Questions teams ask before they install.

Regulus is the open-source EU + UK compliance plane for Google ADK (Agent Development Kit). It ships 8 ADK BasePlugin implementations, 6 service extensions, 10 regulation profiles (EU AI Act, GDPR, DORA, FCA SYSC, PRA SS1/23, NHS DSPT, and more), 6 governance frameworks (NIST AI RMF + ISO 42001 family), and 4 GRC adapters. It plugs into ADK's official extension SPI — it isn't a fork.

Regulus is built by Dipankar Sarkar (Neul Labs). First commit landed 2026-03-20, ten days before Google ADK Java 1.0 GA on 2026-03-30. v0.2.1 — the current shipping release — landed 2026-05-26.

Regulus is built against Google ADK's official extension contracts (BasePlugin, SessionService, MemoryService, ArtifactService, EventCompactor, ToolConfirmation). We don't claim Google endorses Regulus. We build to the documented SPI; the framework stays compatible when Google ships ADK 1.3 because we don't fork the runtime.

Ten regulation profiles ship in v0.2.1: EU AI Act, GDPR, UK GDPR, DORA, NIS2, FCA SYSC, PRA SS1/23, PRA SS2/21, NHS DSPT, and EHDS. Each profile composes into a single resolved policy at runtime — strictest retention wins, intersected residency, union of audit fields, strongest immutability.

Regulus delivers the runtime evidence the EU AI Act requires — Article 9 risk management, Article 10 data governance, Article 50 transparency artefacts — wired into the agent's decision plane. Whether your overall system is compliant depends on your governance documentation, your data flows outside the agent, and your incident-response process. Regulus closes the runtime gap; compliance is a property of the deployment.

Yes. The policy plugin enforces purpose limitation; the model-risk plugin gates which decisions an LLM agent is authorised to make end-to-end versus which require HITL. ADK's ToolConfirmation primitive is used for the HITL surface; Regulus extends it with typed metadata so the audit envelope captures the human reviewer's structured justification.

Both ship as profiles. SS1/23 tiering and ongoing-monitoring evidence flows through the model-risk plugin. Consumer Duty's outcomes-monitoring obligation maps to the audit chain — outcomes events tagged with the resolved consumer-segment and the Duty rule (PRIN 12.1–12.4) hit.

NHS DSPT's 10 National Data Guardian standards map to the privacy plugin (Standards 1, 6, 7, 8), the audit plugin (Standards 2, 3), and the residency plugin (Standards 4, 5). Evidence exports to the NHS DSPT submission format ship via the generic webhook adapter.

Guardrails libraries sit on the prompt/response boundary — string in, string out. Regulus plugs into ADK's plugin SPI, so it sees the full agent trajectory: BeforeAgentCallback, BeforeModelCallback, BeforeToolCallback, AfterToolCallback. That's where purpose limitation, fail-closed residency on memory and artifact services, and dual-control on high-risk tools actually live. Regulus also emits a hash-chained audit envelope mapped to specific regulation clauses and ships GRC adapters that route signed evidence to ServiceNow IRM / OneTrust / MetricStream — a guardrails layer doesn't carry that.

Yes. Regulus is Java 21+ targeting ADK Java 1.2. There's no Python or TypeScript port planned. The framework targets the JVM ecosystem regulated buyers already run.

Yes. The Spring Boot starter (regulus-ai-spring-boot-starter) is the easy path — drop the dependency in, every plugin is auto-wired from application.yaml. For non-Spring builds, the underlying plugin classes are pure Java and wire into ADK's App + Runner pattern directly.

Yes. RegulusVertexAiSessionService extends Google's VertexAiSessionService; RegulusGcsArtifactService extends GcsArtifactService. The adk deploy workflow with Regulus plugins is shipped as a worked example under examples/adk-vertex-agent-engine-deploy in the GitHub repo.

Yes, but on the legacy path. There's a retained regulus-ai-llm module that targets LangChain4j; it's classified as 'alternative runtime' and won't receive new plugin development. New work lands on ADK first. If you're on LangChain4j today, the plugins are functional but lag the ADK feature set.

Plugin callbacks run on the same JVM thread as the ADK runtime; overhead is microseconds per callback (the cost of a hash computation, a Principal lookup, and an audit-event emission). The hash-chain write is the dominant cost; on a local SSD it's <0.5ms per event. The dominant overall cost in an LLM agent remains the model inference, not Regulus.

24 months by default, per the strictest of the active regulation profiles. Override via application.yaml regulus.audit.retention-days. Compaction runs via RegulusRetentionEventCompactor; older events are sealed-and-compacted, not deleted.

No. Regulus doesn't collect data from you, doesn't phone home, doesn't ship telemetry. The CLI doesn't call back to a server on install. The framework doesn't send model invocations anywhere. Your audit logs stay where you write them.