AI Compliance Readiness: Regulatory Gap Analysis
Date: 2026-07-01 Prepared by: Research (grāmatr-assisted) For: Covington Place Partners — internal advisory use only Status: Draft — not legal advice; not for external distribution without review
Disclaimer
This document is a capability gap analysis, not legal advice. Conformity assessments, compliance certifications, and legal determinations are the province of licensed legal counsel. The honest framing throughout is "designed to support," "maps to," and "evidence-ready for" — never "certified," "compliant," or "guarantees compliance." grāmatr and CPP cannot guarantee regulatory compliance; they can provide tooling and advisory that supports the operational obligations those regulations impose.
Founders referenced: Shea Long & Mike Burns (Covington Place Partners).
How grāmatr Capability States Are Classified
grāmatr capabilities appear in three states throughout this document. The distinction matters for compliance claims:
| State | Meaning | How confirmed |
|---|---|---|
| LIVE/DEPLOYED | Confirmed running on the production platform (api.gramatr.com/mcp, v0.27.6) via direct API query | Live MCP tool calls returning actual records or active definitions, executed 2026-07-01 |
| IN-REPO | Code exists in /home/research3/work/gramatr/ but deployment to production was not independently confirmed during this review | Source file evidence cited; no live-platform verification |
| NOTE/ASPIRATIONAL | Found only in documentation, design docs, or memory notes — no code or live confirmation | Cited doc only; treat as intent, not capability |
Claims marked [DEPLOYMENT-UNVERIFIED] indicate where this analysis cannot confirm the live state. Open questions for the grāmatr team are collected at the end of the document.
Live platform identity confirmed: grāmatr v0.27.6 at https://api.gramatr.com/mcp, caller Brian Handrigan (d2293e01), org gramatr, role super_admin. All entity counts from live API calls 2026-07-01.
Part 1 — Regulatory Requirements
1A. EU AI Act — Digital Omnibus Package (as of July 2026)
The EU AI Act (Regulation (EU) 2024/1689) entered into force August 1, 2024. The "Digital Omnibus" simplification package was provisionally agreed May 7, 2026, endorsed by the European Parliament June 16, 2026, and received Council final approval June 29, 2026. Publication in the Official Journal was pending as of this writing — the high-risk deferral dates are legislatively confirmed but not yet formally operative until that publication.
Sources: Council press release, May 7, 2026; Gibson Dunn — Omnibus: Postponed Deadlines and Key Changes; ComplianceHub.wiki — Annex III deferral; ComplianceHub.wiki — Art. 50 and Omnibus; Modulos.ai — Omnibus deadlines fixed; Latham & Watkins — Timeline Relief and Simplification; Latham & Watkins — GPAI Obligations in Force; Dastra — Inside the Omnibus Deal; EU AI Act — Art. 53 text; DLA Piper — Omnibus update
Active Obligations (July 2026)
| Obligation | Article(s) | Who | Status | Evidence Artifact Required |
|---|---|---|---|---|
| Prohibited practices ban | Art. 5 | All providers + deployers | Active since Feb 2, 2025; expanded Dec 2026 for nudifier/CSAM ban | Policy prohibiting banned systems |
| AI literacy | Art. 4 | Providers + deployers | Active since Feb 2, 2025 | Documented staff training programs; internal governance evidence |
| GPAI technical documentation | Art. 53(1)(a) | GPAI model providers | Active Aug 2, 2025 (new models); Aug 2, 2027 (legacy pre-2025 models) | Technical documentation form: model properties, training, energy consumption, intended use; retained 10 years |
| GPAI transparency to AI Office + downstream | Art. 53(1)(b) | GPAI model providers | Active Aug 2, 2025 | Disclosure package; authorized representative mandate for non-EU providers (Art. 54) |
| GPAI copyright policy | Art. 53(1)(c) | GPAI model providers | Active Aug 2, 2025 | Published opt-out compliance policy |
| GPAI systemic-risk notification | Art. 55 | Highest-capability GPAI model providers | Active Aug 2, 2025 | Notification to AI Office; systemic risk assessment; red-team adversarial testing |
| AI-generated content disclosure | Art. 50(1)(3)(4) | Providers + deployers | Active Aug 2, 2026 | User-facing disclosure at interaction start; deepfake and emotion-recognition labeling |
| Machine-readable output watermarking | Art. 50(2) | Generative AI providers | Aug 2, 2026 (new systems); Dec 2, 2026 (systems already on market) | Machine-readable marking embedded in synthetic outputs |
Deferred Obligations — High-Risk AI Systems (Annex III standalone: Dec 2, 2027; Annex I product-embedded: Aug 2, 2028)
| Obligation | Article(s) | Who | New Deadline | Evidence Artifact Required |
|---|---|---|---|---|
| Risk management system | Art. 9 | Providers of high-risk AI | Dec 2, 2027 / Aug 2, 2028 | Documented iterative risk management plan; residual risk records |
| Data governance | Art. 10 | Providers | Dec 2, 2027 / Aug 2, 2028 | Data provenance, bias audit, training/validation/test set documentation |
| Technical documentation | Art. 11 | Providers | Dec 2, 2027 / Aug 2, 2028 | Technical file per Annex IV; maintained through system lifetime |
| Automatic record-keeping / logging | Art. 12 | Providers + deployers | Dec 2, 2027 / Aug 2, 2028 | Automatically generated event logs; ≥6-month retention minimum |
| Transparency to deployers/users | Art. 13 | Providers | Dec 2, 2027 / Aug 2, 2028 | User-facing instructions; limitations disclosure |
| Human oversight measures | Art. 14 | Providers + deployers | Dec 2, 2027 / Aug 2, 2028 | Documented human-oversight procedures; override capability; trained operators |
| Accuracy, robustness, cybersecurity | Art. 15 | Providers | Dec 2, 2027 / Aug 2, 2028 | Benchmark results; adversarial-robustness testing; security documentation |
| Post-market monitoring | Art. 72 | Providers | Dec 2, 2027 / Aug 2, 2028 | Monitoring plan; performance tracking over deployment lifetime |
| Serious-incident reporting | Art. 73 | Providers + deployers | Dec 2, 2027 / Aug 2, 2028 | Incident register; 48-hour notification to national authority |
| Conformity assessment | Arts. 43–44 | Providers (or notified body) | Dec 2, 2027 / Aug 2, 2028 | CE marking; EU declaration of conformity; third-party audit for highest-risk categories |
Provider vs. deployer: Providers (build/place on market) carry the heaviest documentation and conformity burden. Deployers (use in their context) carry logging, human oversight, and monitoring duties when they apply a high-risk system outside the provider's specified scope.
1B. Colorado SB 26-189 — Automated Decision-Making Technology Act
Status: SB 24-205 (the original Colorado AI Act) was repealed May 14, 2026, after enforcement was paused by a federal court injunction (April 27, 2026). Its replacement, SB 26-189, was signed by Governor Polis on May 14, 2026 and takes effect January 1, 2027.
Sources: Colorado General Assembly — SB 26-189; Seyfarth Shaw — Colorado Enacts AI Replacement Law; Littler — Colorado Amends AI Law; Hunton — Colorado AI Act Amended; Consumer Finance Monitor — SB 26-189 Unpacked; Monitaur — SB 26-189 Compliance Strategies; TechjackSolutions — What Law Firm Analysis Confirms
Scope definitions:
- ADMT (Automated Decision-Making Technology): Technology that processes personal data and uses computation to generate output — predictions, recommendations, classifications, rankings, scores — used to make, guide, or assist a decision concerning an individual.
- Consequential decision: A decision relating to an individual's access to or eligibility for education, employment, housing, financial/lending services, insurance, healthcare, essential government services, or public benefits.
- Developers: Entities that create or substantially modify covered ADMT.
- Deployers: Entities that use covered ADMT to make consequential decisions.
Obligation Table — Colorado SB 26-189 (Effective January 1, 2027)
| Obligation | Who | Deadline | Evidence Artifact Required |
|---|---|---|---|
| Technical documentation | Developers | Jan 1, 2027 | Docs describing: intended uses, training data categories, known limitations, instructions for appropriate use/monitoring/meaningful human review |
| Material update notification to deployers | Developers | Ongoing | Written notice of material modifications |
| Consumer notice at point of interaction | Deployers | Jan 1, 2027 | Clear, conspicuous notice that covered ADMT is being used |
| Adverse-decision plain-language explanation | Deployers | Within 30 days of adverse consequential outcome | Plain-language description of ADMT's role; principal reasons for the outcome |
| Right to data correction | Deployers | On consumer request | Process to correct factually incorrect personal data used by the ADMT |
| Right to human review and reconsideration | Deployers | On consumer request after adverse outcome | Meaningful human review process |
| Record retention | Developers + deployers | 3 years | All records necessary to demonstrate compliance |
| AG rulemaking compliance | Deployers | Jan 1, 2027 | Comply with AG rules on post-adverse-outcome disclosures (AG must adopt by Jan 1, 2027) |
Enforcement: AG enforces via Colorado Consumer Protection Act. Violations are deceptive trade practices. 60-day notice + cure opportunity before AG action, until Jan 1, 2030. No private right of action (removed from the original law).
Key scope change vs. SB 24-205: The mandatory risk management program and annual impact assessments are gone. SB 26-189 is a disclosure + consumer-rights framework, not a full governance mandate.
Part 2 — grāmatr Capabilities (Live-Platform Verified)
All LIVE/DEPLOYED claims are based on direct API queries to https://api.gramatr.com/mcp (grāmatr v0.27.6) executed 2026-07-01. IN-REPO claims are based on source code in /home/research3/work/gramatr/. NOTE/ASPIRATIONAL claims are from design docs only.
2A. Capabilities Confirmed LIVE/DEPLOYED
These were verified by querying the live platform and receiving actual records or active definitions.
| Capability | Live Evidence | Detail |
|---|---|---|
| Per-turn classification telemetry | 23,822 records in classification_telemetry entity type; 3 records from today (2026-07-01) confirmed via list_entities | Each record contains: turn_id, multi-head BERT scores (intent, effort, urgency, sentiment, requires_approval, domain), prompt_hash, session_id, project_id, primitives_composed, contract_hash, created_at. All user-scoped (scope: "user"). |
| Per-turn record with prompt and summary | 22,097 records in turn entity type; 3 records from today confirmed via list_entities | Each record contains: full prompt text, AI-generated summary, turn_id, session_id, project_id, prompt_hash, sequential turn_number (highest seen: 2,074), classification block, classifier_model, summary_generated_at. |
requires_approval classification head | Confirmed in every live classification_telemetry record returned | Example from live record: "requires_approval": {"label": "false", "confidence": 0.98319834}. The head fires on every classified turn. |
| Primitives-composed policy provenance per turn | Confirmed in live classification_telemetry records | primitives_composed array in each record lists every principle, standard, guideline, preference, and agent bound to that turn — with selection_reason and entity_id. This is the per-turn policy enforcement audit trail, showing which policies were active for each decision. |
| Soft-delete discipline (immutability) | Standard soft_delete_cascade confirmed LIVE — seed_source: "static", enforcement: "mandatory", is_public: true, via list_definitions | "Deleting an entity sets inactive=true and recursively soft-deletes child observations and relations in the same transaction. Hard DELETE is reserved for admin GDPR paths." Means the 23,822+ telemetry and 22,097 turn records cannot be hard-deleted through normal paths. |
| Conversation immutability | Standard conversation_observations_immutable confirmed LIVE — seed_source: "static", enforcement: "mandatory", is_public: true, via list_definitions | "Observations attached to entities of entity_type='conversation' are append-only. Editing or deleting a conversation observation breaks the training-data lineage and is rejected at the service layer." |
| Per-user RLS isolation | Standards user_id_filter_on_every_query + rls_policy_for_user_scoped_tables both LIVE — seed_source: "static", enforcement: "mandatory", is_public: true, via list_definitions. Principle user_data_isolation_is_inviolable LIVE with binding_strength: "inviolable" | "Every query, embedding, and cache key MUST partition by user_id. There is no exception, no admin override, no debugging shortcut. Cross-tenant leakage is the one failure mode that ends the company." Confirmed operationally: every live entity returned in queries carried the caller's user_id. |
| Secret management standards | Standards no_secrets_in_logs + no_hardcoded_credentials both LIVE — seed_source: "static", enforcement: "mandatory", is_public: true, via list_definitions. Principle secrets_come_from_secret_manager_only LIVE with binding_strength: "inviolable" | All production credentials flow through Bitwarden Secret Manager (BWS). |
| Execution summary on every tool response | Standard execution_summary_on_every_tool_response LIVE — seed_source: "static", enforcement: "mandatory" | "Every MCP tool handler and REST API handler MUST attach the canonical execution_summary metadata block." Confirmed: every live API response in this review returned execution_summary. |
audit_log entity type | 24 live records in audit_log entity type confirmed via list_entities; most recent May 2026 | These are human-authored operational audit events (e.g., "backfill applied," "seed snapshot rebuilt"). Note: these are intentional operational milestones, NOT automated per-turn compliance logs — automated logging runs via classification_telemetry and turn (see above). |
| Model decommission / change runbook | Runbook change_embedding_model LIVE — seed_source: "static", is_public: true, via list_definitions | Full 6-step procedure for changing the active embedding model: write-freeze, staged rollout to staging first, production cutover, rollback path, decommission old model after 7-day stability. This is the live model-lifecycle governance capability. |
| Credential + security incident runbooks | Runbooks rotate_compromised_credential (severity: critical) + respond_to_secret_in_commit_or_log (severity: critical) both LIVE — seed_source: "static", via list_definitions | respond_to_secret_in_commit_or_log Step 6: "File incident report; notify any third party whose credential was involved." Covers rotation, redaction, audit, and notification for security credential incidents. |
| GitOps-only production path | Principle gitops_is_the_only_path_to_production LIVE — binding_strength: "inviolable" | "Production state changes flow exclusively through git." Makes all production changes auditable by construction. |
| 25 routing capabilities | Confirmed LIVE via list_capabilities — all 25 returned across sections A–F | Includes: Quality Gate creation (A), effort classification (B), agent dispatch + research (C), multi-agent collaboration including red-team with 32 agents (D), parallel execution (E), test runner + static analysis (F). |
2B. Capabilities That Are IN-REPO (Code Present, Deployment Unconfirmed)
These are grounded in source code at /home/research3/work/gramatr/ but were not independently confirmed as deployed during this review. The NIST AI RMF alignment statement (dated 2026-06-11) provides the most recent attestation.
| Capability | In-Repo Evidence | Status |
|---|---|---|
| Directive resolver (scoped policy hierarchy) | packages/intelligence/src/services/directive-resolver-unified.ts — cited in NIST alignment doc with description of system→org→team→project→user enforcement | [DEPLOYMENT-UNVERIFIED] — see Open Questions #2 |
| Decision router | packages/intelligence/src/services/decision-router.ts — cited in NIST alignment doc | Circumstantially confirmed: live classification_telemetry records show BERT head outputs consistent with this router, but the specific deployment binary was not verified |
| Pattern analyzer | packages/intelligence/src/services/pattern-analyzer.ts — cited in NIST alignment doc for risk-trend mining | [DEPLOYMENT-UNVERIFIED] — see Open Questions #3 |
| Metrics service / token savings | packages/intelligence/src/services/metrics-service.ts — cited in NIST alignment doc | [DEPLOYMENT-UNVERIFIED] — execution_summary on tool responses confirms some metrics pipeline, but this specific service was not directly queried |
| Log sanitizer | packages/core/src/log-sanitizer.ts — cited in NIST alignment doc | [DEPLOYMENT-UNVERIFIED] — no_secrets_in_logs standard is LIVE but the sanitizer binary in the deployed pod was not verified |
| Cross-tenant hardening CI tests | packages/mcp-server/src/tools/__tests__/cross-tenant-hardening.test.ts — cited in design-consistency-model.md | [DEPLOYMENT-UNVERIFIED] as a CI artifact — in-repo existence confirmed; whether CI is currently running it was not verified |
2C. Capabilities That Are NOTE/ASPIRATIONAL (Docs Only)
These were not found in the live platform or confirmed in runnable code. They are explicitly named as gaps or roadmap items in grāmatr's own documentation.
| Capability | Source | Notes |
|---|---|---|
| Prompt-injection / jailbreak detection | docs/nist-ai-rmf-alignment-2026-06-11.md — MEASURE 2.7 gap, issue #3716 | "Detection capability tracked (#3716); the position is real, the detection is not yet built." No code file cited. |
| Automated anomaly-detection → kill-switch | docs/nist-ai-rmf-alignment-2026-06-11.md — MANAGE 2.3–2.4, issues #3698/#3718 | Explicitly roadmap. Live telemetry exists; automated response does not. |
| Fairness / bias metric | docs/nist-ai-rmf-alignment-2026-06-11.md — MEASURE 2.11 gap | "Not yet instrumented as a first-class metric." |
| Regulatory requirements register | docs/nist-ai-rmf-alignment-2026-06-11.md — GOVERN 1.1 gap | Documentation-only gap; ~1 day to write; not yet written. |
| Formal TEVV plan | docs/nist-ai-rmf-alignment-2026-06-11.md — MAP 2.3 gap | The flywheel enacts it informally; no formal document. |
| Formal governance-review cadence | docs/nist-ai-rmf-alignment-2026-06-11.md — GOVERN 1.5 gap | No scheduled human review documented. |
| AI incident disclosure runbook | Not found in live runbooks or repo | No respond_to_ai_incident or Art. 73-style notification runbook found across 27 live runbooks queried. Security credential runbooks exist; AI system behavior incident runbooks do not. |
| Consumer explanation / appeal workflow | Not found anywhere in live platform or repo | No consumer-facing explanation endpoint, adverse-decision intake, or appeal workflow found. |
| Configurable log retention beyond 60 days | docs/cpp-gramatr/ai-governance-standards-alignment-2026-06-10.md — noted as "deployment option" | The NIST alignment doc stated "60-day rolling window today." Whether a longer-retention tier is currently available in production was not confirmed. See Open Questions #1. |
| SOC 2 audit completion | docs/cpp-gramatr/ai-governance-standards-alignment-2026-06-10.md | "Disciplines followed; audit in planning" — not yet complete. |
Part 3 — Gap-Analysis Matrix
3A. EU AI Act — Current Active Obligations
| Obligation | Article | grāmatr Coverage | State | Verdict | What's Missing |
|---|---|---|---|---|---|
| AI Literacy | Art. 4 | grāmatr's primitives_composed system binds principles, standards, and guidelines into every turn before the model fires — machine-layer literacy enforcement | LIVE/DEPLOYED at the machine layer | PARTIAL | Art. 4 asks for documented human staff training programs. grāmatr addresses machine-layer enforcement; it does not produce human employee training documentation |
| Prohibited practices ban | Art. 5 | requires_approval BERT head fires on every turn (confirmed in 23,822 live records); scoped directive hierarchy can encode prohibitions | LIVE/DEPLOYED (requires_approval); IN-REPO (directive encoding) | PARTIAL | No explicit Art. 5 prohibited-use-case registry mapped to enumerated bans. The gate exists; the prohibition content must be authored into directives by each operator |
| GPAI technical documentation | Art. 53(1)(a) | grāmatr is AI middleware integrating third-party GPAI models — it is not a GPAI model provider under the Act. Per-turn model provenance captured in classification_telemetry (classifier_backend, classifier_version fields) | LIVE/DEPLOYED for provenance tracking | NOT APPLICABLE to grāmatr directly. Clients who are GPAI providers need their own Art. 53 documentation; grāmatr's per-turn model record is an evidentiary input, not the required technical documentation form | |
| GPAI transparency to AI Office | Art. 53(1)(b)(c) | Same applicability note | Same | NOT APPLICABLE to grāmatr directly | Same |
| AI-generated content disclosure | Art. 50(1)(3)(4) | Directive hierarchy can require disclosure language at system scope on every interaction | IN-REPO (directive capability); no live confirmation of deployed Art. 50 template | PARTIAL | No shipped Art. 50(1) disclosure template. Deployer clients must configure their own directive |
| Machine-readable watermarking | Art. 50(2) | This obligation falls on the model provider (e.g., Anthropic for Claude), not middleware | NOT APPLICABLE to grāmatr | NOT APPLICABLE to grāmatr. Deployer clients need to confirm their model provider meets Art. 50(2); grāmatr's classifier_backend field in live telemetry records which provider was used |
3B. EU AI Act — High-Risk Obligations (Deferred; Prepare Now)
Not yet legally operative but the December 2027 deadline justifies preparation starting now.
| Obligation | Article | grāmatr Coverage | State | Verdict | What's Missing |
|---|---|---|---|---|---|
| Risk management system | Art. 9 | Per-turn risk classification (effort_level, requires_approval) fires on every turn; 23,822 live records demonstrate continuous risk-calibrated routing | LIVE/DEPLOYED | PARTIAL | No documented iterative risk-management plan artifact a regulator could inspect. grāmatr provides the enforcement substrate; the plan document must be separately authored |
| Data governance | Art. 10 | Per-user RLS (user_id_filter_on_every_query + rls_policy_for_user_scoped_tables — both LIVE/DEPLOYED mandatory standards); user_data_isolation_is_inviolable inviolable principle LIVE | LIVE/DEPLOYED | PARTIAL | No formal bias audit of training/input data; no Art. 10-compliant data-sheet per AI system. RLS is the data isolation control; the documentation artifact is absent |
| Technical documentation | Art. 11 | NIST AI RMF alignment statement is the closest analog (IN-REPO, dated 2026-06-11); per-turn telemetry supplies provenance inputs | IN-REPO | PARTIAL | No Annex IV-style technical file per deployed AI system. Clients need system-specific documentation for their own deployments; grāmatr's NIST crosswalk covers the platform |
| Automatic record-keeping / logging | Art. 12 | 23,822 classification_telemetry records + 22,097 turn records confirmed LIVE/DEPLOYED. Auto-generated every turn; soft_delete_cascade standard prevents hard deletion. Each record carries turn_id, intent, effort, requires_approval, model used, session_id, project_id, created_at, full primitives_composed provenance. This is grāmatr's strongest compliance proof point. | LIVE/DEPLOYED | PARTIAL — strongest strength, one confirmed gap | Retention gap [DEPLOYMENT-UNVERIFIED]: Art. 12 requires ≥6-month retention for high-risk systems. The NIST alignment doc stated "60-day rolling window" as of 2026-06-11. Whether the live production database retains records beyond 60 days was not confirmed in this review. The grāmatr team must confirm actual retention before this can be represented as ≥6-month-capable. See Open Questions #1. |
| Transparency to deployers/users | Art. 13 | Directive system can mandate disclosure content; per-model capability records tracked | IN-REPO (directive capability) | PARTIAL | No shipped Art. 13-compliant user instruction template; deployer clients must configure |
| Human oversight | Art. 14 | requires_approval gate confirmed LIVE/DEPLOYED in every classification_telemetry record | LIVE/DEPLOYED | PARTIAL | requires_approval is a routing-layer classification. Art. 14 also requires trained operators, documented override procedures, and organizational oversight processes — these are organizational, not tooling, deliverables |
| Accuracy, robustness, cybersecurity | Art. 15 | no_secrets_in_logs + RLS isolation LIVE/DEPLOYED; pre-model governance IN-REPO | Mixed | PARTIAL | No formal accuracy/robustness benchmark; prompt-injection detection is NOTE/ASPIRATIONAL (#3716); no Art. 15 security documentation artifact |
| Post-market monitoring | Art. 72 | 23,822+ live telemetry records constitute continuous per-deployment monitoring; pattern-analyzer.ts IN-REPO for trend mining | LIVE/DEPLOYED (telemetry); IN-REPO (pattern analysis) | PARTIAL | No formal post-market monitoring plan document; automated anomaly→response is NOTE/ASPIRATIONAL (#3698) |
| Incident reporting | Art. 73 | Security incident runbooks LIVE/DEPLOYED (rotate_compromised_credential, respond_to_secret_in_commit_or_log) — but these cover credential/security incidents, not AI system behavior incidents | LIVE/DEPLOYED for security incidents only | GAP | No AI system incident register; no documented 48-hour notification procedure to national authorities; no AI-specific incident disclosure runbook found in the 27 live runbooks. This is a confirmed gap in both the live platform and the NIST alignment doc (MANAGE 4.3). |
| Conformity assessment | Arts. 43–44 | grāmatr's live audit trail + NIST crosswalk would supply evidence for a conformity assessment process | IN-REPO (NIST crosswalk documentation) | GAP | Conformity assessment is a legal process (self-assessment or notified-body audit); no CE marking; no EU declaration of conformity — regulatory-legal deliverables, not grāmatr capabilities |
3C. Colorado SB 26-189 (Effective January 1, 2027)
| Obligation | Who | grāmatr Coverage | State | Verdict | What's Missing |
|---|---|---|---|---|---|
| Technical documentation | Developers | classification_telemetry records the model, intent, effort, and directives per turn; NIST alignment statement is the platform-level technical document | LIVE/DEPLOYED (per-turn provenance); IN-REPO (NIST crosswalk) | PARTIAL | Developer clients must author their own SB 26-189-compliant technical documentation for their ADMT products; grāmatr's per-turn record is an evidentiary input, not a substitute |
| Material update notification | Developers | soft_delete_cascade + conversation_observations_immutable ensure all changes are logged and non-deletable | LIVE/DEPLOYED | PARTIAL | No automated "material change" notification workflow from developer to deployer clients; this is an organizational process |
| Consumer notice at point of interaction | Deployers | Directive hierarchy can require disclosure language at system scope on every interaction | IN-REPO (directive capability) | PARTIAL | No out-of-box SB 26-189 notice template; disclosure must be explicitly configured per deployer |
| 30-day adverse-decision explanation | Deployers | classification_telemetry and turn records (LIVE/DEPLOYED, 23,822 + 22,097 records) contain the per-turn decision provenance — model used, intent classification, requires_approval score — that is the raw material for a plain-language explanation | LIVE/DEPLOYED (the underlying record) | PARTIAL | No explanation-generation API that takes a turn_id and produces a consumer-readable explanation; no 30-day response workflow; no consumer intake surface. The data exists; the workflow and surface do not. |
| Right to data correction | Deployers | update_entity MCP tool (LIVE/DEPLOYED — confirmed via live API) allows mutation of stored entity data; RLS ensures only the correct user's data is accessible | LIVE/DEPLOYED (entity update path) | PARTIAL | No consumer-facing correction request intake; no SB 26-189-compliant correction workflow |
| Right to human review after adverse outcome | Deployers | requires_approval gate (LIVE/DEPLOYED) is a pre-decision human-review flag for high-risk turns | LIVE/DEPLOYED (requires_approval classification) | PARTIAL | requires_approval is a pre-decision routing signal, not a post-adverse-outcome appeal flow. A consumer appeal queue for after-the-fact review must be built separately. See Open Questions #4 for current behavior. |
| Record retention (3 years) | Developers + deployers | soft_delete_cascade (LIVE/DEPLOYED mandatory standard) prevents hard deletion; 23,822+ classification_telemetry + 22,097 turn records persist; inactive flag only | LIVE/DEPLOYED (soft-delete prevents deletion) | PARTIAL — retention window [DEPLOYMENT-UNVERIFIED] | SB 26-189 requires 3-year retention. Soft-delete architecture prevents premature deletion. However, the actual queryable retention window is unconfirmed — the NIST alignment doc stated "60-day rolling window" as of June 2026. The grāmatr team must confirm whether records older than 60 days remain queryable in production. See Open Questions #1. |
Part 4 — The CPP Opportunity
4A. Framing the Offering
"AI Compliance Readiness" sits at the intersection of CPP's existing AI Governance & Audit advisory product and two urgent market drivers: EU AI Act GPAI and transparency obligations (live now), and Colorado SB 26-189 coming online January 1, 2027 — with a growing list of states in similar territory.
CPP's role: advisory, assessment, and remediation design — the human judgment layer that maps regulatory obligations to a client's specific systems, authors required artifacts (technical documentation, risk management plans, conformity assessment prep), and designs the organizational processes (human oversight programs, incident response, consumer-appeal workflows).
grāmatr's role: the evidence and enforcement substrate — automatically generating the per-turn audit trail, enforcing policy pre-model, tracking model provenance, and surfacing the telemetry a compliance reviewer draws on. Designed to support clients' compliance obligations, not to certify or guarantee them.
The combined offer: CPP tells you what you have to do and authors the required artifacts; grāmatr makes sure your AI systems are leaving the evidentiary trail those artifacts describe, and that your policies are actually enforced (not just documented).
4B. The Three Strongest Wedges
Wedge 1 — EU AI Act Article 12: Automatic Logging (build toward Dec 2027) Art. 12 requires that high-risk AI systems automatically generate event logs over their lifetime — a manual export does not satisfy it. grāmatr's per-turn decision log is confirmed LIVE/DEPLOYED at 23,822+ classification_telemetry records and 22,097 turn records, auto-generated on every classified turn, with soft_delete_cascade immutability preventing backdating. Each record carries turn_id, session_id, project_id, model used, requires_approval score, and the full primitives_composed list showing which policies were active — the structural shape Art. 12 demands. The single remaining gap (retention window confirmation) is a configuration question, not an architecture question. CPP positions this as: "start building your Art. 12-ready log now, before the Dec 2027 deadline."
Wedge 2 — Colorado SB 26-189: Consumer Explanation Right (active Jan 1, 2027) The 30-day adverse-decision explanation requirement is an operational process clients must build before January 1, 2027. grāmatr's live turn records contain the full prompt text and AI-generated summary per decision; the classification_telemetry records contain the model, intent, requires_approval score, and bound policies. Together they are the raw material for a plain-language explanation — but the workflow, template, and consumer intake surface do not yet exist and must be built. CPP's advisory layer designs the workflow; grāmatr supplies the underlying data. Clients deploying ADMT for consequential decisions (lending, employment, healthcare, housing) need both, and the January 2027 deadline creates urgency now.
Wedge 3 — NIST AI RMF as the US Enterprise Anchor Enterprise buyers, insurers, and procurement requirements increasingly treat NIST AI RMF alignment as table-stakes for AI vendor due diligence. grāmatr has a self-attested crosswalk to all four NIST AI RMF functions (GOVERN/MAP/MEASURE/MANAGE) published 2026-06-11, with requires_approval BERT head confirmed live in 23,822 records (GOVERN 3.1–3.2), and the per-turn telemetry system confirmed live with 45,919+ total records across classification_telemetry + turn (MEASURE 2.8 "explain to a regulator in 48h"). CPP can offer NIST AI RMF readiness assessments with grāmatr as the evidence substrate — positioning the combined offering as "compliance-ready by architecture, not just by documentation."
4C. Top Three Build Gaps to Close First
Build Gap 1 — Confirm and extend log retention [DEPLOYMENT-UNVERIFIED → needs grāmatr team answer today] This is the single highest-priority open question. The NIST alignment doc stated "60-day rolling window" as of June 2026. EU AI Act Art. 12 requires ≥6 months; Colorado SB 26-189 requires 3 years. Until the grāmatr team confirms (a) the actual current retention window in production and (b) whether a configurable longer-retention tier exists and is tested, every Art. 12 and SB 26-189 record-retention claim carries a material caveat. Closing it: confirm the live retention policy; if under 6 months, implement a configurable retention configuration with a documented deployment guide and a verified query path for records older than 60 days. No new architecture needed — the soft-delete immutable records already exist; the question is the database retention window.
Scope note (added 2026-07-01): this obligation is scoped, not universal. EU Art. 12 automatic-logging applies ONLY to high-risk (Annex III/I) AI systems; Colorado SB 26-189's 3-year retention applies ONLY to records for consequential-decision ADMT (lending, employment, housing, healthcare, insurance, government benefits). Neither law requires that every grāmatr turn be stored audit-proof. So this is not a platform-wide default change — the correct build is a per-app/org configurable long-retention tier for the compliance-relevant records of a client's regulated deployment, leaving the 60-day working-memory default untouched. For clients not running a high-risk / consequential-decision system, this retention obligation does not bind.
Build Gap 2 — Consumer explanation + appeal workflow (4–6 weeks engineering) Neither the EU Act's deployer transparency obligations nor Colorado SB 26-189's 30-day explanation right can be satisfied by a per-turn log alone. They require a consumer-facing workflow: accept a turn_id or session reference, generate a plain-language explanation from the live turn + classification_telemetry records, and route for human review if the consumer requests appeal. The underlying data is confirmed LIVE/DEPLOYED (23,822 telemetry + 22,097 turn records). The surface does not exist. Closing it: an explanation-generation API endpoint (input: turn_id; output: human-readable explanation citing the underlying records) and a deployer-configurable consumer intake workflow. This is the gap between grāmatr's strongest evidence asset and a consumer-facing compliance deliverable.
Build Gap 3 — AI incident disclosure runbook (1 day documentation + tracked engineering) EU AI Act Art. 73 requires documented 48-hour notification to national authorities after a serious AI system incident. The 27 live runbooks cover security credential incidents (rotate_compromised_credential, respond_to_secret_in_commit_or_log) but none covers AI system behavior incidents. There is no trigger definition (what constitutes a "serious AI incident" for a routing system), no notification template, no regulatory contact structure, no escalation chain for AI-specific failures. Without this, CPP cannot credibly offer incident-response advisory backed by grāmatr infrastructure. Closing it: a documented AI incident response + disclosure runbook as a first-class live runbook (~1 day, overlapping with planned SOC 2 work), followed by anomaly-detection → alert automation (#3698/#3718) to make 48-hour response operationally achievable rather than aspirational.
Open Questions for the grāmatr Team
These items could not be resolved from live platform queries or repo review. They are blocking or materially qualifying compliance claims and should be confirmed before this analysis is used in external advisory work.
- [HIGH PRIORITY] Log retention window: What is the actual retention window for
classification_telemetryandturnentity records in the current production database? Is there a configurable longer-retention deployment option? Can records older than 60 days be queried? This gates every EU AI Act Art. 12 and Colorado SB 26-189 record-retention claim in this document. - Directive resolver deployment: Is
packages/intelligence/src/services/directive-resolver-unified.ts(the scoped policy hierarchy enforcing system→org→team→project→user directives) currently deployed in the production grāmatr server, and is per-turn policy enforcement via this code path active for all clients? - Pattern analyzer deployment: Is
packages/intelligence/src/services/pattern-analyzer.tscurrently running in production? If so, does it produce output that would constitute post-market monitoring evidence? requires_approvalrouting behavior: When therequires_approvalBERT head fires with labeltruefor a given turn in production, what actually happens? Is there a live human review queue, or is it a classification signal that the calling client must act on?- AI literacy documentation: Does grāmatr have any documented staff AI literacy training program covering grāmatr's own operations as a provider (for Art. 4 compliance for grāmatr itself)?
Summary Assessment
"AI compliance readiness + tracking" is a credible CPP offering. The regulatory pressure is real and near-term: GPAI obligations are live now, Art. 50 transparency is active August 2026, high-risk obligations arrive December 2027, and Colorado SB 26-189 takes effect January 1, 2027.
grāmatr's strongest confirmed proof point is the automatic, immutable per-turn audit trail — 23,822 classification_telemetry records + 22,097 turn records confirmed LIVE/DEPLOYED today on the production platform, auto-generated on every classified turn, protected by mandatory soft-delete standards confirmed live. The requires_approval classification head fires on every turn. The user_data_isolation_is_inviolable principle is live and inviolable-strength.
The most-cited gap — log retention — is a scoped configuration problem, not a platform-wide one. It binds only when a client runs a high-risk (EU Art. 12) or consequential-decision (Colorado) system, and even then it concerns a per-app configurable long-retention tier for the compliance-relevant records — not the general 60-day working-memory window. The records exist and are immutable (soft-delete); the open question is the retention/queryability window on the compliance-relevant layer, for regulated deployments only.
The next largest gaps (AI incident disclosure runbook, consumer explanation workflow) are buildable in days to weeks; neither requires architectural changes. CPP's advisory layer is the necessary complement throughout: regulatory obligations require human authors for technical documentation artifacts, organizational design for human oversight processes, and legal review for conformity assessment — none of which grāmatr can substitute for, and all of which CPP is positioned to deliver.
Source Index
Regulatory sources:
- Council of EU — Digital Omnibus political agreement, May 7, 2026
- Gibson Dunn — EU AI Act Omnibus: Postponed Deadlines
- ComplianceHub.wiki — Omnibus Annex III deferral
- ComplianceHub.wiki — Article 50 and Omnibus
- Modulos.ai — Omnibus Deadlines Fixed
- Latham & Watkins — Timeline Relief, Simplification
- Latham & Watkins — GPAI Obligations in Force, Code of Practice
- Dastra — Inside the EU AI Omnibus Deal
- EU AI Act official — Article 53 text
- EU AI Act — Implementation Timeline
- DLA Piper — Omnibus Update
- Inside Privacy — EU AI Act Update
- Colorado General Assembly — SB 26-189
- Seyfarth Shaw — Colorado Enacts AI Replacement Law
- Littler — Colorado Amends AI Law
- Hunton — Colorado AI Act Amended
- Consumer Finance Monitor — SB 26-189 Unpacked
- Monitaur — SB 26-189 Compliance Strategies
- TechjackSolutions — SB 26-189 What Law Firms Confirm
- Aguardic — Colorado AI Act Compliance Guide
grāmatr live-platform evidence (all queries executed 2026-07-01, grāmatr v0.27.6):
- Server identity:
gramatr_whoami→https://api.gramatr.com/mcp, v0.27.6 classification_telemetry: 23,822 records —list_entities(total_count confirmed)turn: 22,097 records —list_entities(total_count confirmed)audit_log: 24 records —list_entities(total_count confirmed)- Standards LIVE confirmed via
list_definitions:soft_delete_cascade,conversation_observations_immutable,user_id_filter_on_every_query,rls_policy_for_user_scoped_tables,parameterized_queries_only,no_secrets_in_logs,no_hardcoded_credentials,execution_summary_on_every_tool_response - Principles LIVE confirmed via
list_definitions:user_data_isolation_is_inviolable(inviolable),secrets_come_from_secret_manager_only(inviolable),gitops_is_the_only_path_to_production(inviolable) - Runbooks LIVE confirmed via
list_definitions:change_embedding_model,rotate_compromised_credential,respond_to_secret_in_commit_or_log,restore_from_backup,rollback_failed_deploy(27 total runbooks queried) - Capabilities LIVE confirmed via
list_capabilities: all 25, sections A–F
grāmatr in-repo evidence:
/home/research3/work/gramatr/docs/nist-ai-rmf-alignment-2026-06-11.md/home/research3/work/gramatr/docs/design-consistency-model.md/home/research3/work/gramatr/docs/gramatr-capability-inventory-2026-05-13.md/home/research3/work/gramatr/docs/cpp-gramatr/ai-governance-standards-alignment-2026-06-10.md/home/research3/work/gramatr/docs/cpp-gramatr/cpp-engagement-audit-trail-2026-06-10.md