AIA · Agentic Intelligence Architecture

AI agents for
regulated industries

Open-source AI agent infrastructure for regulated enterprises.

See how it works Write to us
Financial services Healthcare & life sciences Government & defence Manufacturing & supply chain
The problem

Frontier AI ships your records to a vendor's cloud — someone else's servers, someone else's jurisdiction.

With AIA, data stays in your perimeter — and your auditor can verify what the agents did.

Industries

Built for regulated industries

Banking & capital markets

Compliance evidence at trade speed

Pre-trade MiFID II checks and DORA evidence on demand, inside your perimeter.

Healthcare & life sciences

Analytics without PHI egress

Federated cohort analytics with zero PHI egress, 21 CFR Part 11 end to end.

Government & defence

Classified work, on your terms

Classified synthesis on air-gapped hardware, sources and methods protected.

Legal & compliance

An audit trail any party can replay

Privilege-preserving e-discovery and contract mapping with reproducible provenance.

→ Workflows across these four industries

Regulations

Aligned to the frameworks
that govern your industry

DORA
Digital Operational Resilience Act · live since Jan 2025
EU · Financial services
EU AI Act
High-risk obligations · Art. 12 logging · 2 Dec 2027
EU · Cross-sector
NSM-10
Federal post-quantum migration
US · Federal
BSI TR-02102
PQC migration guidance
Germany · Cross-sector

GDPR Art. 32 · NIS2 · MiFID II · HIPAA · 21 CFR Part 11 — and more, mapped in the trust dossier.

Architecture

Three pillars

The system to win the agentic-AI era.

Pillar 01

Multi-agent orchestration

Specialised agents across security, finance, and legal, each task routed to the best fit.

Pillar 02

Knowledge graph

A Neo4j-backed graph where answers trace to the exact nodes behind them.

Pillar 03

Post-quantum A2A

Post-quantum agent-to-agent protocol. Actions are signed into a tamper-evident log, designed to anchor a single zero-knowledge proof on-chain.

How AIA works

Run the agents
where your data already lives

Agents read, reason, and work inside your perimeter; all that leaves is a zero-knowledge proof.

ENTERPRISE PERIMETER · YOUR NETWORK REQUEST user · system · agent t = 0 ms ROUTE L1 · ORCHESTRATION Trust-weighted routing · specialist agents REASON L2 · KNOWLEDGE DKG · graph retrieval COORDINATE L3 · A2A PROTOCOL PQ-encrypted state-sync ATTEST L4 · PQC + ZK SP1 · Groth16 · ~260 B L1 ANCHOR Ethereum π · ZK PROOF INPUT · PLAINTEXT OUTPUT · ENCRYPTED + ATTESTED PUBLIC · VERIFIABLE
Five stages inside the perimeter. One proof leaves.
The AI audit layer

One audit layer.
Three kinds of proof.

The audit trail that gets your AI agents approved. AIA writes three kinds of proof; each shows that something is true and nothing else.

What an agent did

Action attestation

Actions are signed into a tamper-evident log. Its root is designed to anchor on-chain, so an auditor can confirm an action happened and was not altered — without seeing the data behind it.

Value that moved

Confidential transfer

Payments between agents and services settle in regulated stablecoins. Amounts and counterparties stay private, disclosed only to a party you choose.

Where an output came from

Verifiable inference

For self-hosted models: hardware attestation — a confidential-GPU receipt binds the output to the model and policy. For frontier APIs: every call is attested — request, response, model identity as reported. Cryptographic proof of inference (zkML) is our research north-star.

Proofs are batched, so anchoring thousands of actions costs a single settlement. Run it in our EU regions, in your VPC, or fully air-gapped — same code, same proofs.

Architecture
ProofWhat it provesAligned to
Action attestationAn agent did a specific action, unaltered, at a known time.EU AI Act Art. 12 · DORA · NIS2 · HIPAA audit trail
Confidential transferValue moved between parties, amounts and counterparties private.MiCA · regulated stablecoins · selective disclosure
Verifiable inference
Hardware-attested · zkML research		An output came from an approved model under an approved policy.EU AI Act high-risk obligations
Deployment

From managed cloud
to air-gapped on-premise

Three patterns, one codebase. Identical APIs and proofs across all three.

01 · Managed

We operate it

013a runs the cluster; you hold the keys.

02 · Hybrid · your VPC

Inside your cloud

Runtime, graph, and keys inside your VPC; only proofs cross the boundary.

03 · Sovereign · on-premise

Air-gapped

Full on-premise install with no outbound connectivity, for classified workloads.

Standards at every boundary — MCP, OpenTelemetry GenAI, EAS, W3C DID/VC, FIPS 203/204/205. → Interoperability

Who builds it

Built in Berlin by 013a

Deep expertise in cryptography, multi-agent systems, and enterprise security — from the EU, for the regulated world.

Made in Germany
More about 013a
Start

Two paths in one conversation

A thirty-minute call to map your workload to the right deployment, agents, and audit evidence. No deck.

Book a call Write to us