Product · VeilEngine™

The evidence layer for regulated AI

VeilEngine sits between your operators and Claude, GPT, or Gemini. Sensitive data is secured before it ever crosses the provider boundary, and every request emits a cryptographic receipt your auditor can verify offline. The compliance officer receives evidence; the CFO, productivity — both from the same workflow.

Request a consultation→ Trust architecture

The core problem

Your most valuable AI workflows touch your most sensitive data — which is why they stall

Healthcare can’t put PHI in Claude. Finserv can’t put MNPI in GPT. Legal can’t put privileged communications in Gemini. Insurance can’t put claimant identifiers anywhere. The result: regulated organizations watch the productivity gap widen while their compliance officers correctly say no.

The category response — AI governance dashboards layered over an unprotected execution path — doesn’t change what data reaches the model. It just reports on what happened. VeilEngine changes what reaches the model.

How it works

One boundary, one receipt, any provider

VeilEngine introduces a single protection boundary between your operators and the LLM provider. Every workflow inherits four guarantees from the boundary; nothing in your stack downstream depends on which provider served the request.

Secured before the provider

Sensitive entities — patient identifiers, MNPI, privileged content, claimant data, student PII — are protected before any request leaves your environment. The provider receives a workflow-equivalent payload with the sensitive elements replaced by deterministic placeholders.

Receipt at every boundary

Each request emits a signed receipt: workflow ID, provider, tokenization summary, time-to-answer, and a signed attestation hash. Receipts are hash-linked into a tamper-evident per-session chain; your auditor verifies each receipt signature offline with our open verifier CLI — without trusting our infrastructure. Automated chain-walk verification, a per-request cryptographic proof bundle, and a cross-session transparency log are on the roadmap.

Provider-agnostic by design

Workflows are written against the VeilEngine execution layer, not the provider SDK. Route to Claude for one workflow, GPT for another, Gemini for a third — or all three with automatic fallback. Switching providers is a config change, not an engineering project.

Round-trip utility check

The output is checked back through the protection boundary so usable signal survives without leaking sensitive entities. Operators see a Semantic Preservation Score per request; cryptographic proof-bundle claims remain roadmap-gated until review clears the public wording.

Three protection tiers

Gateway protection live at launch — three tiers by design

Different workflows demand different trust boundaries. The launch path is Tier 1 gateway protection; Tier 0 client-side and Tier 2 provider-under-agreement paths are engagement-scoped options that require separate configuration and governance review.

Tier 0

Client-side

Tier 0 is designed so protection happens inside your perimeter — the raw data stays in your network, not even reaching us. It is scoped per engagement for sovereignty workloads, attorney-client privilege, and the most sensitive PHI / MNPI use cases; it is not the default gateway launch path.

Sovereignty Privilege

Tier 1 · default

Gateway

Protection happens in your region inside VeilEngine’s boundary. It is designed so the provider receives only protected / de-identified payloads, not raw entities; we do not persist them after the request closes. Tier 1 is the default for most regulated workflows — HIPAA, FERPA, NAIC, SEC Reg S-P all map cleanly here.

HIPAA FERPA NAIC

Tier 2

Provider under agreement

For workflows where a provider-side agreement is the right control, VeilEngine acts as the routing and evidence layer over that provider relationship, established per engagement on an eligible service tier. Tier 2 requires the provider relationship, DPA or BAA path, and workflow eligibility to be cleared before use; eligibility for a BAA is not the same as a signed BAA.

BAA-eligible DPA Schrems II

The evidence fabric

Eight primitives, one contract your auditor verifies offline

VeilEngine’s evidence fabric is organized around eight primitives that compose into a single auditor-verifiable artifact. Each is specified by a canonical schema; a per-session evidence bundle exports today for your auditor to verify offline, with a multi-session portable-ZIP package on the roadmap.

Gateway event spine

Every request becomes an append-only event — the system of record.

Receipt service

Signed receipt per request: workflow, provider, tokenization summary, signed attestation. (Per-request proof bundle: roadmap.)

Proof & verification layer

Offline verification of receipt signatures and the per-session hash chain. Per-request cryptographic proof that the provider never received the raw payload: roadmap.

Transparency log

Roadmap — designed for inclusion proofs against an append-only log. Today, receipts are hash-linked into a tamper-evident per-session chain.

RBAC / auditor boundary

Auditors see what they need. Operators see what they execute. Both see the same receipts.

Evidence package builder

Export a per-session evidence bundle; your auditor runs the open verifier offline, no call to our infra. Multi-session portable-ZIP packaging: roadmap.

Lineage store

Roadmap — designed so every output traces back to inputs, decisions, and policy version, with retention scoped to your framework.

Policy engine

Vertical-pack rules compiled to runtime decisions. Every gate logged. Every override attested.

Provider abstraction

Workflows survive provider switches — and the evidence survives with them

Provider lock-in is a real risk and an underdiscussed compliance liability: if your evidence depends on a provider’s logs, the day you switch providers is the day your audit trail breaks. VeilEngine inverts this. The evidence fabric is the system of record. The provider is interchangeable infrastructure.

Claude (Anthropic) — Opus; default healthcare routing where a provider agreement is required, on an eligible service tier
GPT (OpenAI / Azure OpenAI) — Tier-2 routing via Azure HIPAA-eligible services; cost-optimized for high-volume finserv workloads
Gemini (Google Vertex AI) — DPA path; default for EU-residency and multimodal workflows
On-premise / open-weight (roadmap) — designed for air-gapped Llama, Mistral, or your own model under the same evidence contract

Provider routing

Live

workflowcontract_review.draft

routed toClaude Opus

provider switchconfig change

prev: GPT · Gemini

Measurable outcomes

Productivity gains, instrumented

Time-to-Useful-Answer (TUA)

Wall-clock from operator prompt to verified, compliance-cleared output. Healthcare discharge-summary baseline: ~18 seconds with VeilEngine versus ~22 minutes of manual redaction plus legal review. Finserv research-note draft: ~30 seconds versus ~3 days through compliance approval. Figures are illustrative pending instrumented benchmarks.

Semantic Preservation Score

A 0–100 measurement of how much usable signal survives the protection boundary. Operators see the score before publishing the output and choose the tier that maintains LLM utility for each workflow class.

Cost-per-Useful-Answer

Total cost amortized across provider fees, routing logic, and the protection boundary — captured per receipt so your CFO sees the unit economics, not just the platform bill.

Provider portability

Workflows are written against the VeilEngine execution layer, not a provider SDK, so switching providers is a config change rather than a re-engineering project. Portability is validated per engagement against your provider mix.

FAQ

Questions about VeilEngine

VeilEngine is the evidence layer for regulated AI. It lets your team run frontier models on regulated data, protects that data at a boundary you choose, and writes a signed receipt for every interaction that your auditors can verify offline. It is the system of record for what your AI did with sensitive data.

A workflow runs through VeilEngine instead of directly against a model API. Regulated data is protected at the boundary you select, the request is routed to the provider, and a signed receipt is written for the interaction. Your operators get the model’s output, your compliance team gets evidence, and your auditors get something they can verify independently.

A signed, tamper-evident record of a single AI interaction: what was protected at the boundary, which provider served it, and a signed attestation that the protection action happened. Your auditor runs our open verifier against an exported per-session evidence bundle and confirms the receipt signatures and the package manifest offline — without trusting us, and without a connection to our infrastructure. Automated chain-walk verification is on the roadmap.

The launch path is Tier 1 gateway protection: regulated data enters VeilEngine's boundary in your region, is protected before any provider sees it, and is not retained after the session or used to train models, subject to the provider relationships in scope. Tier 0 client-side protection, where raw data never leaves your perimeter even to us, is an engagement-scoped option for the most sensitive workloads, not the default launch path. Exposure is measured per workflow rather than estimated.

Both, by design. VeilEngine is the productized evidence layer; the engagement around it maps your regulatory frameworks, compiles the vertical pack for your industry, and gets your blocked workflows into production. We productize what should be productized and consult where judgment is required.

VeilEngine sits between your workflow and the AI provider, so integration is at the workflow layer, not a rebuild of your stack. You do not need to change AI providers or move your data platform to start. The engagement begins with a regulatory audit, then connects the workflows your compliance officer has blocked.

Read the trust architecture

Auditors run our verifier offline

Detailed coverage of the evidence-fabric primitives, the canonical schemas, the verifier CLI, and the framework-mapping engine lives on the Trust page. Built for the CISO, CCO, and external auditor — not for marketing.

Trust & Security→ Or request a consultation →