123456Z", // Article 12(3)(a)
  "endedAt":              "2026-08-15T14:32:01.987654Z",
  "durationMs":           1864,

  "modelProvider":        "anthropic",                  // Article 12(2)(a) · Article 11 traceability
  "modelName":            "claude-3-5-sonnet",
  "modelVersion":         "20241022",
  "modelConfiguration":   { "temperature": 0.2, "maxTokens": 1024 },

  "promptTemplateId":     "resume-scoring-v3",
  "promptTemplateVersion": "3.2.1",
  "promptFingerprint":    "sha256:8f3a…b921",

  "inputFingerprint":     "sha256:2c91…7e0d",           // Article 12(3)(c)
  "inputPiiRedacted":     {
    "fields":       ["name", "email", "phone"],
    "pseudonymKey": "escrow:pii-2026-08:abc123"  // GDPR-deletable
  },

  "toolCalls": [
    { "toolName": "resume_parser", "inputFingerprint": "sha256:…", "outputFingerprint": "sha256:…" }
  ],

  "outputFingerprint":    "sha256:91ab…c204",
  "outputDecision":        { "score": 7.5, "recommended": true },
  "reasonCodes":           ["EXPERIENCE_MATCH", "EDUCATION_OK"],

  "operatorId":           "system",                       // Article 14 · Article 12(3)(d)
  "humanReview":          {
    "reviewerId":    "ops-emma",
    "reviewedAt":    "2026-08-15T14:35:00Z",
    "decision":      "approve"
  },
  "riskFlags":            ["low_confidence"],

  "entryHash":            "sha256:5d41…a8c2",           // tamper-evidence
  "previousEntryHash":    "sha256:f102…9b3e",
  "signature":            "kms:eu-west-1:…:sig",

  "schemaVersion":        "vouchrail-v1.0",
  "recordedBy":           "@vouchrail/[email protected]"
}
05 · Built for Annex III

Each vertical ships with its own playbook pack.

Pre-tuned PII patterns, reason-code libraries, FRIA templates, reference integrations. Generic compliance products lose vertical bake-offs.

HR Tech · AI recruiting

Largest single Annex III category. Resume scoring, automated screening, interview ranking. Pre-tuned for CV PII — name, education, employment history.

GreenhouseWorkdayLeverEightfold

Fintech · credit scoring

AI lending decisions, creditworthiness, BNPL underwriting. Reason codes mapped to EBA adverse-action guidance. Audit defence kit for AI-driven denials.

Affirm-classKlarna-classBank-grade

Insurtech · AI underwriting

Risk pricing, claim assessment, parametric triggers. Capture model lineage + decision rationale across portfolio shifts.

ParametricClaim AIPricing

AI healthcare

AI triage, mental-health pre-screen, radiology pre-read (non-medical-device). NHS-number redaction, GDPR-Article-9 sensitive-data discipline.

TriagePre-screenImaging

AI education · assessment

Essay scoring, placement testing, automated proctoring. Reason codes auditable against academic integrity standards.

Essay AIProctoringPlacement

Cross-jurisdiction by design

One schema satisfies EU AI Act Article 12, UK AI framework, Canadian AIDA, US OMB M-26-04, NIST AI RMF, ISO/IEC 42001, draft Japanese AI Act.

EU · UKUS · CAJP · ISO
06 · Pricing

Open-source first. Managed on top.

SDK is Apache 2.0 forever. You can run it entirely on your own S3. Paid tiers add managed storage, multi-region, full PII workflow, and the auditor portal.

OSS · self-hosted
$0
unlimited events
  • SDK + CLI · Apache 2.0
  • Your S3 · your KMS
  • Hash-chain verifier
  • Community support
Get the SDK
Starter
$99/mo
1M events / mo
  • Hosted storage · 1 region
  • Basic dashboard
  • Email support
  • Retention policy enforcement
Talk to us
Enterprise
Custom
unlimited · $20K–$200K / yr
  • SSO · mTLS · dedicated region
  • Custom retention · custom schema
  • Named compliance advisor
  • SOC 2 · ISO 27001 in scope
Talk to sales
07 · Talk to me

Direct line to the founder. No funnel, no SDR.

Building VouchRail as a Taiwan-based solo technical founder. If you're running high-risk AI in the EU, drop a line and I'll respond personally.

On submit your default mail client opens with a pre-filled message to [email protected]. No tracking, no third-party form handler — it's a static site.