Compliance by
Architecture.
Structural constraints, not policy overlays.
Designed first, then made compliant.
Derived under compliance constraints from inception.
The architecture cannot express non-compliant states. Compliance is not selectively applied or partially implemented.
Each Layer Constrains All Inner Layers
Three Regulations. Architecturally Satisfied.
Domain boundary evaluation, observation architecture, human-readable explanations, mandatory review, calibration loop, structural validation, access-controlled pipeline
Full compliance from inception. Not retrofitted for 2 August 2026 deadline.
Exclusive competence evaluation, auto-scheduled deletion, protocol-bounded observation, traceable decisions, full data subject rights supported
Agents structurally prevented from recording outside defined protocol.
Age, gender, ethnicity, nationality, religion, disability — architecturally excluded from the entire assessment pipeline. Not represented in the information structure.
The system cannot discriminate on protected characteristics because those characteristics do not exist in it.
Five Gates Before Deployment
Jurisdiction-specific compliance checklist: minimum wage rates, Working Time Directive hours, health and safety documentation.
A1 certificate status tracked as deployment precondition. No recommendation released without social security documentation verified.
Credential recognition status for destination jurisdiction. Gaps identified before deployment, not after arrival.
SCC (Germany), CSCS (UK), offshore safety (Norway). Certification requirements identified and status included in recommendation.
Deployment jurisdiction mapped to applicable collective agreement provisions. Compliance requirements included from scoping phase.
Every Decision Traceable
Every link queryable. Every decision reconstructable. Structured audit trail from domain evaluation to deployment recommendation.
Every assessment decision produces a structured, queryable audit trail. Any decision reconstructable and explainable to candidate, client, or regulatory authority.
Summary for the candidate: performance across dimensions and basis for recommendation. Technical for audit: specific outcomes linked to specific observations.
Assessment outputs monitored for distributional anomalies across protected characteristics. Anomaly triggers architectural review to identify and resolve structural cause.
— "Compliance is not a feature we added — it is a constraint the architecture was derived under. You cannot make the system non-compliant without rebuilding it from scratch."