About
We build evidence records, not governance regimes.
Audicta is the audit primitive your existing compliance program can consume. We don't tell you how to govern your AI. We give your audit a record it can stand on.
Why Audicta exists
Regulated industries — healthcare, finance, legal — already know how to defend a decision in front of an auditor. They have frameworks, controls, evidence pipelines. What's new is the decision-maker: when the decision is made by an AI agent, the evidence the auditor expects no longer exists in a form a regulator can read.
The default artifact today is a log line. "GPT-4 returned: DENY." That artifact is indefensible — it tells the auditor what was returned, not how the decision was reached, what alternatives were considered, what evidence was cited, or how confident the model was. Three years from now, the agent has been retrained twice and the original prompt is gone.
Audicta produces a different artifact: a content-addressed, schema-versioned record written contemporaneously. It captures the agent chain's reasoning, the alternatives considered, the KB chunks cited, two independent evaluators' agreement on the record's quality, and a SHA-256 hash that binds the whole document. The agent can keep improving forward; the record stays defensible exactly as it was at decision time.
That property is what regulated industries need before they can deploy AI where decisions can be challenged.
Where we are today
- Live pipeline. A reference implementation runs the three-agent chain plus dual evaluator against a synthetic prior-authorization dry-run set (lumbar imaging cases). Records are produced live and byte-verifiable in your browser. See replay →
- Schema published.
The
audicta.pa.v1record schema is documented and stable; the field-level audit-defensibility roles are written down. See architecture → - Framework mappings. HIPAA Security Rule §164.312, SR 11-7, 21 CFR Part 11, EU AI Act Annex IV, and ABA Resolution 1.1 — each mapped to specific audicta.pa.v1 elements. See compliance →