Truveil is a rule-based, deterministic scoring engine. Same evidence in, same scores out. Calibrated against primary regulatory text across six major frameworks. This page explains the methodology at the level that matters for buyers, auditors, and the customers who will trust your audit reports.
Truveil scores every agent run against four accountability dimensions. Each dimension corresponds to a category of regulatory obligation that recurs across all six frameworks Truveil covers.
Can the agent explain what it did, why, and on what evidence? Does it disclose its AI nature to affected users?
EU AI Act Article 13. India DPDP Rules 2025 Rule 3. NIST AI RMF Map function. Singapore MGF accountability principle.
Is there a named owner? A documented risk assessment? Human oversight where required? Approval gates on consequential decisions?
EU AI Act Article 14. India DPDP Rules 2025 Rule 9 and Rule 13. DIFC Regulation 10 ASO requirements. NIST AI RMF Govern function.
Is input data sourced from documented places? Is it fresh, validated, and grounded in cited evidence? Has bias evaluation happened where applicable?
EU AI Act Article 10. India DPDP Rules 2025 Rule 8. NIST AI RMF Measure function.
Can decisions be reversed? Is there a kill switch? Override controls? An appeal channel?
EU AI Act Article 14(4) override capability. DIFC Regulation 10. UAE AI Charter principles on significant decisions.
Truveil's engine recognises that not all AI agents carry the same regulatory weight. The engine classifies every registered agent into one of four categories at registration time.
Hiring, lending, diagnosis, eligibility determination.
Subject to the strictest scoring across all four dimensions.
Grid management, vehicles, surgery assistance, industrial automation.
Reversibility and human oversight signals weighted highest.
Market briefs, literature review, competitive analysis, commercialisation strategy.
Scored on completeness and traceability of reasoning, with regulatory carve-outs for fields like bias evaluation that do not apply to research agents with no protected attributes in scope.
Recommendations, tagging, content categorisation.
Lighter weighting on accountability and reversibility. Transparency baseline still required.
Truveil's scoring engine is calibrated against primary regulatory text from six major frameworks. When your agent operates in a single jurisdiction, the audit cites that framework directly. When your agent operates across jurisdictions, Truveil applies the strictest rule per dimension and cites every applicable framework in the audit report.
Articles 5, 9 to 15, 22, 25 to 27, 49, 72 to 73. Annex III high-risk categories. Article 14 human oversight. FRIA scope for essential services. Provider-deployer determination. Article 22 GDPR automated decisions.
Govern, Map, Measure, Manage functions. Generative AI profile (AI 600-1). Sectoral overlays for credit (FCRA), employment (EEOC), clinical (FDA), and housing (FHA).
Rule 3 disclosure, Rule 8 data freshness, Rule 9 owner identification, Rule 12 DPIA scope, Rule 13 audit cadence, Rule 14 reversibility controls. Significant Data Fiduciary obligations. Section 33 penalties.
Autonomous Systems Officer appointment. Five ethical principles. Significant-decision oversight. Certification pathway.
Federal AI Strategy principles. Significant-decision human oversight. Transparency and accountability standards. PDPL coordination.
Nine dimensions of accountability. AI Verify testing alignment. MGF-GenAI profile. IMDA expectations for deployers and developers.
Truveil's engine is updated when these frameworks change. Updates flow through to your audit reports automatically. No version drift between what regulators require and what Truveil scores against.
Every audit Truveil produces is reproducible. The engine is rule-based with no probabilistic inference, no LLM-driven scoring decisions, no hallucinated compliance claims. Two auditors running your logs through Truveil reach the same conclusion every time. This matters for regulatory defensibility: an audit report that cannot be reproduced cannot be defended.
Truveil's scoring engine is calibrated against primary regulatory text retrieved from authoritative sources. Truveil's analytical layer sits on top of structured, JSON-grounded primary regulatory text. When the EU AI Act is updated, the JSON updates and Truveil's scoring follows. When India DPDP Rules issue clarifications, they propagate through the engine. Your audit report cites the framework, the article, and the obligation that applies.
Truveil does not care what model powers your AI agent. GPT-4o, Claude, Gemini, an open-source fine-tune: the audit layer treats them identically. Switch models without losing your audit history or your compliance baseline.
Truveil generates audit-grade reports in under 30 seconds. Reports include grade, dimension scores, agent category context, framework citations, and remediation guidance. Plain language for legal and procurement teams. Regulatory citations for defence. Tracked over time so you can demonstrate improvement to regulators, auditors, and clients.
See sample reports