Why now

No rules means no safe harbor.

On 17 April 2026, SR 26-2 replaced SR 11-7 and scoped agentic AI out of model-risk guidance. It is tempting to read the absence of a rulebook as breathing room. It is the opposite.

The absence of a rule is not cover.

A safe harbor is a published standard you can meet and then point to. When a regulator declines to write one for agentic AI, there is nothing to meet — and nothing to hide behind. Examiners still examine. Discovery still discovers. The question in the deposition is unchanged: who authorized this automated decision, and prove the record wasn't altered.

“The model guidance doesn't apply” is not an answer to that question. It removes a framework you could have cited; it removes nothing examiners or plaintiffs can ask.

The predicate rules

Date-proof, and already enforced.

What survived the deregulation of the headline AI rules is the machinery underneath: sector regulators with exam powers, and predicate rules that never moved. They do not mention AI. They do not need to. They govern records, signatures, independence, and authority — whoever, or whatever, is acting.

  • 21 CFR Part 11

    1997

    Electronic records and signatures — limited access, authority checks, time-stamped audit trails, and every signature carrying its meaning. Written, almost verbatim, for exactly this.

  • 21 CFR §211.22

    Standing

    An independent quality unit, with authority that cannot be delegated to production — or to the software production builds. The release decision is a human one by law.

  • SOX

    2002

    Internal controls over financial reporting. Controlled accruals and certified numbers need a traceable chain of authority behind every figure that enters the statements.

  • NYDFS Part 504

    Annual

    A board resolution or a named senior officer must certify the transaction-monitoring and watch-list stack every year — personally, forever. The fear is theirs before it is the company’s.

The consequence

The evidence is the product.

What a named officer needs for the deposition is not a policy document. It is a signed receipt proving a named human approved this before it hit the wire — verifiable by a third party, offline, against a published spec, with zero access to your systems or ours.

We do not claim to be certified or compliant — those are words an auditor earns for you. MakerChecker is designed against the requirements of the rules your auditors already enforce, and built so that an inspector never has to take our word, or yours, for anything.

The six primitives, mapped to the rules →

Keep reading

For financial services

AML triage, sanctions, reconciliation — the SAR decision kept off the agent that raised the alert.

Read →

For life sciences

Complaint and adverse-event triage, batch release — the reportability call stays a named officer’s.

Read →

The six primitives

Agents as employees, versioned grants, structural segregation of duties, gates, limits, signed audit.

Read →

Use cases

Where a governed agent must not act alone — every workflow has a one-way door.

Read →

How it compares

Guardrails, gateways, observability — and the authorization layer only MakerChecker provides.

Read →

See it for yourself

Have the answer before the question.

One command starts the demo: an agent stopped from signing off its own work, and the signed evidence file an inspector can check for themselves.

Book a demoRead the docs

Designed against the rules your auditors already enforce.