Factual posture of Mnemom’s third-party compliance and contract programs, as of the most recent documentation update. For current attestation status or evidence requests, contact your Mnemom account team.
SOC 2 Type II. On the roadmap. Pre-audit readiness work is in progress; third-party audit engagement has not yet begun, and no SOC 2 report is currently available. Security questionnaires, architecture reviews, and control evidence are available to enterprise customers under NDA.
ISO 27001. Not currently pursued.
GDPR Data Processing Agreement (DPA). Available to enterprise customers on request. Contact [email protected].
EU AI Act Article 50 transparency. Addressed by the AAP + AIP mapping documented on this page (below).
GDPR Article 17 right to erasure. Addressed by the deletion cascade documented in GDPR data subject rights.
This section records the program status as stated; it is not a certification or an attestation in itself. The SOC 2 entry in particular is a roadmap statement and should not be read as a claim of current certification.
The EU AI Act’s Article 50 establishes transparency obligations for providers and deployers of AI systems. These obligations require that users are informed they are interacting with AI, that AI-generated content is machine-detectable, that decisions are explainable, and that audit trails are maintained.Both protocols in the Mnemom trust plane address these requirements:
AAP (Agent Alignment Protocol) provides post-hoc audit trails — what the agent did, with structured decision records and verification.
AIP (Agent Integrity Protocol) provides real-time transparency — what the agent was thinking, with integrity checkpoints and concern detection.
Together they satisfy both dimensions of Article 50 transparency. The cross-protocol linkage (IntegrityCheckpoint.linked_trace_id references APTrace.trace_id) creates a complete audit chain from reasoning to decision.
This document reflects a technical mapping of AAP and AIP features to Article 50 requirements. It does not constitute legal advice. Consult qualified legal counsel for your specific compliance obligations.
Requirement: Providers shall ensure that AI systems intended to interact directly with natural persons are designed and developed in such a way that the natural persons concerned are informed that they are interacting with an AI system.
Obligation
AAP Field
How It Satisfies
Identify the AI system
AlignmentCard.agent_id
Unique, persistent agent identifier
Identify the principal
AlignmentCard.principal
Declares human/org oversight and relationship type
Disclose AI nature
extensions.eu_ai_act.disclosure_text
Machine-readable disclosure text for presentation to users
Classify the system
extensions.eu_ai_act.ai_system_classification
Declares risk classification per AI Act categories
SDK preset: EU_COMPLIANCE_EXTENSIONS provides a ready-made extension block:
from aap.compliance import EU_COMPLIANCE_EXTENSIONScard = AlignmentCard( ..., extensions=EU_COMPLIANCE_EXTENSIONS,)# card.extensions["eu_ai_act"]["disclosure_text"] contains the disclosure
Requirement: Providers of AI systems shall ensure that the outputs of the AI system are marked in a machine-readable format and detectable as artificially generated or manipulated.
Obligation
AAP Field
How It Satisfies
Machine-readable format
AP-Trace structured JSON
Every decision is a structured, parseable record
Protocol versioning
AlignmentCard.aap_version
Protocol version enables tooling compatibility
Trace format declaration
audit_commitment.trace_format = "ap-trace-v1"
Declares the structured format used
Agent attribution
APTrace.agent_id + APTrace.card_id
Every trace links to the producing agent and its card
AP-Traces are inherently machine-readable — they are structured JSON documents with a defined schema. Any system processing AAP-instrumented agent output can parse the trace to determine that it was AI-generated and by which agent.
Requirement: Deployers of AI systems that generate or manipulate content shall disclose that the content has been artificially generated or manipulated.
Obligation
AAP Field
How It Satisfies
Decision reasoning
APTrace.decision.selection_reasoning
Free-text explanation of why the agent chose this action
Values applied
APTrace.decision.values_applied
Which declared values influenced the decision
Alternatives considered
APTrace.decision.alternatives_considered
All options the agent evaluated, with scores
Escalation evaluation
APTrace.escalation.evaluated + triggers_checked
Whether human oversight was considered and why
Confidence
APTrace.decision.confidence
Agent’s self-assessed confidence in the decision
The AP-Trace decision block provides complete transparency into agent reasoning: what alternatives were considered, how they were scored, which values were applied, and why the selected option was chosen. This goes beyond Article 50’s minimum requirements by making the full decision process auditable.
{ "eu_ai_act": { "article_50_compliant": True, "ai_system_classification": "general_purpose", "disclosure_text": "This system is powered by an AI agent. Its decisions " "are logged and auditable. You may request a human " "review of any decision.", "compliance_version": "2026-08", },}
Requirement: Providers shall ensure that AI systems intended to interact directly with natural persons are informed that they are interacting with an AI system.
Obligation
AIP Field
How It Satisfies
Identify the AI system
IntegrityCheckpoint.agent_id
Unique agent identifier in every checkpoint
Link to alignment declaration
IntegrityCheckpoint.card_id
References the AAP Alignment Card
Session tracking
IntegrityCheckpoint.session_id
Groups checks within a conversation
Provider identification
IntegrityCheckpoint.provider + model
Identifies the underlying LLM
Every Integrity Checkpoint carries the agent’s identity, linking real-time analysis back to the agent’s declared alignment posture (the AAP Alignment Card).
Requirement: Providers of AI systems shall ensure that the outputs of the AI system are marked in a machine-readable format and detectable as artificially generated or manipulated.
Obligation
AIP Field
How It Satisfies
Structured format
IntegrityCheckpoint JSON
Every checkpoint is structured, parseable JSON
Content integrity
thinking_block_hash
SHA-256 hash of the thinking block — tamper-evident
Protocol versioning
AIP protocol version in headers
X-AIP-Version header on all responses
Unique identification
checkpoint_id (ic-{uuid})
Every checkpoint is uniquely identified
Integrity Checkpoints are inherently machine-readable. The thinking_block_hash provides cryptographic evidence that a specific thinking block was analyzed, without exposing the thinking block content itself.
Requirement: Deployers shall disclose that content has been artificially generated or manipulated. Systems shall provide explanations of their operation.
Obligation
AIP Field
How It Satisfies
Reasoning summary
IntegrityCheckpoint.reasoning_summary
Natural-language explanation of the integrity analysis
Values checked
ConscienceContext.values_checked
Which conscience values were evaluated
Value conflicts
ConscienceContext.conflicts
Which values were in tension
Value supports
ConscienceContext.supports
Which values the thinking aligned with
Integrity verdict
IntegrityCheckpoint.verdict
clear, review_needed, or boundary_violation
Specific concerns
IntegrityCheckpoint.concerns[]
Categorized concerns with evidence and severity
The ConscienceContext block provides Article 50’s required transparency into how the AI system’s reasoning was evaluated. The reasoning_summary field provides a human-readable explanation suitable for disclosure.
Fail-closed ensures no agent response passes without integrity analysis. Timeout extended to 15 seconds (vs. default 10) to reduce false failures.These are available in both Python and TypeScript:
from aip import EU_COMPLIANCE_WINDOW_CONFIG, EU_COMPLIANCE_FAILURE_POLICY
import { EU_COMPLIANCE_WINDOW_CONFIG, EU_COMPLIANCE_FAILURE_POLICY,} from "@mnemom/agent-integrity-protocol";
AAP provides post-hoc audit trails (what the agent did). AIP provides real-time transparency (what the agent is thinking). Together they satisfy both dimensions of Article 50:
AAP EU Compliance Example — Creates an EU-compliant Alignment Card, generates a traced decision, verifies it, and prints a compliance summary.
AIP EU Compliance Example — Creates an AIP configuration with EU compliance presets, runs an integrity check, shows the checkpoint audit trail, and demonstrates fail-closed behavior.
Signed Managed Rule envelope (spec); published /trust/slos (propagation P95 ≤ 30s, freshness P99 ≤ 5min, failover 99.99%); /concepts/protection-network for the architectural reference
Joint compliance responsibility. AEGIS produces the verifiable evidence the Act requires; mapping that evidence to your specific deployment, your AI system’s risk classification, and your DPIA process is the customer’s compliance obligation. Mnemom provides the substrate; the regulatory framing is yours.
The advisory CMS gives you the Article 12-aligned incident-reporting surface; the synthetic GA seed exercises the full pipeline so the first real advisory inherits a proven flow.
The US NIST AI Risk Management Framework (AI RMF 1.0) organizes trustworthy-AI risk management into four functions — GOVERN, MAP, MEASURE, MANAGE. Mnemom is a runtime trust substrate, not an AI-risk-management program in itself: the table below maps each function to the shipped Mnemom controls that produce evidence or enforcement for it, and states plainly where a function is the customer’s organizational responsibility rather than something Mnemom provides.
This is a technical mapping of shipped product behavior to the AI RMF functions, for buyers who organize their AI risk program around the framework. It is not a NIST certification or conformity assessment (the AI RMF is a voluntary framework and is not certifiable), and it does not discharge your organization’s own GOVERN responsibilities. Anchor each row to your own risk process.
AI RMF function
What it covers (NIST AI 100-1)
Mnemom shipped controls that support it
Honest scope
GOVERN
Organizational risk culture, accountability, and AI policies across the lifecycle.
The Alignment Card is the machine-readable policy artifact: it declares the agent’s principal, human/org oversight relationship, and autonomy envelope. CLPI governs that policy across the agent lifecycle; Managed Rules promotion is dual-control (tier-1/-2 structural CHECK constraint + signed-promotion audit chain on recipe_review_actions) so detection-policy changes are accountable.
Partial / customer-owned. Mnemom provides the per-agent policy + governance substrate; the organizational governance program (roles, approval authority, AI policy, third-party-model intake) is the customer’s. Mnemom’s own org attestations (SOC 2) are roadmap, not certified — see Compliance programs above.
MAP
Establish the context that frames an AI system’s risks.
The Alignment Card frames each agent’s purpose, principal, and declared autonomy/integrity bounds; the EU AI Act extension (extensions.eu_ai_act.ai_system_classification) records the risk classification; the OWASP Agentic Top 10 mapping frames the agent threat surface against a named taxonomy.
Shipped (per-agent framing). Mnemom captures the per-agent risk context as structured, machine-readable declarations. Whole-portfolio / use-case risk framing across an org’s AI estate is the customer’s mapping exercise.
MEASURE
Quantitative/qualitative analysis, benchmarking, and monitoring of AI risk.
AIP integrity checkpoints + verdicts measure per-decision reasoning integrity in flight; the public Trust Rating (0–1000) is a continuous reputation measure; the published /trust/slos carry quantitative SLIs (propagation P95 ≤ 30s, freshness P99 ≤ 5min, failover 99.99%); Safe House carries per-recipe false-positive telemetry + a 24h observe soak; AEGIS substrate fingerprinting measures cross-tenant behavioral deviation.
Shipped (runtime signals). These are live, published measurement surfaces. They measure the runtime dimension; pre-deployment model evaluation / red-team benchmarking against your use case is complementary and customer-run.
MANAGE
Allocate resources to mapped + measured risks; respond to, recover from, and communicate about incidents.
The Policy Engine enforces declared bounded_actions (the active control); Safe House front/back-door checkpoints act on detected threats (observe / nudge / enforce); the advisory CMS + transparency log are the incident-communication surface; AEGIS failover (99.99%) and the always-on incident responder handle respond/recover.
Shipped (runtime treatment + comms). Mnemom actively treats and communicates runtime risks. Organizational risk-resource allocation and your incident-response process around these signals remain yours.
Joint responsibility, same as the EU AI Act mapping above. Mnemom supplies the runtime controls + verifiable evidence each AI RMF function can draw on; operating the framework — your GOVERN program, your risk tolerance, your MAP of the whole AI estate, your MANAGE response process — is the customer’s. Where a function has no shipped Mnemom control, the table says so rather than implying coverage.
This page covers the EU AI Act (Article 50 transparency obligations). For GDPR compliance — including the right to erasure (Article 17) and the deletion cascade architecture — see the dedicated guide:
GDPR Data Subject Rights
Right to erasure (Article 17) — how Mnemom handles agent deletion requests, what data is removed, what is retained under legal carve-outs, and how to verify compliance.