The AXIS protocol provides cryptographically signed delegation chains. Kipple Labs provides the audit-ready mappings, control documentation, and certification programs that let your compliance team answer "who authorized this agent, and can we prove it?" in the language regulators and auditors use.
Each product ships as a control-mapping document, evidence-generation tooling, and implementation support. Designed to drop into an existing compliance program, not replace it.
For: Organizations deploying AI agents in the EU market or serving EU subjects. Articles 9, 10, 12, 13, 14, 15.
What's in it: Article 12 logging mapped to AXIS credential chains. Risk-classification framework. Agent governance controls aligned to Annex III. Technical documentation templates for CE-marked high-risk AI systems. Post-market monitoring scaffolding.
Status: Shipping Q2 2026. Design partners being onboarded now.
For: Covered entities and business associates running AI agents on PHI.
What's in it: HIPAA Security Rule control mapping. BAA scaffolding for agent operators. Credential retention and revocation policies that satisfy the §164 minimum necessary standard. Breach notification workflow integrated with AXIS revocation events.
Status: Planned. Contact us if you need this sooner.
For: SaaS platforms that run or accept AI agents and need a Type II report.
What's in it: Trust Services Criteria mapping (Security, Confidentiality, Processing Integrity) for agent-driven workflows. Evidence generation from AXIS credential chains. Auditor-friendly narrative templates.
Status: Planned.
For: Operators and registrars who want a third-party signal of compliance maturity.
What's in it: SOC-2-style attestation of AXIS implementation and operational controls. Public directory of certified parties. Annual renewal.
Status: Planned. Certification program design in progress.
For: Compliance and legal teams who need to answer auditor questions about agent activity.
What's in it: Historical credential activity, delegation chain visualization, auditor-friendly export formats (PDF, CSV, JSON), retention policy management, forensic query interface.
Status: Planned.
Compliance frameworks were written for human actions and system-level access. AI agents act on behalf of humans, chain delegated authority across organizational boundaries, and leave different kinds of evidence than the control frameworks originally contemplated. Existing compliance tooling either ignores agent actions entirely or treats them as opaque system calls.
AXIS makes agent actions first-class auditable events. Kipple Labs' compliance products make those events legible to the people writing risk assessments, BAAs, and audit reports.
Technical treatment of the same topics (for developers, IT, and security engineers) lives on AXIS Prime. Different audience, different language. Visit AXIS Prime →
We're working with a small number of design partners through the first half of 2026 to shape these products against real compliance requirements. If your team is deploying or governing AI agents and needs the compliance layer sorted, tell us what you're running into.