Audience: Regulators, supervisory authorities, board members, CISOs, Chief Risk Officers, procurement officers, and legal counsel. This guide contains no code, no technical jargon, and no assumptions about your engineering background.
Supervisory Authority
You oversee AI deployments and need to verify compliance claims.
Your questions (Section 6)CISO / CRO / Board
You approve budgets and need to know if your AI is actually compliant.
Your questions (Section 6)Vendor Evaluation
You write RFPs and need evaluation criteria for AI compliance tools.
Your questions (Section 6)Contents
1. Why This Guide Exists 2. The Problem: AI Systems Operate Without Proof 3. What is Cryptographic Evidence? 4. How It Works 5. What Does the Evidence Tell You? 6. What Questions Should You Ask? 7. How This Maps to Regulations You Know 8. Next Steps1. Why This Guide Exists
You oversee AI systems. Regulations require evidence that those systems behave correctly. But most organizations can only show you their intentions -- policies, design documents, and test reports written before the system was deployed.
This guide explains a different kind of evidence: cryptographic compliance evidence. It is a continuous, tamper-evident record of what an AI system actually did. Not what it was supposed to do. What it did.
You do not need to understand cryptography to read this guide. You do not need to understand software engineering. You need to understand what good evidence looks like so you can ask the right questions.
2. The Problem: AI Systems Operate Without Proof
AI models make millions of decisions every day. They approve loans, flag fraud, filter content, diagnose conditions, and draft legal documents. Each decision affects real people.
Most organizations can tell you what they intended the AI to do. They have policies. They have design specifications. They ran tests before deployment. But they cannot prove what the AI actually did after deployment, in production, on real data, at scale.
| What organizations have today | What regulators actually need |
|---|---|
| Policies and procedures (written before deployment) | Evidence of actual behavior (recorded during operation) |
| Point-in-time test reports (run once, then filed) | Continuous monitoring evidence (every day, every decision) |
| Self-reported compliance scores | Independently verifiable records |
| Editable log files | Tamper-evident records that show if they were changed |
| Vendor-specific dashboards (only accessible with vendor login) | Evidence that any third party can verify without vendor access |
3. What is Cryptographic Evidence?
A cryptographic compliance record is a tamper-evident receipt that proves a specific event occurred, at a specific time, with a specific result. Think of it as a notarized receipt for every AI decision.
Three properties make it different from traditional logs:
Tamper-evident
If anyone changes the record after the fact, the change is mathematically detectable. Like a sealed envelope that shows if it was opened. You do not need to trust the organization that created it -- the mathematics prove whether the record is intact.
Independently verifiable
Any third party -- a regulator, an auditor, a board member -- can confirm the record is authentic without asking the organization that created it. No special software. No vendor account. No credentials. Just a web browser and a public verification tool.
Continuous
Not a snapshot from last quarter. A record for every AI action, every day. And critically: if the evidence stops, that gap is itself detectable. You can prove that something interrupted the normal pattern, even if no one reported the interruption.
| Dimension | Traditional Evidence | Cryptographic Evidence |
|---|---|---|
| Tamper resistance | Logs can be edited after the fact | Any modification is mathematically detectable |
| Verification | Requires trust in the evidence producer | Any party can verify independently |
| Frequency | Periodic snapshots (quarterly, monthly) | Per-event (every inference, every decision) |
| Gaps | Gaps are invisible | Gaps are detectable and provable |
| Vendor dependency | Evidence locked inside vendor platform | Open protocol, verifiable from any browser |
4. How It Works
Three steps. Nothing changes about how the AI system operates.
The AI system operates normally
The compliance layer sits alongside the AI system. It observes, but does not interfere. The AI continues to work exactly as before. There is no performance impact. No data leaves the organization's infrastructure.
Each action creates a sealed receipt
Every inference, every decision, every tool call produces a cryptographic record. The record contains what happened and when, but never the actual content. Prompts, responses, and personal data stay inside the organization's systems. Only mathematical hashes and numeric measurements are recorded.
This means compliance evidence exists without exposing proprietary information, trade secrets, or personal data.
Anyone can verify the receipt
A regulator, an auditor, or a board member can independently confirm the record is authentic. The verification uses a standard mathematical formula that is publicly available. No vendor access, no special software, no credentials needed.
5. What Does the Evidence Tell You?
Cryptographic compliance evidence answers five fundamental questions about any AI system:
Did the AI system operate continuously?
A continuous chain of records proves the AI was monitored at every interval. If there are gaps -- periods with no records -- those gaps are themselves evidence that something interrupted normal operation.
Continuous chain The system was monitored throughout the period.
Gap detected Something interrupted evidence collection. Ask why.
Did the safety guardrails work?
Each record notes whether the AI's safety controls were active and whether they were triggered. You can see the ratio of checks passed to checks required.
All guardrails active Safety controls were enforced as configured.
Guardrail failure A safety control did not function as expected. Check the remediation record.
Was a human involved in high-risk decisions?
For decisions that require human oversight, the evidence records whether a human checkpoint was exercised. You can distinguish between "human oversight was configured" and "human oversight was actually used."
Human verified A person reviewed this decision.
No human review The decision was fully automated. Ask whether this was appropriate for the risk level.
Did the model's behavior change over time?
AI models can "drift" -- their behavior changes gradually as data patterns shift. The evidence tracks performance metrics over time and detects when behavior deviates from the established baseline.
Stable behavior The model is performing within expected parameters.
Drift detected The model's behavior has changed. Investigate the cause.
When something went wrong, was it corrected?
If an issue is detected, the evidence records whether it was documented, reported to appropriate authorities, and remediated. A formal revocation record proves the organization has a functioning error correction process.
Corrected Issue was identified, documented, and fixed.
Unresolved Issue was detected but not yet remediated. Check the timeline.
6. What Questions Should You Ask?
For Regulators
When reviewing an AI deployer's conformity documentation, ask:
- "Do you have continuous compliance evidence, or only periodic reports?"
- "Can a third party verify your evidence without your involvement?"
- "What happens to your evidence trail when your AI provider has an outage?"
- "Are your compliance records tamper-evident? How would you detect if someone modified them?"
- "How many AI decisions are covered by your evidence? All of them, or a sample?"
- "Does your evidence separate what happened from what you intended?"
For Executives and Board Members
When your CISO or CTO presents AI compliance status, ask:
- "Is this based on what we intended to happen, or what actually happened?"
- "Can our auditor verify this independently, without our help?"
- "If a regulator asks for evidence tomorrow, how quickly can we produce it?"
- "What is our evidence retention period? Does it meet our regulatory requirements?"
- "If our AI provider goes down, do we lose our compliance evidence?"
- "How do we know our AI's behavior hasn't changed since we approved it?"
For Procurement Teams
When evaluating AI compliance tools, require:
- Independent verification: The tool must produce evidence that a third party can verify without vendor access.
- Per-event evidence: Every AI decision must generate a record, not just periodic snapshots.
- Tamper-evident records: Any modification to compliance records must be mathematically detectable.
- Multi-framework coverage: One evidence stream should map to EU AI Act, NIST AI RMF, and your industry-specific framework simultaneously.
- Data privacy by design: Compliance evidence must be producible without exposing prompts, responses, or personal data.
- Open protocol: Avoid vendor lock-in. The evidence format should be verifiable by any tool, not just the vendor's dashboard.
7. How This Maps to Regulations You Know
| Regulation | What It Requires | How Cryptographic Evidence Helps |
|---|---|---|
| EU AI Act, Art. 12 | Automatic logging during the AI system's lifecycle | Per-event records with timestamps for every AI action. Gaps are detectable. |
| EU AI Act, Art. 14 | Effective human oversight | Evidence that human checkpoints were actually exercised, not just configured. |
| EU AI Act, Art. 15 | Accuracy, robustness, and cybersecurity | Continuous performance metrics and security control verification. |
| EU AI Act, Art. 62 | Serious incident reporting | Timestamped records of incidents, severity, and whether authorities were notified. |
| NIST AI RMF | Govern, Map, Measure, Manage across AI lifecycle | Evidence mapped to all four functions. Continuous measurement, not periodic. |
| SR 11-7 (Fed Reserve) | Model risk management with ongoing monitoring | Continuous model performance tracking with automated drift detection. |
| GDPR, Art. 22 | Transparency for automated decisions affecting individuals | Records of automated decisions with evidence of human review where required. |
| GDPR, Art. 35 | Data Protection Impact Assessment | Evidence that impact assessments were conducted and risks were mitigated. |
| CMMC (Defense) | Supply chain risk management and audit trails | Per-component provenance tracking and tamper-evident audit records. |
For detailed regulatory mappings, see the EU AI Act Cheatsheet, CMMC Overlay, or SR 11-7 Overlay.
8. Next Steps
For Regulators
Review the Assessment Playbook to understand how auditors evaluate cryptographic compliance evidence. It provides a 7-step workflow that works across EU AI Act, CMMC, SR 11-7, and ISO 42001.
For Executives
Ask your AI team to produce a compliance evidence report for your current AI deployments. If they cannot produce one, that gap is the answer to your compliance question.
For Procurement
Include the six evaluation criteria from Section 6 in your next AI vendor RFP. For a structured pilot evaluation, see the Pilot Scope document.
Questions? engineering@tenovaai.com