Built-In Guardrails
Your policies enforced automatically at runtime. Every output validated, every refusal explained – ensuring decision-grade control for public sector and regulated domains.
“Though this be madness, yet there is method in't.
You'll recognise this as a needed capability if…
There's no way to enforce organisational policies on AI outputs at runtime – compliance depends on prompt wording
When AI refuses a request, users get a generic error with no explanation of which policy triggered or why
You can't version, roll back, or audit the rules governing what AI can and can't say
Sensitive information appears in AI outputs because there's no systematic redaction layer
More than content filters
Generic AI guardrails are basic content filters: block profanity, flag sensitive topics. That's table stakes.
Our guardrails enforce your organisation's specific policies. What can be said. What must be redacted. What should never be answered. All versioned, all auditable.
- Block profanity
- Flag sensitive topics
- Generic content moderation
- Your organisation's specific policies
- Versioned policy packs with rollback
- Every refusal explained with reason
- Deterministic validation, not AI judgment
Policy Packs
Versioned rule sets that define what AI can output, redact, or refuse. Attached to every request and recorded in every Evidence Pack.
Define what information can be included in responses
include_citationsAlways cite source document ID, page, and section for every factual claim
max_confidence_claimOnly output statements with confidence score ≥ 0.85
approved_terminologyUse only terms from the registered ontology, no synonyms or abbreviations
format_structuredReturn answers as typed JSON fields, not prose paragraphs
Automatically remove sensitive information from outputs
pii_maskReplace names, addresses, and phone numbers with [REDACTED]
internal_refsStrip internal ticket IDs, case numbers, and staff codes
financial_detailsMask specific dollar amounts over $10,000 as [AMOUNT REDACTED]
draft_markersRemove "[DRAFT]", "[INTERNAL]", and similar document markers
Block entire categories of requests or responses
legal_adviceReject any query asking for interpretation of legal obligations or rights
speculationBlock responses that predict future events or outcomes not in source data
personnel_mattersRefuse queries about individual staff performance or disciplinary records
active_litigationBlock access to documents marked as subject to legal hold
Deterministic Validators
Before any AI output leaves the system, it passes through deterministic validators. These aren't AI judgments. They're binary checks that either pass or fail.
Provenance Present
Does every claim have a traceable source?
Ensures no statement is made without backing evidence from your approved document corpus.
Quote Accuracy
Do quoted passages match the source documents?
Verifies that any direct quotes are accurate verbatim extractions, not paraphrases or fabrications.
Schema Conformance
Does the output match the expected structure?
Confirms outputs align with your defined ontology: right fields, right formats, right terminology.
Citation Validity
Do all referenced documents actually exist?
Cross-checks that every cited document ID, page number, and offset is real and accessible.
All Validators Passed
Output meets all quality and policy requirements
Multi-Agent Verification
For high-assurance workflows, a single AI isn't enough. We deploy secondary AI agents that review primary outputs before release.
These verification agents are configured with different prompts, different constraints, and sometimes different models, providing genuine independent review, not just repeated processing.
Fact verification
Cross-checking claims against source material using independent retrieval
Consistency checking
Ensuring no contradictions across response sections
Policy compliance
Validating outputs against active policy pack rules
Tone and sensitivity
Reviewing language for appropriateness and audience fit
Every refusal has a reason
When guardrails block a response, you don't get a generic error. You get a specific explanation: which policy triggered, which version, and why.
This isn't just transparency. It's a debugging tool. When a refusal is wrong, you know exactly which policy to adjust.
// Example refusal response
{
"status": "refused",
"reason": "Request involves legal interpretation",
"policy": "legal-boundaries-v2.3",
"validator": "topic-classification",
"suggestion": "Rephrase as factual query
or consult legal team"
}
ISO/IEC 42001 awareness
Our guardrail framework is built with AI management system standards in mind. As ISO/IEC 42001 becomes the benchmark for responsible AI deployment, our architecture is ready.
Risk Management
Systematic identification and mitigation of AI-specific risks through policy packs and validators.
Documentation
Complete records of policies, decisions, and outcomes attached to every AI interaction.
Continuous Improvement
Feedback loops for ongoing policy refinement. Version, test, deploy, measure, repeat.
The method in the madness
Guardrails are our control layer. They work alongside Evidence Packs for traceability and Knowledge Graphs for accuracy.
Together, they ensure every AI output is defensible, accurate, and under your complete control.
Guardrails in production
Every AI agent we deploy for government agencies runs with full guardrail enforcement. Policy packs are versioned, validators are deterministic, and every refusal is explained and logged.
Provenance, quote accuracy, schema conformance, and citation validity – checked on every response before release.
Every blocked response includes the policy that triggered it, the version, and a suggested alternative.
Zero AI outputs have bypassed the guardrail layer in production. The system validates or refuses – no exceptions.
