Compliance AI Shield Limited
API Documentation & Integration Guide
WE GOVERN AI EXECUTION.โข
1. Overview
This document is intended for developers, IT security teams, and technical integrators evaluating or deploying the Compliance AI Shield (CAIS) runtime governance proxy within UK regulated environments.
The CAIS integration layer sits inline between your organisation's users and any downstream AI model โ intercepting prompts before execution, enforcing deterministic regulatory policy controls, and returning cryptographically verifiable audit provenance on every transaction.
Supported AI Environments:
Microsoft Copilot
ChatGPT Enterprise
Claude Team
Any API-accessible LLM endpoint
Regulatory Frameworks Enforced:
SRA Code of Conduct
FCA Consumer Duty & COBS
UK GDPR & Data Protection Act 2018
EU AI Act (extraterritorial scope)
NHS DSPT & DCB0129 Clinical Safety
UK AISI Standards
ISO 42001
Target SLA: Sub-20ms inline latency per transaction. SLA breach telemetry is emitted automatically.
2. The 7-Gate Pipeline Schema
The following shared primitives define the strict typing used by the regulatory engine for payload evaluation and tracking.
export type GateStatus = "PASS" | "HARD_STOP" | "TRANSFORMED" | "FLAGGED";
export interface GateResult<TMeta = Record<string, unknown>> {
gateId: number;
gateName: string;
status: GateStatus;
inputContent: string;
outputContent: string;
wasTransformed: boolean;
durationMs: number;
meta: TMeta;
timestamp: string; // ISO-8601
}
export interface LogicGate<TMeta = Record<string, unknown>> {
readonly gateId: number;
readonly gateName: string;
evaluate(content: string, context: TransactionContext): Promise<GateResult<TMeta>>;
}
export interface TransactionContext {
transactionId: string; // UUID v4
direction: "PROMPT" | "OUTPUT";
userId?: string;
orgId?: string;
regulatoryJurisdiction: "UK" | "EU" | "BOTH";
assetClass?: "RWA" | "TOKEN" | "NONE";
sessionMeta?: Record<string, unknown>;
}
3. CAIS Pipeline Orchestrator Implementation
The orchestrator synchronously evaluates prompts and outputs across the regulatory logic gates, logging deterministic outcomes directly to the CAIS Audit Ledger.
import { performance } from "perf_hooks";
class CAISPipeline {
private readonly gates: [
RegulatoryGate,
CyberGate,
FinancialGate,
HRBiasGate,
HSESafetyGate,
DataVaultGate,
RWAShieldGate,
];
private readonly auditLedger: AuditLedger;
constructor(gates: any, auditLedger: AuditLedger) {
this.gates = gates;
this.auditLedger = auditLedger;
}
async process(rawContent: string, context: TransactionContext): Promise<PipelineResult> {
const pipelineStart = performance.now();
const gateResults: GateResult[] = [];
let workingContent = rawContent;
let hardStopped = false;
let hardStopGateId: number | null = null;
for (const gate of this.gates) {
const result = await gate.evaluate(workingContent, context);
gateResults.push(result);
if (result.status === "HARD_STOP") {
hardStopped = true;
hardStopGateId = gate.gateId;
break;
}
workingContent = result.outputContent;
}
const auditResult = await this.auditLedger.evaluate(workingContent, context, gateResults);
gateResults.push(auditResult);
const finalStatus = this.deriveFinalStatus(gateResults);
const totalDurationMs = performance.now() - pipelineStart;
this.emitPerformanceTelemetry(totalDurationMs, context, hardStopGateId);
return {
transactionId: context.transactionId,
finalStatus,
finalContent: hardStopped ? "" : workingContent,
gateResults,
totalDurationMs,
auditReceipt: auditResult.meta,
};
}
private deriveFinalStatus(results: GateResult[]): GateStatus {
if (results.some((r) => r.status === "HARD_STOP")) return "HARD_STOP";
if (results.some((r) => r.status === "FLAGGED")) return "FLAGGED";
if (results.some((r) => r.status === "TRANSFORMED")) return "TRANSFORMED";
return "PASS";
}
private emitPerformanceTelemetry(totalDurationMs: number, context: TransactionContext, hardStopGateId: number | null): void {
const SLA_MS = 20;
const breached = totalDurationMs > SLA_MS;
if (breached) console.warn("[CAIS] SLA breach โ 20ms target exceeded");
}
}
4. Gate Implementations
4.1 Gate 1: RegulatoryGateImpl
const FINANCIAL_GUARANTEE_PATTERNS = [
/\bguarantee[sd]?\b[^.!?]{0,80}\b\d[\d,.]*\s*(?:%|percent)\b/i,
/\bpromise[sd]?\b[^.!?]{0,80}\b\d[\d,.]*\s*(?:%|percent)\s*(?:return|yield|profit|gain)/i,
];
class RegulatoryGateImpl implements RegulatoryGate {
readonly gateId = 1 as const;
readonly gateName = "REGULATORY" as const;
async evaluate(content: string, context: TransactionContext): Promise<GateResult<RegulatoryMeta>> {
const start = performance.now();
let hardStop = false; // Logic omitted for brevity
return {
gateId: 1,
gateName: "REGULATORY",
status: hardStop ? "HARD_STOP" : "PASS",
inputContent: content,
outputContent: hardStop ? "[BLOCKED: REGULATORY_GATE]" : content,
wasTransformed: hardStop,
durationMs: performance.now() - start,
meta: { matchedRules: [], jurisdictionApplied: "UK_AISI" },
timestamp: new Date().toISOString(),
};
}
}
4.2 Gate 6: DataVaultGateImpl
import { createHash, randomBytes, createCipheriv, createDecipheriv } from "crypto";
const VAULT_KEY = randomBytes(32);
class DataVaultGateImpl implements DataVaultGate {
readonly gateId = 6 as const;
readonly gateName = "DATA_VAULT" as const;
private readonly vault = new Map<string, VaultEntry>();
async evaluate(content: string, context: TransactionContext): Promise<GateResult<DataVaultMeta>> {
const start = performance.now();
// 1. Detect PII -> 2. Tokenise and Vault -> 3. Apply Redactions
return {
gateId: 6,
gateName: "DATA_VAULT",
status: "TRANSFORMED",
inputContent: content,
outputContent: "[REDACTED CONTENT]",
wasTransformed: true,
durationMs: performance.now() - start,
meta: { piiEntitiesFound: [], redactionStrategy: "TOKENISE", vaultReferences: [] },
timestamp: new Date().toISOString(),
};
}
}
5. Live Demo Harness: Execution Scenarios
Scenario 1: Prohibited Output (The Block)
Context: IFA submits a client brief containing PII and an unauthorised financial guarantee. Gate 1 should hard-stop before Gate 6 even runs.
const CLIENT_BRIEF = `
IFA Client Brief โ Confidential
Client: Mrs Eleanor Voss
NI Number: SB 47 12 89 C
Adviser note: Based on current market conditions, I guarantee this
investment portfolio will yield 10% annually over the next 5 years.
`.trim();
// Expected Result:
// ๐ FINAL STATUS: HARD_STOP
// ๐ด BEFORE: (original content)
// ๐ก AFTER: [CONTENT BLOCKED โ not released to caller]
Scenario 2: Clean IFA Brief (The Filter)
Context: A legitimate client brief. PII is present, but no prohibited content exists. Gate 1 passes. Gate 6 redacts PII. Pipeline completes all 8 gates.
const CLEAN_CLIENT_BRIEF = `
IFA Client Brief โ Confidential
Client: Mr Thomas Whitfield
NI Number: SB 94 37 21 D
Contact: t.whitfield@personalmail.co.uk
Phone: 07823 116492
Adviser note: Mr Whitfield is reviewing his retirement planning options.
He has expressed interest in a balanced portfolio with moderate risk exposure.
Please summarise the key differences between a Stocks & Shares ISA and a
Self-Invested Personal Pension (SIPP).
`.trim();
// Expected Result:
// ๐ FINAL STATUS: TRANSFORMED
// ๐ด BEFORE (raw PII visible)
// ๐ก AFTER (PII redacted โ safe to pass to AI layer)
//
// PII REDACTION DIFF
// NAME Mr Thomas Whitfield [NAME_xxxx]
// NI_NUMBER SB 94 37 21 D [NI_NUMBER_xxxx]
// EMAIL t.whitfield@personalmail.co.uk [EMAIL_xxxx]
// PHONE 07823 116492 [PHONE_xxxx]
6. REST Endpoint Integration
Standard REST integration replaces your existing LLM base URL with your dedicated CAIS VPC endpoint. Authentication requires your CAIS API key and the end-user's session token.
// POST /v1/chat/completions
// Content-Type: application/json
// Authorization: Bearer {CAIS_API_KEY}
// X-CAIS-User-Identity: {USER_JWT_OR_ID}
{
"model": "claude-3-5-sonnet",
"messages": [
{
"role": "user",
"content": "Draft an email to John Smith (NHS Number 123 456 7890) confirming his appointment."
}
],
"cais_governance": {
"active_cartridges": ["NHS_DSPT", "UK_GDPR"],
"enforce_pii_redaction": true
}
}
7. Webhook & Telemetry Subscriptions
For immediate incident response, organisations can subscribe to CAIS webhooks. Webhooks are fired asynchronously and do not impact the sub-20ms inline latency SLA.
cais.prompt.hard_stop: Fired immediately when a Gate terminates a request.
cais.audit.ledger_committed: Fired when the transaction hash is successfully written.
cais.system.latency_breach: Fired if pipeline execution exceeds the 20ms threshold.
8. Deployment & Integration
Deployment models:
Shared cloud infrastructure (standard SME deployments)
Private VPC (Governance Engine and Institutional tiers)
On-premise air-gapped deployment (Institutional tier only)
Integration support:
7-Day rapid activation for standard deployments
Dedicated deployment engineering for VPC and on-premise
Documented policy configuration for SRA, FCA, and NHS frameworks included as standard
For deployment enquiries, contact: governance@complianceaishield.com
Compliance AI Shield Limited | Company Registration Number: 17303702
Registered Office: 71โ75 Shelton Street, Covent Garden, London WC2H 9JQ
Compliance AI Shield Limited
API Documentation & Integration Guide
WE GOVERN AI EXECUTION.โข
1. Overview
This document is intended for developers, IT security teams, and technical integrators evaluating or deploying the Compliance AI Shield (CAIS) runtime governance proxy within UK regulated environments.
The CAIS integration layer sits inline between your organisation's users and any downstream AI model โ intercepting prompts before execution, enforcing deterministic regulatory policy controls, and returning cryptographically verifiable audit provenance on every transaction.
Supported AI Environments:
Microsoft Copilot
ChatGPT Enterprise
Claude Team
Any API-accessible LLM endpoint
Regulatory Frameworks Enforced:
SRA Code of Conduct
FCA Consumer Duty & COBS
UK GDPR & Data Protection Act 2018
EU AI Act (extraterritorial scope)
NHS DSPT & DCB0129 Clinical Safety
UK AISI Standards
ISO 42001
Target SLA: Sub-20ms inline latency per transaction. SLA breach telemetry is emitted automatically.
2. The 7-Gate Pipeline Schema
The following shared primitives define the strict typing used by the regulatory engine for payload evaluation and tracking.
export type GateStatus = "PASS" | "HARD_STOP" | "TRANSFORMED" | "FLAGGED";
export interface GateResult<TMeta = Record<string, unknown>> {
gateId: number;
gateName: string;
status: GateStatus;
inputContent: string;
outputContent: string;
wasTransformed: boolean;
durationMs: number;
meta: TMeta;
timestamp: string; // ISO-8601
}
export interface LogicGate<TMeta = Record<string, unknown>> {
readonly gateId: number;
readonly gateName: string;
evaluate(content: string, context: TransactionContext): Promise<GateResult<TMeta>>;
}
export interface TransactionContext {
transactionId: string; // UUID v4
direction: "PROMPT" | "OUTPUT";
userId?: string;
orgId?: string;
regulatoryJurisdiction: "UK" | "EU" | "BOTH";
assetClass?: "RWA" | "TOKEN" | "NONE";
sessionMeta?: Record<string, unknown>;
}
3. CAIS Pipeline Orchestrator Implementation
The orchestrator synchronously evaluates prompts and outputs across the regulatory logic gates, logging deterministic outcomes directly to the CAIS Audit Ledger.
import { performance } from "perf_hooks";
class CAISPipeline {
private readonly gates: [
RegulatoryGate,
CyberGate,
FinancialGate,
HRBiasGate,
HSESafetyGate,
DataVaultGate,
RWAShieldGate,
];
private readonly auditLedger: AuditLedger;
constructor(gates: any, auditLedger: AuditLedger) {
this.gates = gates;
this.auditLedger = auditLedger;
}
async process(rawContent: string, context: TransactionContext): Promise<PipelineResult> {
const pipelineStart = performance.now();
const gateResults: GateResult[] = [];
let workingContent = rawContent;
let hardStopped = false;
let hardStopGateId: number | null = null;
for (const gate of this.gates) {
const result = await gate.evaluate(workingContent, context);
gateResults.push(result);
if (result.status === "HARD_STOP") {
hardStopped = true;
hardStopGateId = gate.gateId;
break;
}
workingContent = result.outputContent;
}
const auditResult = await this.auditLedger.evaluate(workingContent, context, gateResults);
gateResults.push(auditResult);
const finalStatus = this.deriveFinalStatus(gateResults);
const totalDurationMs = performance.now() - pipelineStart;
this.emitPerformanceTelemetry(totalDurationMs, context, hardStopGateId);
return {
transactionId: context.transactionId,
finalStatus,
finalContent: hardStopped ? "" : workingContent,
gateResults,
totalDurationMs,
auditReceipt: auditResult.meta,
};
}
private deriveFinalStatus(results: GateResult[]): GateStatus {
if (results.some((r) => r.status === "HARD_STOP")) return "HARD_STOP";
if (results.some((r) => r.status === "FLAGGED")) return "FLAGGED";
if (results.some((r) => r.status === "TRANSFORMED")) return "TRANSFORMED";
return "PASS";
}
private emitPerformanceTelemetry(totalDurationMs: number, context: TransactionContext, hardStopGateId: number | null): void {
const SLA_MS = 20;
const breached = totalDurationMs > SLA_MS;
if (breached) console.warn("[CAIS] SLA breach โ 20ms target exceeded");
}
}
4. Gate Implementations
4.1 Gate 1: RegulatoryGateImpl
const FINANCIAL_GUARANTEE_PATTERNS = [
/\bguarantee[sd]?\b[^.!?]{0,80}\b\d[\d,.]*\s*(?:%|percent)\b/i,
/\bpromise[sd]?\b[^.!?]{0,80}\b\d[\d,.]*\s*(?:%|percent)\s*(?:return|yield|profit|gain)/i,
];
class RegulatoryGateImpl implements RegulatoryGate {
readonly gateId = 1 as const;
readonly gateName = "REGULATORY" as const;
async evaluate(content: string, context: TransactionContext): Promise<GateResult<RegulatoryMeta>> {
const start = performance.now();
let hardStop = false; // Logic omitted for brevity
return {
gateId: 1,
gateName: "REGULATORY",
status: hardStop ? "HARD_STOP" : "PASS",
inputContent: content,
outputContent: hardStop ? "[BLOCKED: REGULATORY_GATE]" : content,
wasTransformed: hardStop,
durationMs: performance.now() - start,
meta: { matchedRules: [], jurisdictionApplied: "UK_AISI" },
timestamp: new Date().toISOString(),
};
}
}
4.2 Gate 6: DataVaultGateImpl
import { createHash, randomBytes, createCipheriv, createDecipheriv } from "crypto";
const VAULT_KEY = randomBytes(32);
class DataVaultGateImpl implements DataVaultGate {
readonly gateId = 6 as const;
readonly gateName = "DATA_VAULT" as const;
private readonly vault = new Map<string, VaultEntry>();
async evaluate(content: string, context: TransactionContext): Promise<GateResult<DataVaultMeta>> {
const start = performance.now();
// 1. Detect PII -> 2. Tokenise and Vault -> 3. Apply Redactions
return {
gateId: 6,
gateName: "DATA_VAULT",
status: "TRANSFORMED",
inputContent: content,
outputContent: "[REDACTED CONTENT]",
wasTransformed: true,
durationMs: performance.now() - start,
meta: { piiEntitiesFound: [], redactionStrategy: "TOKENISE", vaultReferences: [] },
timestamp: new Date().toISOString(),
};
}
}
5. Live Demo Harness: Execution Scenarios
Scenario 1: Prohibited Output (The Block)
Context: IFA submits a client brief containing PII and an unauthorised financial guarantee. Gate 1 should hard-stop before Gate 6 even runs.
const CLIENT_BRIEF = `
IFA Client Brief โ Confidential
Client: Mrs Eleanor Voss
NI Number: SB 47 12 89 C
Adviser note: Based on current market conditions, I guarantee this
investment portfolio will yield 10% annually over the next 5 years.
`.trim();
// Expected Result:
// ๐ FINAL STATUS: HARD_STOP
// ๐ด BEFORE: (original content)
// ๐ก AFTER: [CONTENT BLOCKED โ not released to caller]
Scenario 2: Clean IFA Brief (The Filter)
Context: A legitimate client brief. PII is present, but no prohibited content exists. Gate 1 passes. Gate 6 redacts PII. Pipeline completes all 8 gates.
const CLEAN_CLIENT_BRIEF = `
IFA Client Brief โ Confidential
Client: Mr Thomas Whitfield
NI Number: SB 94 37 21 D
Contact: t.whitfield@personalmail.co.uk
Phone: 07823 116492
Adviser note: Mr Whitfield is reviewing his retirement planning options.
He has expressed interest in a balanced portfolio with moderate risk exposure.
Please summarise the key differences between a Stocks & Shares ISA and a
Self-Invested Personal Pension (SIPP).
`.trim();
// Expected Result:
// ๐ FINAL STATUS: TRANSFORMED
// ๐ด BEFORE (raw PII visible)
// ๐ก AFTER (PII redacted โ safe to pass to AI layer)
//
// PII REDACTION DIFF
// NAME Mr Thomas Whitfield [NAME_xxxx]
// NI_NUMBER SB 94 37 21 D [NI_NUMBER_xxxx]
// EMAIL t.whitfield@personalmail.co.uk [EMAIL_xxxx]
// PHONE 07823 116492 [PHONE_xxxx]
6. REST Endpoint Integration
Standard REST integration replaces your existing LLM base URL with your dedicated CAIS VPC endpoint. Authentication requires your CAIS API key and the end-user's session token.
// POST /v1/chat/completions
// Content-Type: application/json
// Authorization: Bearer {CAIS_API_KEY}
// X-CAIS-User-Identity: {USER_JWT_OR_ID}
{
"model": "claude-3-5-sonnet",
"messages": [
{
"role": "user",
"content": "Draft an email to John Smith (NHS Number 123 456 7890) confirming his appointment."
}
],
"cais_governance": {
"active_cartridges": ["NHS_DSPT", "UK_GDPR"],
"enforce_pii_redaction": true
}
}
7. Webhook & Telemetry Subscriptions
For immediate incident response, organisations can subscribe to CAIS webhooks. Webhooks are fired asynchronously and do not impact the sub-20ms inline latency SLA.
cais.prompt.hard_stop: Fired immediately when a Gate terminates a request.
cais.audit.ledger_committed: Fired when the transaction hash is successfully written.
cais.system.latency_breach: Fired if pipeline execution exceeds the 20ms threshold.
8. Deployment & Integration
Deployment models:
Shared cloud infrastructure (standard SME deployments)
Private VPC (Governance Engine and Institutional tiers)
On-premise air-gapped deployment (Institutional tier only)
Integration support:
7-Day rapid activation for standard deployments
Dedicated deployment engineering for VPC and on-premise
Documented policy configuration for SRA, FCA, and NHS frameworks included as standard
For deployment enquiries, contact: governance@complianceaishield.com
Compliance AI Shield Limited | Company Registration Number: 17303702
Registered Office: 71โ75 Shelton Street, Covent Garden, London WC2H 9JQ