Govern regulated AI agents, one workflow at a time
Per-workflow blueprints for governing regulated AI agents at runtime: where the agent takes high-stakes action, how it fails, and how KLA gates each decision and maps the controls to the EU AI Act, FATF/AML, OFAC, NAIC, and GVP/ICH/Part 11.
KLA governs the agent you already built — it intercepts each high-stakes action, enforces policy-as-code, routes the hard calls to a named human approver, and seals independently verifiable evidence mapped to regulation. KLA does not build or sell the agent.
Financial Crime
Runtime governance blueprints for AML and financial-crime agents — transaction-monitoring alert triage and sanctions-screening hit adjudication — mapped to FATF, the EU AML package, OFAC, and the EU AI Act.
Governing a Sanctions-Screening Hit-Adjudication Agent
You govern a sanctions hit-adjudication agent by intercepting its three consequential actions — clearing a hit as a false positive (which releases a held payment or onboarding), confirming a true match (which blocks and freezes), and escalating an ambiguous fuzzy match — with a policy checkpoint that runs before the action executes, and by making the gate fail-closed on the release action rather than on the block. A clear is the irreversible, strict-liability-bearing move (an erroneous release to a blocked party is an IEEPA violation regardless of good faith), so every clear is held by default and routed to a named sanctions officer in a maker-checker gate, while the block/freeze path stays fast; binding force comes from sanctions law (OFAC's 50 Percent Rule and IEEPA strict liability, EU Reg. 269/2014 asset-freeze, the UN/FATF 'freeze without delay' standard), with the EU AI Act contributing human-oversight and logging discipline rather than an automatic Annex III high-risk classification.
Read the blueprint
Governing an AML Transaction-Monitoring Alert-Triage Agent
You govern an AML alert-triage agent by intercepting each of its consequential actions — auto-closing an alert, escalating it, drafting a SAR/STR narrative, or writing a disposition to the case system of record — with a policy checkpoint that runs before the action executes, routing the two outcomes that change a reporting obligation (auto-close and SAR-narrative) to a named L2/L3 human in a maker-checker gate, and sealing every disposition into independently verifiable lineage. The binding obligations come from AML law (FATF R.20, EU AMLR Art. 69/73, the US BSA SAR rules) and model-risk supervision (SR 11-7); the EU AI Act contributes human-oversight and record-keeping discipline rather than an automatic high-risk classification, because AML transaction monitoring is not enumerated in Annex III.
Read the blueprint
Insurance
Runtime governance blueprints for insurance claims agents — FNOL / claims-intake triage and claims-settlement recommendation — mapped to the NAIC AI Model Bulletin, unfair-claims-settlement-practices law, and the EU AI Act.
Governing a Claims-Settlement Recommendation Agent: Fair, Explainable, Auditable Offers
You govern a claims-settlement recommendation agent by putting a policy gate in front of the one action that creates liability, the moment it sets a disposition and an offer amount: KLA's policy engine intercepts that Decision Request before it executes, lets routine offers within a configured authority limit proceed, and routes anything above the limit, denying coverage, or built on a thin investigation to a named adjuster in Decision Desk who can override the amount. Every recommendation, reason code, and human verdict is sealed into independently verifiable execution lineage that maps to the Unfair Claims Settlement Practices Act and the EU AI Act.
Read the blueprint
Governing an FNOL / Claims-Intake Triage Agent (NAIC AI Bulletin + EU AI Act)
You govern an FNOL triage agent against its binding regime — the NAIC AI Model Bulletin's written AIS Program and state unfair-claims-practices law (Model #900) — not against EU AI Act Annex III, because claims-intake triage is claims handling, not the life-and-health risk assessment or pricing that Annex III(5)(c) makes high-risk. KLA enforces that with a govern-in-place policy gate on each routing decision (fast-track, adjuster queue, or SIU), routes contested fast-tracks and SIU fraud flags to a named human approver in Decision Desk before the action executes, and seals the lineage as independently verifiable evidence.
Read the blueprint
Pharmacovigilance
Runtime governance blueprints for pharmacovigilance agents — adverse-event intake and case processing — mapped to EMA GVP, ICH E2B/E2D, and FDA 21 CFR Part 11.