AI you can explain, defend, and audit — by design.
JAQL builds for banks, defence and government, where every AI decision must be explainable to a regulator, supervised by a human, and provable after the fact. Responsible AI isn't a policy we bolted on — it's how the products are engineered. Every JAQL product ships with its own Security Assessment Report.
Honesty rule
- In place — operating today (e.g. human-in-the-loop design, audit logging, product Security Assessment Reports).
- Aligned to — architected to the standard's controls; not yet certified.
- In progress — certification actively being pursued. Never claimed as held.
Five guarantees, each built into the product — not promised on a slide.
Explainable by design
Every decision carries a plain-English, human-readable reason a regulator, board or court can follow. No black boxes.
Human always in the loop
No JAQL system takes an autonomous action on a high-stakes decision. The system flags; a qualified human decides.
Auditable end to end
Every inference is logged with a full audit trail, retained inside the client's own infrastructure and accessible to their governance team at any time.
Sovereign by default
Data never leaves the client's premises — cloud, on-premise, or air-gapped. Aligned to India's DPDPA, the Gulf's NESA and data-residency rules, the EU's GDPR.
Bias-monitored and reviewed
Continuous bias monitoring across demographic, cultural and linguistic dimensions; outputs reviewed against recognised AI-ethics principles (OECD AI Principles).
Every product carries a Security Assessment Report.
Unlike vendors who present a single security policy, each JAQL product carries its own Security Assessment Report (SAR) documenting its security posture, controls and risk profile. SARs are available to qualified government and defence evaluators under NDA as part of a tender response.
Where a SAR is still being finalised, it is explicitly labelled "SAR in progress" in the tender response — never implied otherwise.
Mapped to the frameworks your tender scores against.
Status is set conservatively. "In progress" reflects a credible, funded roadmap; it is never upgraded without evidence.
| Framework | Status | Note |
|---|---|---|
| DPDPA (India) | In place | Data residency and consent by design across deployments. |
| CERT-In reporting readiness | Aligned to | Incident-reporting playbooks and log retention follow CERT-In direction. |
| RBI / SEBI / IRDAI IT governance | Aligned to | Banking and insurance products architected to sectoral IT-governance controls. |
| NIST CSF & NIST PQC (FIPS 203 / 204 / 205) | Aligned to | Crypto-agility roadmap built on NIST-standardised PQ algorithms. |
| ISO/IEC 27001 | In progress | Information security management system implementation underway. |
| SOC 2 | In progress | Trust services criteria readiness underway. |
| GDPR (EU) | Aligned to | Lawful basis, DPIA support and data-subject rights handling. |
| Gulf: NESA / PDPL / data residency | Aligned to | Sovereign deployment for UAE and KSA engagements. |
| OECD AI Principles / Responsible AI | Aligned to | Transparency, accountability and human oversight built into product design. |
We protect the people who run the system, too.
JAQL's governance extends to the humans in the loop. Our cognitive-load monitoring — the StressTrace Heimdall model — watches for fatigue and overload in analysts, clinicians and operators (the human conditions that precede costly errors) and routes work intelligently to keep teams sharp. Governance that protects citizens and the staff who serve them.
Building a tender? Let's give your evaluators what they need.
Governance documentation, SARs under NDA, and framework mapping — provided as part of any government or defence engagement.