Compliance Engineering
Practical AI compliance for engineers and founders
For founders, compliance leads, and product teams who need a clear yes/no path before procurement, launch, or vendor approval.
Written by Michael K. Onyekwere, CIPP/E certified, 10+ years across Royal Bank of Scotland, Fidelity, TMF Group, UnitedHealth. What GDPR and the EU AI Act actually require, for people who build.
Free download
Get the AI API Compliance Checklist
OpenAI / Anthropic DPA setup, zero-retention config, and the documentation a procurement or DPIA review will ask for. Worked example included.
Built for engineers implementing AI and the founders or compliance leads responsible for signing it off.
- ·DPA setup steps for OpenAI and Anthropic API accounts
- ·Zero-retention configuration: when it applies, what it changes, how to evidence it
- ·Retention and logging questions to answer before launch
- ·Audit documentation pack a procurement reviewer will accept
Your email is used to deliver the PDF and (if you opt in) the newsletter. No spam. Privacy policy.
Services
What we build
Every system ships with compliance documentation. Not as an add-on, as part of the build.
AI Chatbots
Customer service bots that handle real queries, hand off to humans when needed, and process data lawfully. GDPR consent, transparency disclosures, audit logging built in.
From £3,000
Workflow Automation
Pipelines that replace manual work like data entry, document routing, and approval flows. Self-hosted, audit-logged, with data residency controls.
From £3,000
Document Processing
RAG systems, data extraction, intelligent search over your documents. Compliant data handling and retention policies from the start.
From £4,000
Process
How we work
From first conversation to deployed system, typically 3 weeks.
You tell us what you need
A conversation, not a pitch. We figure out what AI should do for your business and whether it makes sense.
We scope and quote
Fixed price. You know exactly what you're paying before anything starts. No hourly billing, no surprises.
We build it
Working system, tested, deployed on infrastructure you control. You see progress throughout, not just at the end.
We deliver the docs
DPIA, DPA review, privacy notices, AI Act classification. Everything a regulator would ask for, alongside the system.
Portfolio
What we've built
Working systems built by our team. Each one shipped with full compliance documentation.
AI Shield
Three-stage forensic pipeline for detecting AI-generated images, video, and audio. Processes biometric data under GDPR Article 9.
AgentScore
Real-time trust scoring platform for AI agents. Multi-source data aggregation with algorithmic transparency and cross-border compliance.
Credentials
CIPP/E
Certified
10+ Years
Financial Services
LLB · LLM
Legal Qualifications
RBS · Fidelity
Previous Roles
Sample Deliverables
See the work before you buy
Blog posts explain the ideas. These sample deliverables show what the work product actually looks like.
Most useful for GDPR + AI buyers
Sample DPIA structure for an AI chatbot
A redacted outline showing the sections, risk analysis, and controls we include in a real AI-system DPIA.
Quick proof of practical drafting
Sample privacy notice update
A before-and-after example showing how a privacy notice changes once an AI system is introduced.
Useful before hiring any AI vendor
AI vendor due diligence checklist
A practical checklist covering DPAs, retention, subprocessors, transfers, security, and exit risk.
Start with the scoping review.
The first step is a written review of your AI system, workflow, or planned build. You get clarity on scope, risk, and what the full work should cost.
Insights
Latest articles
Family Law
Cohabitation Rights for Unmarried Couples in the UK (2026): The Common Law Marriage Myth, What You Actually Have, and the Reform on the Table
Unmarried couples in England and Wales have no automatic rights over each other's property, pension, or inheritance, however long they live together. The current law under TOLATA and the 1975 Act, the June 2026 government consultation on reform, and how to protect yourself now.
8 min read
Immigration
Indefinite Leave to Remain (ILR) in the UK (2026): The Current 5-Year Rules, the 180-Day Absence Trap, and the Earned Settlement Reform
How indefinite leave to remain works in the UK as at June 2026. The current five-year qualifying period, the rolling 180-day absence limit that catches people out, the English and Life in the UK requirements, and the proposed earned settlement reform that may extend the standard period to ten years.
7 min read
Employment Law
Whistleblower Protection in the UK (2026): What PIDA Covers, How to Make a Protected Disclosure, and the Mistakes That Lose the Protection
How UK whistleblower protection works under the Public Interest Disclosure Act 1998 and Part IVA of the Employment Rights Act 1996. The qualifying-disclosure test, the public interest requirement, the disclosure channels, the uncapped compensation for whistleblowing dismissal, and the errors that forfeit protection.
8 min read
Questions
What does Janus Compliance actually do?
We build AI systems (chatbots, automation, document processing) and deliver the compliance documentation alongside them. DPIA, privacy notices, DPA review, AI Act classification. One team does both.
Do I need AI Act compliance?
If you deploy AI in the EU or UK, probably. The high-risk obligations kick in August 2, 2026. Most businesses using AI for customer-facing decisions need at minimum a risk classification and transparency disclosures.
How are you different?
Most consultancies advise. We build. You get a working system and the compliance documentation in one engagement, one invoice. No separate compliance workstream, no rework.
What regions do you work in?
United Kingdom and Ireland primarily. We also advise on NDPA compliance for businesses operating in Nigeria.
Ready when you are.
Start with a written scoping review. Reply within 48 hours.
Book the £500 scoping review