Product · Policy & Compliance

Attach a policy to every AI actor, then prove it.

Tallin turns AI governance from a static document into a live control and evidence register. Every AI actor (human, app, or agent) gets a policy and an approved model scope; the compliance packs you choose map that policy to obligations and jurisdictions, then track what Tallin can prove, what your team attests, and what still needs review.

Compliance packs

Start with the two use cases legal teams ask about first.

V1 is intentionally focused. Tallin goes deeper on AI Hiring and Consumer Chatbot obligations instead of showing a shallow list of every AI law. Each pack maps to the actors and use cases routed through Tallin, and includes jurisdictions, source links, evidence requirements, and a last-reviewed date.

AI Hiring

Recruiting, resume screening, candidate ranking, interview analysis, promotion, and employment-decision AI.

NYC, Illinois, Colorado, Federal pointers

Consumer Chatbot / AI Disclosure

Customer-facing AI chat, support, sales, advice, companion, and patient communication experiences.

Utah, Texas, California, New York, Federal pointers

Policy & Compliance

Obligation register

v1 packs
NYC AEDT
AI Hiring
Bias auditcustomer attestedNOT COVERED
Illinois notice
AI Hiring
Employment AI inventoryauto-provedOBSERVED
Utah disclosure
Consumer Chatbot
Gateway routeauto-provedENFORCED
FTC pointer
Consumer Chatbot
Counsel sign-offcustomer attestedINFERRED
Auto-proved
Tallin evidence
Customer-attested
Uploaded proof
Open gap
Missing evidence

Evidence buckets

Tallin tracks evidence, not legal conclusions.

The compliance register is built to be useful to counsel without pretending Tallin is counsel. Every row says what obligation needs review and what evidence exists.

Auto-proved evidence from Tallin
inventory, usage, gateway routes, who-used-what, and discovery signals.
Customer-attested evidence
bias audits, disclosure copy, notices, DPIAs, counsel sign-off, and third-party reports.
Open gaps
required evidence that is not present in Tallin or attached by the customer yet.
Signal coverage

Sources grouped by how buyers think.

no endpoint agents to install
AI providersOpenAI, Anthropic, Copilot, GeminiOBSERVED
Cloud billingAWS Bedrock, Azure OpenAI, Vertex AIINFERRED
IdentityOkta, Entra, Google WorkspaceOBSERVED
Network / CASBDefender, Cloudflare, Netskope, ZscalerOBSERVED
SIEM logsSentinel, Splunk, uploadsINFERRED

What Tallin can prove

Obligation posture follows the signals you connect.

If a use case is visible in gateway, provider, identity, CASB, billing, or uploaded evidence, Tallin can attach that signal to the obligation row. If the evidence lives outside Tallin, your team can attach it as an attestation. If neither exists, the row stays an open gap.

Why it matters

Companies are writing AI policies faster than they can enforce them.

Autonomous agents are arriving. Gartner projects 150,000+ AI agents per Fortune 500 by 2028, yet only 13% of teams feel adequately governed. Tallin gives policy owners a living control and obligation register: what the policy says, which actors and use cases it covers, which jurisdictions may matter, which evidence is present, and what still needs owner review.

Put a policy behind every AI actor, and prove it.

Start with the compliance packs that match your AI use. Tallin attaches a policy to each actor, then shows what is proved, attested, and still open.