AI Governance · Audit Readiness · 5 Jurisdictions

Govern your AI
before they ask.

Compass maps your AI systems against RBI, DPDP, MAS FEAT, SR 11-7, FCA and the EU AI Act - and hands you a board-ready gap analysis with a 90-day remediation roadmap. In 30 minutes, not 3 months.

Start free assessmentTalk to us

Not ready to start? View a sample report →

Free maturity scorecard · No account required · Full report $199

🇮🇳

India

RBI MRM · DPDP Act · IRDAI

🇸🇬

Singapore

MAS FEAT · PDPA

🇺🇸

United States

SR 11-7 · CFPB · FCRA · CCPA

🇬🇧

United Kingdom

FCA SS1/23 · UK GDPR

🇪🇺

European Union

EU AI Act · GDPR · EBA

The problem

Every regulator now asks the same five questions.

RBI requires model inventories and independent validation. The EU AI Act demands risk classification and human oversight. MAS expects fairness metrics. The CFPB wants adverse-action explanations. The FCA wants senior-manager accountability.

Different regulators, same underlying expectations - and most organisations discover their gaps only when an examiner is already in the room. Compass tells you first.

01

Can you produce a complete inventory of every AI model in production - today?

02

Can you explain any individual AI decision to a regulator or affected customer?

03

Has your training data been tested for bias against protected groups?

04

Who is accountable, by name, when an AI system causes harm?

05

Do you have a tested incident response plan for AI failures?

Methodology

Assessment-grade rigour.
Software-grade speed.

The same structure a Big-4 readiness review follows - domain-by-domain evaluation against actual regulatory text - executed by a multi-agent AI pipeline in minutes.

01

Structured assessment

30 questions across five governance domains - inventory, model governance, data & privacy, fairness, and operational controls. Each maps to specific regulatory clauses. ~25 minutes.

02

Multi-agent analysis

Five specialist AI assessors evaluate each domain in parallel against the jurisdictions you select, citing exact clauses. A remediation planner sequences every gap by severity and effort.

03

Board-ready report

Maturity scoring per domain, a prioritised gap register with regulatory citations, a 90-day remediation roadmap, and a PDF your board and your regulator can both read.

The Compass maturity model

Five levels. One honest answer.

Each governance domain is scored on a five-level maturity scale adapted from supervisory expectations across all covered jurisdictions. You see exactly where you stand - and what moving up one level requires.

1Ad hoc

AI is deployed with no formal oversight. Knowledge lives in people’s heads.

2Developing

Policies exist on paper, but practice is inconsistent and undocumented.

3Defined

Governance processes are documented and followed for new systems.

4Managed

Controls are measured. Inventory, validation, and monitoring are routine.

5Optimised

Governance is a competitive advantage - audit-ready on any given day.

Regulatory coverage

One assessment. Every jurisdiction you operate in.

🇮🇳

India

  • ·RBI Model Risk Management Directions
  • ·Digital Personal Data Protection Act 2023
  • ·IRDAI guidance for insurers
🇸🇬

Singapore

  • ·MAS FEAT Principles
  • ·Personal Data Protection Act
  • ·MAS Technology Risk Management Guidelines
🇺🇸

United States

  • ·Federal Reserve SR 11-7 model risk guidance
  • ·CFPB adverse action & UDAAP requirements
  • ·FCRA & CCPA obligations
🇬🇧

United Kingdom

  • ·FCA SS1/23 model risk principles
  • ·UK GDPR & automated decision-making rights
  • ·Senior Managers & Certification Regime
🇪🇺

European Union

  • ·EU AI Act risk classification & obligations
  • ·GDPR Article 22 automated decisions
  • ·EBA guidelines on loan origination
🧭

Cross-cutting

  • ·NIST AI Risk Management Framework alignment
  • ·ISO/IEC 42001 readiness signals
  • ·Board reporting & accountability structures

Pricing

Start free. Pay only for depth.

Maturity Scorecard

Free

  • Full 30-question assessment
  • Overall risk rating & score
  • Maturity level per governance domain
  • Executive summary
  • Identified strengths
Start assessment

Full Audit Report

$199

one-time · per assessment

  • Everything in the free scorecard
  • Complete gap register with severity ratings
  • Clause-level regulatory citations per gap
  • 90-day remediation roadmap, sequenced by effort
  • Board-ready PDF report
  • 30-minute walkthrough call with Dendrons
Start with the free assessment

Questions, answered.

Who is this for?

Risk, compliance, data science, and technology leaders at regulated organisations - banks, NBFCs, insurers, fintechs, healthtech, and public sector - anywhere AI decisions touch customers.

How is the analysis produced?

A multi-agent AI pipeline evaluates your responses against the actual regulatory texts of the jurisdictions you select. Every finding carries the specific clause it derives from. It is advisory - a fast, structured first pass, not a legal opinion.

Is my data safe?

Your responses are used only to generate your report. No account is required, nothing is shared, and you can request deletion at any time.

What does the free tier include?

The full assessment, your overall risk rating, maturity scores per domain, and the executive summary. The detailed gap register, citations, and 90-day roadmap are in the full report.

The Compass Suite

Four assessments. One question: are you ready?

GovernReady is one of four Compass assessments. Most organisations start with AIReady, go deep on data with DataReady, prove compliance with GovernReady, and then stay compliant with StayReady - but each stands alone.

Step 1 · Strategy

Compass AIReady

Is your organisation ready for AI at all? Five domains, data weighted heaviest, a 90-day plan. For CEOs and CTOs.

aiready.dendrons.ai →

Step 2 · Data

Compass DataReady

Is your data actually fit for AI? Five dimensions across quality, infrastructure, governance, security, and ML readiness. For CDOs.

dataready.dendrons.ai →

Step 3 · Compliance

Compass GovernReady

Can you prove your AI is governed? Clause-level gap analysis across five jurisdictions. You are here.

This product

Step 4 · Monitoring

Compass StayReady

Governance does not end at the audit. Continuous drift detection, regulatory change alerts, and targeted re-assessments before regulators act.

Learn more →

Step 4 · After the audit

Passing the audit is not the finish line.

GovernReady tells you where you stand today. Compass StayReady makes sure you still stand there next quarter — with continuous drift detection, live regulatory change alerts, and targeted re-assessments before the regulator comes knocking. Immutable audit trail included.

Explore StayReady →

Thirty minutes from now, you'll know.

Where you stand, what the gaps are, and what to fix first.

Start free assessment