Isolated tenant. No shared infrastructure.·EU AI Act enforcement begins August 2, 2026.

Your agents do not follow policy.
They carry it.

PhronEdge is the enforcement control room for autonomous AI agents in regulated enterprise. Compliance, the architect, and the CISO sign together. Every tool call is checked. Every block is cited. Every decision is hashed.

phronedge.com / studioUS · 2 agents · 3 tools · signed
PhronEdge Studio: signed agent canvas with credential JSON, OPA Rego policy artifact, framework chips (EU AI Act, GDPR, ISO 42001, NIST AI RMF, GLBA, DORA, PCI-DSS, SOX, SR 11-7), and live system status.
3 governed policies · signed and deployedpolicy_hash · 10dd89feebf07666 · ES256 signed
Sovereignty

In 18 months, your AI agents will outnumber your employees.

They will process claims. Move money. Delegate tasks to other agents you did not build. Operate in jurisdictions you have never registered in.

When something goes wrong, it will be a breach, a lawsuit, or a headline.

Compliance does not solve this. The real question is sovereignty.

Agents do not read documents. They do not attend training. Today's governance infrastructure was designed for humans. Every PhronEdge agent carries its own credential, signed by three roles, enforced at the moment of action.

The product surface

Four pillars. One signed runtime.

What ships in the box. Every agent registered. Every tool declared. Every policy resolved at sign time. Every jurisdiction loaded and live.

01
Agent Registry
Every agent under one ledger.
Identityrole · tier · owner
Enrollmentcryptographic, signed by three
Lifecyclespawn to revoke, hashed
02
Tool Registry
Every callable function declared.
SurfaceSDK · MCP · HTTP
Data classPUB · PII · PHI · FIN · SPC
Permissionscoped at sign time
03
Live Policy
Resolved at sign time. Enforced in memory.
Frameworks36+ pre-mapped
Ceremonycompliance · architect · CISO
Amendmentsdiff · revoke · reissue
04
Jurisdiction Intelligence
195 jurisdictions in your runtime.
Privacy regimeslive database
Corridor matrixtransfer windows
Citationcontrolling statute at denial
195
Jurisdictions
36+
Frameworks
7
Checkpoints
<50ms
Gateway latency
P-256
ECDSA signing
The control room

An air traffic control tower.
Not a compliance dashboard.

Compliance writes the flight rules. The architect designs the routes. The CISO has the radio and the kill switch. Every plane in the air is signed, tracked, and accountable to the same control room. Nothing flies without a signed flight plan. Nothing changes course without a co-signed amendment.

01

Sign together. Or not at all.

Compliance signs the policy. The architect signs the build. The CISO signs the risk acceptance. No single role can deploy alone. Every amendment requires the same co-signature ceremony that produced the original. Role authority enforced at the cryptographic layer, not the workflow layer.

Amendment ceremonyv1.2 → v1.3
3 of 3 required
Compliance
Sarah Chen
Wrote the rules.
signed14:02:18
Architect
Marcus Reid
Designed the build.
signed14:14:53
CISO
Eva Lindqvist
Accepted the risk.
signingnow
policy_hash on completion · sha256:9d2e…4c81No single role can deploy alone.
02

Watch every plane.

The CISO sees every action every agent takes in real time. Allow, block, citation, timestamp. Streamed and chained.

Live event feedSHA-256 chained
ALLOWED
search_claims
claims-investigator
14:32:08
ALLOWED
lookup_patient
medical-reviewer
14:32:06
BLOCKED
access_records
claims-investigator· GDPR Art. 9
14:32:01
ALLOWED
fraud_score
fraud-detector
14:31:58
BLOCKED
transfer_pii
claims-investigator· PIPL Art. 38
14:31:49
03

Act from anywhere.

Quarantine suspends tool access. Kill revokes the credential globally. From a phone, a laptop, anywhere on earth. The agent stops at the next call.

CISO controlINCIDENT
Eva Lindqvist · mobile · Stockholm
Target agent
fraud-detectorANOMALY
policy hash drift · 47s ago
Effect
Credential revokedglobally · all regions
Tool access cutat next call
Audit chain entrysha256:f8a3…22d4
Compliance notifiedauto · 14:32:08
From a phone in Stockholm. Effect anywhere on earth.

Other vendors give you a folder. PhronEdge gives you the tower.

Open the Console →
See it sign

The ceremony, in motion.

Three roles. One signed credential. 2 minutes from draft to deployable.

screen recording · signing ceremony
awaiting capture
draft → compliance signs → architect signs → CISO signs → live
00:00
02:14
Corridor enforcement

An agent in Germany delegates to sub-agents in the UK and France.

Different data classifications. Different consent rules. Different AI regulations. The agent needs permission to delegate. The sub-agent needs permission to escalate. The tool needs permission to execute.

All resolved and enforced in memory before the tool call returns. Not in a quarterly audit. Not on a dashboard the next morning. At the moment of action.

Now extend the corridor to China.
phronedge.com / risk-map195 jurisdictions · live
Risk Map: Germany to China data transfer status PROHIBITED. PIPL, DSL, CSL citations rendered live.
Germany → China · PROHIBITED · PIPL Art. 38resolved at sign time · cited at denial
risk-map / us → cn7 of 7 blocked
Corridor intel panel: US to China BLOCKED. Permitted exporter, high-restriction destination. 19 frameworks, 3 corridors. All seven data classes (PUB, INT, PII, PHI, SPC, FIN, RST) blocked.
US → CN · per data class19 frameworks · 3 corridors

Every agent operation crosses borders. Every operation needs this.

What ships

Sign. Block. Cite. Hash.

01 · Signed

Cryptographic credentials, not policy documents.

Every agent receives an ECDSA P-256 signed credential naming its tools, models, jurisdictions, and the laws the policy was resolved against. Three roles co-sign. The credential travels with the agent.

Modify it, the signature breaks. Revoke it, the agent stops at the next call.

{
  "credential_id":  "cred-claims-7a2",
  "agent_id":       "claims-agent",
  "tier":           "T3 · human-in-the-loop",
  "tools":          ["claims_lookup", "fraud_scan"],
  "models":         ["gpt-4o", "claude-sonnet-4"],
  "data_classes":   ["PUB", "PII", "FIN"],
  "jurisdictions":  ["US", "DE", "FR"],
  "applicable":     ["GDPR", "EU AI Act", "DORA"],
  "policy_hash":    "sha256:e613f9ae...",
  "anchor_hash":    "sha256:b1d73440...",
  "signature":      "ECDSA P-256:MEUCIQDx...",
  "signed_by": [
    { "role": "compliance", "name": "Sarah Chen" },
    { "role": "architect",  "name": "Marcus Reid" },
    { "role": "ciso",       "name": "Eva Lindqvist" }
  ]
}
02 · Blocked

At the boundary. Not flagged after.

7 checkpoints in under 50 milliseconds. Unauthorized actions are blocked before the tool fires. By the time another vendor would surface a violation in a dashboard, PhronEdge has already prevented it.

The block is the action. The dashboard is the receipt.

Gateway · 7-checkpoint pipelineaccess_records · claims-investigator
01
Credential
02
Tier
03
Tool
04
Jurisdiction
05
Data class
06
Statute
07
Output
evaluation halts at first deny · checkpoints 06 and 07 not reached
BLOCKED at checkpoint 05
latency · 38ms
Cited statute
GDPR Article 9
Processing of special categories of personal data requires explicit consent or specific legal basis.
hashed to chain · sha256:9f3c…44e2tool never executed
03 · Cited

The law that prohibits the action. By name.

When PhronEdge blocks, the denial names the controlling statute. PIPL Article 38. GDPR Article 9. HIPAA 45 CFR 164.514. The platform ships with 195 jurisdictions and 36 frameworks pre-resolved against your scope.

You do not author Standard Contractual Clauses. The intelligence ships with the platform.

Action denied
14:23:07 UTC
Tool
cross_border_transfer
Agent
claims-agent
Corridor
EU → CN · PII data class
Cited statute
PIPL Article 38
Cross-border transfer requires CAC security review. 45 to 60 working days before the corridor enables.
chained · sha256:9f3c8b…44e2exportable to regulator
Live runtime

Watch enforcement happen.

Every active agent. Every tool call. Every block. Streamed in real time, signed and chained. Tamper one event and the chain breaks.

claims-investigatorACTIVE
342
calls · 4 blocked
medical-reviewerACTIVE
128
calls · 2 blocked
fraud-detectorQUARANTINED
0
calls · 0 blocked

Resolved and enforced in memory before the tool call returns. Not in a quarterly audit.At the moment of action.

Architecture

Separation of duties by design.

Five components. Each can do one thing. None can do the others. The same boundaries an OCC examiner, an EBA inspector, or an FDA auditor would draw on a whiteboard, enforced by the system at runtime.

01
The Brain
Signs
ECDSA P-256 signing
Policy authoring
Co-signature ceremony
Cannot enforce calls
02
The Gateway
Enforces
7 checkpoints
Sub-50ms latency
Block at boundary
Cannot sign policy
03
The Anchor
Proves
SHA-256 chain
Tamper-evident
Per-tenant isolation
Cannot rewrite history
04
The Enforcer
Revokes
Kill switch
Quarantine
Credential revocation
Cannot view chain
05
The Observer
Reports
Real-time telemetry
Anomaly detection
Drift alerts
Cannot revoke or block
The contract

A signed runtime emerges only when all five separations hold.

No shortcut. No exception.
The chain proves it.

Operational flowpolicy lifecycle
SignBrainIssuecredentialEvaluateGatewayAnchorSHA-256 chainObserveObserverEnforceEnforcer
Audit chainruns through all five.
No component can rewrite the chain it observes.
For your engineers

Three lines. Any framework.

The SDK is intentionally thin. Engineers govern functions. The Console controls what each agent is permitted to do. The CLI verifies before deploy and blocks ungoverned code.

LangChainCrewAIGoogle ADKOpenAIPydantic AIAutoGen
Read the SDK reference →
your_agent.py
$ pip install phronedge

from phronedge import PhronEdge
pe = PhronEdge(api_key="pe_live_...")

@pe.govern("lookup_claim")
def lookup_claim(claim_id: str) -> str:
return db.query(claim_id) # 7 checkpoints. under 50ms.
Industries

Pre-mapped for regulated industries.

Each overlay traces to statutes and supervisory expectations. Curated, versioned, revisable.

Financial Services
DORA · SR 11-7 · BCBS 239 · MiFID II
Healthcare
HIPAA · HITECH · FDA SaMD · 21 CFR Part 11
Insurance
NAIC AI Model Law · Solvency II · NYDFS 308
Defense
FedRAMP High · CMMC L3 · ITAR · IL5
Pharmaceutical
FDA 21 CFR Part 11 · GxP · ICH Q9
Enterprise tech
ISO 42001 · SOC 2 · GDPR · OWASP Agentic
The hard part

Anyone can build an agent. Governing it is what every production team gets stuck on.

PhronEdge ships two routes. Hosted gateway, or deployed in your environment.
Your keys. Your chain. Per tenant, always. Same enforcement at the boundary.

Every agent born governed.From the moment it carries the credential.

30 minutes. The architecture. The proof flow. Onboarding for your stack.

EU AI Act enforcement begins August 2, 2026 · 7% of global revenue