Compliance, built as infrastructure.

AI can generate, summarize, classify, and decide — but it cannot be accountable. Accountability requires a human in the loop, which means the engineering around AI systems matters as much as the AI itself.

Compliance is the collective term for the processes, reviews, and controls that make that human oversight real. The conventional approach distributes compliance across individual judgment: every developer remembers, every PR gets reviewed, every decision point relies on someone knowing the right answer. The compounding cost is high and the failure mode is quiet.

The durable answer is infrastructure. Build the platform so the path of least resistance is the compliant path — policy enforced at the ARM layer, secure defaults in shared components, purpose tagging in the telemetry layer. When it works, “compliant” stops being a tradeoff. It’s just how the system behaves.

When the easy and right paths still diverge — and they will, at the edges — the role is advocacy: make the case for trust over expediency, and use the dilemma to inform the next iteration so future versions of it get resolved structurally.

That’s the thesis. This site documents the work of building it.