Compliance Engineering

Practical AI compliance for engineers and founders

The weekly newsletter from Michael K. Onyekwere, CIPP/E certified, 10+ years across Royal Bank of Scotland, Fidelity, TMF Group, UnitedHealth. What GDPR and the EU AI Act actually require, written for people who build.

Compliance Engineering

Practical AI compliance for engineers and founders. Weekly. By Michael K. Onyekwere.

Free. Unsubscribe anytime. No spam.

Need a compliance review? £500 scoping review →See sample deliverables →
Built withClaudeGPT-4LangChainPythonNext.jsSupabaseAWS

Services

What we build

Every system ships with compliance documentation. Not as an add-on, as part of the build.

AI Chatbots

Customer service bots that handle real queries, hand off to humans when needed, and process data lawfully. GDPR consent, transparency disclosures, audit logging built in.

From £3,000

Workflow Automation

Pipelines that replace manual work like data entry, document routing, and approval flows. Self-hosted, audit-logged, with data residency controls.

From £3,000

Document Processing

RAG systems, data extraction, intelligent search over your documents. Compliant data handling and retention policies from the start.

From £4,000

View all services →

Process

How we work

From first conversation to deployed system, typically 3 weeks.

01

You tell us what you need

A conversation, not a pitch. We figure out what AI should do for your business and whether it makes sense.

02

We scope and quote

Fixed price. You know exactly what you're paying before anything starts. No hourly billing, no surprises.

03

We build it

Working system, tested, deployed on infrastructure you control. You see progress throughout, not just at the end.

04

We deliver the docs

DPIA, DPA review, privacy notices, AI Act classification. Everything a regulator would ask for, alongside the system.

Portfolio

What we've built

Working systems built by our team. Each one shipped with full compliance documentation.

AI Shield deepfake detection dashboard

AI Shield

Three-stage forensic pipeline for detecting AI-generated images, video, and audio. Processes biometric data under GDPR Article 9.

GDPR Article 9DPIABiometric Data
AgentScore trust scoring dashboard

AgentScore

Real-time trust scoring platform for AI agents. Multi-source data aggregation with algorithmic transparency and cross-border compliance.

Data AggregationTransparencyCross-Border

Credentials

CIPP/E

Certified

10+ Years

Financial Services

LLB · LLM

Legal Qualifications

RBS · Fidelity

Previous Roles

Sample Deliverables

See the work before you buy

Blog posts explain the ideas. These sample deliverables show what the work product actually looks like.

Most useful for GDPR + AI buyers

Sample DPIA structure for an AI chatbot

A redacted outline showing the sections, risk analysis, and controls we include in a real AI-system DPIA.

View sampleDownload PDF

Quick proof of practical drafting

Sample privacy notice update

A before-and-after example showing how a privacy notice changes once an AI system is introduced.

View sampleDownload PDF

Useful before hiring any AI vendor

AI vendor due diligence checklist

A practical checklist covering DPAs, retention, subprocessors, transfers, security, and exit risk.

View sampleDownload PDF
Start with a £500 scoping review

Start with the scoping review.

The first step is a written review of your AI system, workflow, or planned build. You get clarity on scope, risk, and what the full work should cost.

Book the £500 scoping reviewSee sample deliverables

Insights

Latest articles

GDPR

GDPR-Compliant ChatGPT API: The 2026 Setup Guide for Engineers

The actual click path for signing the OpenAI DPA, enabling zero retention, building the PII filter, writing the DPIA, and getting AI Act-ready before August 2. Practitioner-grade, with code.

13 min read

GDPR

DPIA Ireland: Do You Need One for Your AI System?

If you deploy AI in Ireland, you almost certainly need a DPIA under GDPR. What the DPC expects, what triggers the requirement, and how to do one that actually holds up.

6 min read

GDPR

GDPR Compliance Ireland: What AI Businesses Need to Know

GDPR compliance for Irish businesses using AI. What the DPC expects, how GDPR interacts with the EU AI Act, and practical steps for SMEs deploying chatbots, automation, and data processing.

5 min read

View all articles →

Questions

What does Janus Compliance actually do?

We build AI systems (chatbots, automation, document processing) and deliver the compliance documentation alongside them. DPIA, privacy notices, DPA review, AI Act classification. One team does both.

Do I need AI Act compliance?

If you deploy AI in the EU or UK, probably. The high-risk obligations kick in August 2, 2026. Most businesses using AI for customer-facing decisions need at minimum a risk classification and transparency disclosures.

How are you different?

Most consultancies advise. We build. You get a working system and the compliance documentation in one engagement, one invoice. No separate compliance workstream, no rework.

What regions do you work in?

United Kingdom and Ireland primarily. We also advise on NDPA compliance for businesses operating in Nigeria.

Ready when you are.

Start with a written scoping review. Reply within 48 hours.

Book the £500 scoping review