Aegis Trace

The regulatory notary
for AI decisions

A complete, defensible record of every AI decision your firm makes, ready the moment a regulator asks. One signed certificate per decision, independently verifiable by anyone who holds it.

The Aegis Trace compliance dashboard: certificate totals, pass, fail and flag volumes, and the workstream summary

What every Aegis Trace certificate guarantees

Every AI decision becomes a single signed certificate, created the moment the decision is made, not reconstructed under pressure months later.

  • One certificate per decision

    Every AI decision becomes a single signed certificate that records what was decided and on what basis.

  • Independently timestamped

    Each certificate is timestamped by an independent authority, so the moment it was sealed cannot be disputed.

  • Tamper-proof

    Records are signed and written to storage that cannot be altered, so the evidence stands up to scrutiny.

  • Verifiable years later

    Anyone holding a certificate can verify it, with no Aegis Trace account required.

The evidence platform your compliance team controls

Aegis Trace gives compliance, audit and risk teams everything they need to turn each AI decision into defensible, independently verifiable evidence.

Decision capture

Capture every AI decision as it happens. Aegis Trace records what was decided and the basis for it, so nothing has to be reconstructed later.

Redaction at source

Personal data is stripped inside your own environment before anything leaves it, so identifiable client data is never handed over.

client_name

Regulatory mapping

Each decision is checked against the regulatory clauses that apply, with evidence recorded against every obligation.

consumer-duty-v1

Tamper-evident records

Certificates are signed and written to storage that cannot be altered, so the record holds up under scrutiny.

sig 8f1c…9c2

Independent verification

Anyone holding a certificate can confirm it is genuine and unchanged, years later, without an Aegis Trace account.

Long-term retention

Evidence is retained to match the periods regulated firms must keep, including the FCA SYSC 9 retention of 5 years.

5 yr0

From decision to defensible evidence

Every decision passes through the same four steps, so the evidence is created the moment the decision is made, not reconstructed under pressure months later.

01 Redact

Personal data is stripped inside your own environment. Aegis Trace never receives identifiable client data.

02 Assess

The decision is checked against the regulatory clauses that apply, including FCA Consumer Duty, the EU AI Act and data protection, with evidence recorded for each.

03 Seal

The record is independently timestamped, then signed and written to storage that cannot be altered.

04 Verify

Anyone holding the certificate can check it, years later, with no Aegis Trace account.

Coverage that keeps pace
with the rules

Aegis Trace maps each decision against Atlas, a living library of the regulatory regimes your firm answers to, kept current as the rules change.

  • Regulatory regimes000
  • Jurisdictions00
  • Categories00
Explore the Atlas regulatory library

Built for the rules you answer to

Liability for an AI decision sits with the firm running the model. Each certificate maps cleanly to the obligations regulated firms already work under.

FCA Consumer Duty

Evidence that each AI-influenced outcome was fair and defensible, ready the moment the FCA asks.

EU AI Act, Article 12

Record-keeping and traceability for high-risk AI decisions, captured automatically as they happen, ahead of the 2 August 2026 obligations.

UK Data (Use and Access) Act 2025

A defensible record behind automated decisions that affect individuals, ready for scrutiny.

Security

Built to be trusted with regulated evidence

Aegis Trace is designed for compliance, audit and risk teams in regulated firms. Personal data is redacted before it leaves your environment, records are signed and tamper-evident, and every certificate can be independently verified.

Learn about security about /securityLearn about security
  • Personal data redacted at source

  • Signed, tamper-evident records

  • Independent timestamping

  • Independent verification

  • Long-term evidence retention

  • Mapped to regulatory obligations

  • Full audit visibility

  • Decisions captured as they happen

  • Evidence ready for the regulator

  • Defensible, decision-level record

Where Aegis Trace fits

Governance platforms manage AI risk. Aegis Trace proves each decision.

AI governance platforms govern risk across your organisation: policies, model inventories and oversight. That work matters, and it sits above the individual decision.

Aegis Trace does something narrower and deeper: it produces independent evidence about each individual decision your AI makes. Most serious firms need both.

Be ready before the regulator asks

Put a defensible record behind every AI decision your firm makes. See how teams use Aegis Trace, or talk it through with us.