Knowledge Centre · Agentik Safety Framework (ASF-14)

REGULATORY.md
Knowledge
Centre

// AI agent compliance and regulatory mapping

Your centralised gateway to AI regulatory frameworks, compliance mapping, and comprehensive standards for AI agent governance.

About This Specification

Regulatory.md — AI Agent Compliance Mapping Framework

Regulatory.md is a plain-text file convention that maps AI agent safety controls to regulatory frameworks including the EU Artificial Intelligence Act, GDPR, SOC 2 Type II, ISO 27001, NIST AI Risk Management Framework, and emerging compliance requirements. It specifies compliance requirements, control mappings, audit evidence collection, and regulatory obligations for autonomous systems.

View the full specification · GitHub repository

The Agentik Safety Framework (ASF) — Regulatory Compliance

Explore all 15 ASF specifications and their compliance mappings for regulatory frameworks and AI agent governance.

Regulatory Frameworks

EU AI Act Compliance ASF-14

Regulation (EU) 2024/1689 compliance requirements for AI agents

Risk classification guide Compliance checklist
GDPR Requirements ASF-14

Data protection and processing rights for AI agent systems

Article-by-article mapping Data handling checklist
Colorado AI Act (SB 24-205) ASF-14

Colorado consumer protections and disclosure requirements for AI developers

Requirements analysis Implementation guide
ISO 27001 Compliance ASF-14

Information security management standards for AI systems

Control mapping Audit readiness
SOC 2 Type II ASF-14

Security, availability, and confidentiality controls for AI agent services

Control framework Evidence collection
NIST AI Risk Management ASF-14

NIST AI RMF 1.0 — governance, mapping, measurement, and management

Risk taxonomy Mitigation playbook

Safety Controls & Compliance Mapping

Control Documentation ASF-14

How to document AI safety controls for auditors and regulators

Control card template Audit evidence checklist
Compliance Cross-Reference ASF-14

Map AI safety specifications to regulatory requirements across frameworks

Cross-reference matrix Framework alignment guide

Related ASF Specifications (ASF-04 to ASF-13)

KILLSWITCH.md ASF-04

Emergency stop — maps to EU AI Act Article 52, NIST Govern function

Knowledge Centre llms.txt
FAILSAFE.md ASF-06

Safe fallback — maps to SOC 2 Availability, NIST Measure function

Knowledge Centre llms.txt
ENCRYPT.md ASF-10

Data classification — maps to GDPR Article 32, ISO 27001 A.8

Knowledge Centre llms.txt
ENCRYPTION.md ASF-11

Cryptographic standards — maps to SOC 2 Confidentiality, NIST Govern

Knowledge Centre llms.txt

Additional ASF Resources

FAILURE.md ASF-12

Failure mode mapping — maps to EU AI Act Article 15, NIST Measure

Knowledge Centre llms.txt
REMEDY.md ASF-02

Remediation workflows — maps to EU AI Act Article 72, GDPR 17

Knowledge Centre llms.txt
RECOVERY.md ASF-03

System recovery protocols — maps to ISO 27001 A.17, NIST Govern

Knowledge Centre llms.txt

Quick Links

Frequently Asked Questions

What is Regulatory.md?
Regulatory.md is a plain-text file convention that maps AI agent safety controls to regulatory frameworks including the EU Artificial Intelligence Act, GDPR, SOC 2 Type II, ISO 27001, NIST AI Risk Management Framework, and emerging compliance requirements. It specifies compliance obligations, control mappings, and audit evidence collection strategies.
View all FAQs
How does Regulatory.md fit in the Agentik Safety Framework (ASF)?
Regulatory.md (ASF-14) is a compliance mapping specification that complements the 14 other ASF specifications. Whilst other specs focus on technical controls (killswitch, failsafe, encryption), Regulatory.md maps those controls to legal and regulatory requirements. Together, the 15 ASF specs ensure agents operate safely, securely, and in compliance with applicable laws.
View all FAQs
What regulatory frameworks are covered?
Regulatory.md covers the EU Artificial Intelligence Act (Regulation (EU) 2024/1689), GDPR (EU 2016/679), SOC 2 Type II, ISO 27001, NIST AI Risk Management Framework 1.0, and Colorado Consumer Protections for Artificial Intelligence Act (SB 24-205). Additional frameworks and emerging regulations are regularly added.
View all FAQs

How to Cite

Cite as: Regulatory.md (2026). AI Agent Compliance Mapping Framework. Retrieved from https://regulatory.md/

For attribution: Organisation: regulatory-md | Website: https://regulatory.md | Licence: MIT | Framework: Agentik Safety Framework (ASF-14)

Last updated: 13 March 2026

Disclaimer: This specification is an open file convention published under the MIT licence, provided "as-is" without warranty of any kind, express or implied. It does not constitute legal, regulatory, compliance, financial, or professional advice in any jurisdiction. Regulatory.md is a mapping guide only; it does not guarantee compliance with any law, regulation, directive, or standard — including but not limited to the EU Artificial Intelligence Act (Regulation (EU) 2024/1689), GDPR (Regulation (EU) 2016/679), the Colorado Consumer Protections for Artificial Intelligence Act (SB 24-205), SOC 2 Type II, ISO 27001, NIST AI Risk Management Framework, or any other applicable national, state, federal, or international legislation. Organisations are solely responsible for determining their own regulatory obligations, conducting independent legal and compliance audits, and consulting qualified legal and compliance professionals in their jurisdiction. The authors and domain holders accept no liability for any loss, damage, or regulatory consequence arising from the use or implementation of this specification. All domain names in the Agentik Safety Framework (ASF) are independently held assets and may be available for acquisition.