The Sovaign Blog
On compliance, accountability, and AI — written plainly.
This week in EU and Dutch AI and cyber law — and how Sovaign keeps up
EU AI Act timeline changes, the Dutch Cyberbeveiligingswet moves through parliament, and the Commission’s own infrastructure gets attacked. How Sovaign’s Governance Pulse tracks it automatically.
The model will hallucinate. The question is what your system does about it.
The model will make mistakes. The relevant question for a compliance team is not how to prevent them — it is whether your system can detect them, bound them, and demonstrate that it did. A system design problem, not a model problem.
The risks Sovaign manages — and what manages them
Every system that introduces AI into a compliance workflow is itself a new source of risk. This is a feature-by-feature account of the quality, AI, and IT performance risks Sovaign is built to address — and the mechanisms that address them.
ISO 42001 and your AI project's unacknowledged obligations
ISO 42001:2023 is the international standard for AI management systems. If your organisation is deploying AI, you are already creating obligations under it — whether or not you have mapped them. Most organisations have not.
Why we built Sovaign: a story about AI that forgets, clouds that aren't yours, and compliance that deserves better
We were people who used AI every day for serious work and kept running into the same wall. The AI was genuinely impressive. But the moment the conversation ended, everything it had helped us build disappeared.
When AI agents cooperate, who is accountable?
No standard yet defines what autonomous AI agents owe each other across trust boundaries. IACS-1.0 is a draft that tries to fill that gap — and it points directly at the compliance problem Sovaign is built to solve.
We made a brochure
A short PDF overview of what Sovaign does, how a compliance manager would use it day to day, and what the main screens look like. Seven pages. No marketing fluff.
Why compliance should move at the speed of your organisation
Most compliance tools ask you to fill in a structure someone else designed. Hub-and-spoke turns that around: start with what you are required to do, and let AI discover how you actually do it.
Three models, investigated after a budget ran out
In January 2026 we ran the same EU AI Act compliance document through three AI models and measured what each extracted. The numbers are interesting. But the more useful finding is what the differences say about how to think about model choice — and why having a local fallback matters more than it might seem.
From compliance ceremony to accountability infrastructure
Most compliance work produces documentation that describes how an organisation should behave. Little of it actually proves how it does behave. That distinction is becoming critical — and AI is what is making it so.