AI Process Assurance compares the expected workflow with what actually happened - so regulated teams can govern, evidence and safely automate AI-assisted work. We do it for insurance, financial services and other regulated industries.
AI Process Assurance is Airclerk's approach to governing AI-assisted work: compare the path it was supposed to follow with the path it actually followed. Airclerk defines the expected path with a Workflow Charter, records what actually happened inside those instrumented workflows with a Semantic Audit, and shows the difference. The retained result is an AI Workpaper: a business-readable evidence record for every material decision.
The unit we assure is a material AI-assisted decision: a recommendation, action, communication, approval or outcome that a regulated team may later have to explain. The workpaper is the thing that explains it.
Platform logs, chat history and technical traces are useful, but they don't naturally produce a business-readable record of the work. Airclerk's answer is a retained AI Workpaper showing what happened, why it happened, what evidence supported it, what controls applied, and who approved the outcome.
When a regulator, auditor, insurer, board or dispute reviewer asks about an AI-assisted decision, these are the questions on the table. A workpaper answers all of them without anyone reconstructing the story after the fact.
These aren't hypothetical. Regulators in every market Airclerk serves have already put versions of them in writing.
Under CoFI, in force since 31 March 2025, a licensed institution's fair conduct programme must be in writing - effective policies, processes, systems and controls, with methods for regularly reviewing whether the programme is working. The Contracts of Insurance Act 2024 adds an implied term to pay claims within a reasonable time; commencement is by Order in Council, with a backstop of 15 November 2027.
CPS 230 has applied since 1 July 2025: controls must be monitored, reviewed and tested for design and operating effectiveness, with results reported to senior management. APRA's April 2026 letter to industry applies that framework directly to AI - it expects an inventory of AI use cases and continuous monitoring for control breakdowns.
Under the NAIC's model bulletin on insurers' use of AI - adopted in 24 states plus D.C. as at mid-2026 - an insurer in a market conduct exam can expect to be asked about its development, deployment and use of AI systems. NYDFS Circular Letter No. 7 (2024) tells insurers writing in New York to maintain comprehensive documentation of AI used in underwriting and pricing, available to the Department on request.
Deployers of high-risk AI systems must keep the automatically generated logs under their control for at least six months - longer where other law requires it (Article 26(6)), applying from 2 December 2027 under the 2026 Digital Omnibus. In insurance, high-risk means risk assessment and pricing of life and health cover for natural persons; consumer credit scoring is also captured.
Much of this is supervisory expectation rather than statute, the detail varies by jurisdiction and line of business, and none of it is legal advice. What the regimes share is the assumption underneath: when someone asks, you can show your controls operated. The workpaper is built to be that answer.
Two records, one comparison. A Workflow Charter says what should happen. A Semantic Audit records what did. The gap between them is where governance, compliance and operational control actually live.
The required stages, evidence, authority limits and approval gates for a repeatable process - plus the persistent memory that keeps an AI assistant on that path across sessions.
A business-readable record of what actually happened, captured as the assistant works: the steps taken, the evidence used, the decisions made and the approvals recorded.
When the actual path diverges from the charter - a required approval missing, evidence not attached, a step skipped, a gate bypassed - Airclerk flags an exception. That is the moment an audit trail becomes operational control.
Each module earns its place alone. Semantic Audit gives you retrospective evidence. Workflow Charter gives your AI durable process memory. Run together, they give regulated teams control over AI-assisted work.
Defines what should happen — and remembers it
Records what actually happened, in business language
The retained record you actually keep - and the thing you hand to a reviewer, an auditor or a regulator. Business-readable, not a technical log.
Comparing expected against actual turns a passive record into something that surfaces configured exceptions automatically.
Airclerk doesn't only keep the clean story. It preserves missing approvals, skipped steps, unmet criteria and unresolved evidence gaps, so a reviewer can see what actually happened and how it was resolved.
The charter required human sign-off before a client-facing communication. The audit shows none was recorded. Airclerk flags it.
A claim decision required a policy-wording citation. The decision was drafted without one. The gap is visible, not buried.
A required claims-history review never ran before the renewal recommendation. The workflow moved on anyway - and that shows.
Work transitioned past an approval gate despite unmet criteria. Where that's visible in the instrumented workflow, it's flagged as an exception on the workpaper.
A workpaper is only useful if the people who need it can read it without a data team. These are the readers it's written for.
A defensible record is one that's honest about its own edges. Here are ours.
What we record. The work that runs through Airclerk-connected workflows and tools, captured as the assistant works. Calls to Airclerk tools are recorded directly; other approved tool use is captured where it runs through the instrumented workflow, with reconciliation against platform traces where available.
What we don't claim. We don't pretend to capture work a person does entirely outside the workflow - copying an answer into a document and editing it by hand, or deliberately going around the rails. That's a control you own. Reconciliation against platform traces can narrow the gap over time.
Airclerk can be hosted by us with per-tenant isolation, or deployed single-tenant into your own Azure tenant on request. Raw workflow data and source documents can stay inside your environment; Airclerk holds the configured evidence record, workflow state and control comparison. Full security posture on the Trust page.
Source systems, documents, approvals and raw workflow data stay inside the environment your team already governs, where that's required.
Airclerk holds the Workflow Charter, the workflow state and the expected-vs-actual comparison.
The AI Workpaper gives a reviewer a retained, business-readable record of the decision.
Airclerk doesn't decide compliance, liability or suitability. People do. The workpaper is what they read to decide.
The clearest place the value shows up first: commercial insurance renewals, run by AI agents and evidenced end to end. The renewal's charter defines the path; Semantic Audit records what happened; the workpaper is the retained record available for audit.
You don't need a defined process to begin. Most teams don't have one — their people are already using AI ad-hoc, and that's where the exposure hides. You can't govern what you can't see, so you start by seeing it.
Find where ad-hoc AI is already influencing regulated decisions, handoffs and client outcomes — and rank the patterns that deserve evidence capture or formal governance first.
Retained, business-readable AI Workpapers for the material uses you designate. Enough to evidence what happened, though not to certify the work followed an approved path. No Workflow Charter required — Semantic Audit stands alone here.
For the recurring, material workflows you found, define the expected path — and the exception comparison switches on. This is the one tier that needs a Workflow Charter.
Most firms start with an AI Evidence Readiness Assessment: a fixed-scope look at your real AI use that maps the work, produces sample workpapers, and recommends the first workflows worth governing. Talk to us about one →
We start narrow: take one high-value workflow and make it a governed, evidenced workflow you can defend.
Two weeks. We confirm scope, map your systems, define the charter and controls, and produce a board-ready implementation plan for the first workflow.
We charter the workflow, instrument the Semantic Audit, wire approvals and evidence, and stand up the workpaper - connected to your systems and your Claude environment.
Turn on the control comparison: missing steps, missing approvals and unmet criteria surface as exceptions, and every run leaves a retained workpaper.
A way of governing AI-assisted work by comparing the path it was supposed to follow with the path it actually followed. Airclerk defines the expected path (Workflow Charter), records what actually happened (Semantic Audit), and shows the difference - producing a retained, business-readable AI Workpaper for every material decision.
Most AI governance and model-risk tooling works before deployment - is the model safe, fair, accurate. AI Process Assurance works at runtime and after the fact: did the actual work follow the required path, with the right evidence and approvals. It's operational control, not pre-deployment testing.
Yes. Semantic Audit stands alone as a retained evidence trail; Workflow Charter stands alone as durable process memory and guidance for your AI. The control comparison - expected vs actual - is what you get when you run both.
Airclerk records the work that runs through its instrumented workflows and tools, as the assistant works. It does not claim to capture work a person does entirely outside those workflows, such as copying an answer into a document and editing it by hand. That boundary is deliberate; deliberate human circumvention is a customer-side control, not something Airclerk pretends to catch.
Claude-first, platform-aware. Airclerk works as a sibling MCP alongside your other connectors, so the AI client decides which tools to call and Airclerk records the evidence, state and control around them. The evidence layer is independent of any single AI platform.
Hosted by Airclerk with per-tenant isolation, or single-tenant in your own Azure tenant on request. Raw workflow data and source documents can remain inside your environment. See the Trust page for the full security posture.
If you're putting AI to work on material decisions and the evidence has become the limiting factor, this is the conversation.