If you operate in finance, insurance, or healthcare, the question about AI is no longer whether it helps. It is whether you can put it in front of an auditor without flinching. The rules arrived faster than most compliance teams expected, and a demo that impresses a product manager is a long way from a system that survives an examiner. This is a practical map of what changed, what reviewers actually ask for, and a checklist you can run before you deploy anything.
A disclaimer worth stating plainly: this is an overview, not legal advice, and the rules below move. Where a date or status is in flux, I have said so. Confirm specifics with your own counsel before you rely on them.
The 2026 regulatory map, briefly
The EU AI Act entered into force in August 2024 and phases in over several years. Prohibited practices applied from February 2025, general-purpose model obligations from August 2025, and most high-risk system requirements were set for August 2026 (AI Act implementation timeline). One moving piece to watch: in November 2025 the European Commission proposed a "Digital Omnibus" that would push the high-risk deadline to December 2027. As of this writing that deferral is proposed, not adopted, so the original timeline still governs unless and until it passes (DLA Piper). High-risk systems carry concrete duties: risk management, data governance, technical documentation, automatic logging of events, human oversight, and accuracy and robustness.
In the US, the NIST AI Risk Management Framework remains the voluntary backbone, organized around four functions (govern, map, measure, manage), with a Generative AI Profile added in July 2024 (NIST). State law is shifting underneath everyone: Colorado repealed and replaced its original AI Act, with Governor Polis signing SB 26-189 in May 2026, effective January 2027, pivoting toward disclosure and consumer-rights obligations (Carpe Datum Law). Many older summaries still cite the repealed version, so check the date on anything you read.
Sector regulators have their own guidance. The NAIC Model Bulletin on insurers' use of AI, adopted in December 2023, asks insurers to maintain a written AI systems program and has been taken up by roughly half the states (NAIC). On the healthcare side, HHS proposed the first major HIPAA Security Rule update in about two decades in January 2025 (HIPAA Journal). The SEC has not finalized a dedicated AI rule but has already brought enforcement actions against advisers for "AI washing," overstating their AI capabilities.
What auditors and regulators actually ask
Strip away the framework names and reviewers keep returning to a short list. Can you reproduce the decision the system made on a given date, with the version that made it? Can you trace a number back to its source data? Can a qualified human review, contest, and override an automated decision, rather than rubber-stamp it? Is there a complete, tamper-evident record of what ran?
That last cluster has teeth in Europe. Under GDPR Article 22, individuals have the right not to be subject to a solely automated decision with legal or similarly significant effects, plus a right to human intervention and to meaningful information about the logic involved (ICO). "Meaningful information about the logic" is a high bar for a system whose logic is a model's behavior at a moment in time.
The certification alphabet, decoded
Buyers will ask your vendors, and your own security team will ask you, about a familiar set of attestations. Briefly, so you can tell them apart:
- SOC 2 is an AICPA framework built on trust services criteria such as security and confidentiality. Type I assesses the design of controls at a point in time; Type II assesses whether they operated effectively over a period, usually six to twelve months. Ask for the Type II report and read its scope.
- ISO 27001 certifies an organization-wide information security management system and is recognized globally. It overlaps heavily with SOC 2 but is a certification rather than an attestation report.
- ISO 42001, published in December 2023, is the first certifiable standard for an AI management system, covering lifecycle governance, risk, transparency, and human oversight (ISO). It is the one that signals a vendor takes AI governance seriously, not just data security.
- HIPAA and GDPR are legal regimes, not certifications. A vendor can be a compliant processor or sign a Business Associate Agreement, but that covers their slice, not your whole system.
A note on our own posture, to be straight with you: Dittah does not claim to hold any of these certifications, and you should be skeptical of any vendor that waves a logo without handing you the report. What the architecture below does is make the underlying audit questions easier to answer, which is a different thing from a certificate.
Why runtime generative AI struggles in an audit
The hardest compliance problem with a model in the runtime loop is that it cannot reliably reproduce its own decisions. When outputs vary on identical inputs, reconstructing and auditing a specific decision becomes very difficult. Research on financial AI systems makes the point bluntly: in regulated settings, accuracy that cannot be reproduced cannot really be audited, and structured output can degrade meaningfully across runs (arXiv, 2026). Add silent model drift, where the provider retunes the model and your behavior shifts without a changelog, and you have a system that fails the reproducibility test by construction.
How frozen code maps to the audit asks
This is where a design-time-only approach earns its keep. With Dittah, AI helps you build the workflow, then publishing freezes it into versioned, immutable code, and production runs that code with no model call. Line that up against the recurring audit asks and it maps cleanly. Reproducibility comes for free, because the same input yields the same output every time. Versioning and traceability are built in, because each run is tied to a specific, identifiable version of the logic. The audit trail is the execution log. And there is no model drift in production, because the frozen artifact does not change between runs unless you deliberately publish a new version.
There is even an auditing standard that points the same way. The PCAOB's benchmarking guidance treats fully automated controls as not subject to human failure, and notes the approach is especially strong when the code cannot be modified between runs (PCAOB, AS 5 Appendix B). That kind of immutable, versioned logic is close to exactly what an auditor wants to see.
The checklist
Run these before you deploy any AI automation, whoever built it. If you cannot answer a question, that is your next piece of work, not a detail to defer.
- Reproducibility. Can the system produce the same output for the same input, on demand, months later?
- Versioning. Is every decision tied to an immutable, identifiable version of the logic that produced it?
- Runtime exposure. Does production execution make live model calls, or run frozen, deterministic code?
- Audit trail. Is there a complete, tamper-evident log of inputs, outputs, logic version, and human overrides?
- Explainability. Can you give a regulator or an affected person meaningful information about the logic behind a decision?
- Human oversight. Can a qualified person genuinely review, contest, and override, rather than rubber-stamp?
- Drift. Can production behavior change between runs without a deliberate, versioned release?
- Data lineage. Can you trace every figure back to its source, and is the data governance documented?
- EU AI Act readiness. If the use case is high-risk, are risk management, documentation, and logging in place against the current deadline?
- Sector duties. Are the NAIC program, SEC obligations, or HIPAA requirements that apply to you covered?
- Vendor attestations. Did you get the actual SOC 2 Type II or ISO report, check its scope, and confirm any AI-specific framework such as ISO 42001?
- Retention. Are logs and decision records kept long enough to meet the longest requirement that applies?
Bottom line
Compliance for AI in regulated industries comes down to a question the rules ask in a dozen different ways: can you reproduce, explain, and prove what your system did? Keep a model in the runtime loop and you will struggle to answer that honestly. Let AI build the logic once and freeze it, and the answer falls out of the architecture. Start from the checklist, be honest about the gaps, and prefer architectures that give you reproducibility as a property rather than a promise. If you want to see what a deterministic, fully logged workflow looks like in practice, we walked one through end to end, or you can build one yourself.
Regulatory references are linked inline and reflect material available as of April 2026. This is general information, not legal advice. Statuses noted as proposed or pending should be reconfirmed before you rely on them.
