# Regulus > Regulus is the open-source EU + UK compliance plane for Google ADK. 8 BasePlugin controls, 6 service extensions, 10 regulation profiles, 6 governance frameworks, 4 GRC adapters — drop into Vertex AI Agent Engine in 60 seconds. Java 21, ADK 1.2, MIT. Regulus is open source (MIT). The framework is on GitHub at https://github.com/neul-labs/regulus. Technical reference documentation is hosted separately at https://docs.neullabs.com. Maven Central namespace: com.neullabs. Current shipping version: v0.2.1 (2026-05-26). ## Marketing pages - [Home](https://regulus.neullabs.com/): Hero, pillars, audience cards, FAQ - [Why Regulus exists](https://regulus.neullabs.com/why): The compliance plane Google ADK doesn't ship - [Show me — the diff](https://regulus.neullabs.com/show-me): Side-by-side ADK vs ADK + Regulus - [How it works](https://regulus.neullabs.com/how-it-works): Architecture, plugin SPI, service extensions, GRC - [Install paths](https://regulus.neullabs.com/install): CLI, Maven, Gradle plugin - [Pricing](https://regulus.neullabs.com/pricing): MIT, free, no seat licensing - [Security architecture](https://regulus.neullabs.com/security): Principal, IdentityAdapter, RFC 9421 A2A - [Coverage matrix](https://regulus.neullabs.com/coverage): Interactive regulations × plugins matrix - [For platform engineers](https://regulus.neullabs.com/for-platform-engineers): GCP director audience - [For AI governance leads](https://regulus.neullabs.com/for-ai-governance): EU AI gov lead audience - [For MRM / SS1/23](https://regulus.neullabs.com/for-mrm-validators): UK model risk audience - [For solution architects](https://regulus.neullabs.com/for-architects): Architecture audience - [FAQ](https://regulus.neullabs.com/faq): Organised by topic: About, Compliance, Architecture, Performance - [About](https://regulus.neullabs.com/about): Project, maintainer, organisation - [Contact](https://regulus.neullabs.com/contact): Email, GitHub Discussions, LinkedIn - [Blog index](https://regulus.neullabs.com/blog): Long-form articles, RSS at /rss.xml ## Regulation profiles - [DORA](https://regulus.neullabs.com/regulations/dora): EU financial-services operational resilience regulation. ICT third-party LLM providers and agent runtimes are in scope; the agent itself is an ICT system. - [EHDS](https://regulus.neullabs.com/regulations/ehds): EU horizontal regulation on primary and secondary use of electronic health data. Agent workflows on EHR data are constrained by purpose tagging and cross-border residency. - [EU AI Act](https://regulus.neullabs.com/regulations/eu-ai-act): EU-wide horizontal regulation classifying AI systems by risk; agentic LLM workflows for credit, employment, public services, healthcare typically land in 'high-risk' Annex III. - [FCA SYSC](https://regulus.neullabs.com/regulations/fca-sysc): UK FCA Handbook on senior-management arrangements + Consumer Duty's good-outcomes obligation now binds AI-driven decisions for retail customers. - [GDPR](https://regulus.neullabs.com/regulations/gdpr): EU personal-data regulation. For agentic AI, the binding Articles are 5(1)(b) purpose limitation, 6 lawful basis, 22 automated decisioning, and 32 security of processing. - [NHS DSPT](https://regulus.neullabs.com/regulations/nhs-dspt): Mandatory annual self-assessment for any organisation accessing NHS patient data. Covers the 10 National Data Guardian standards for data security. - [NIS2](https://regulus.neullabs.com/regulations/nis2): EU cybersecurity directive expanding scope to essential and important entities. Many AI-driven platforms in critical sectors now fall in scope. - [PRA SS1/23](https://regulus.neullabs.com/regulations/pra-ss1-23): PRA model-risk-management principles for UK PRA-regulated banks and PRA-designated insurers. Explicitly covers AI/ML models, including LLM-powered agents. - [PRA SS2/21](https://regulus.neullabs.com/regulations/pra-ss2-21): PRA third-party risk-management expectations. LLM providers and agent runtimes are third parties under SS2/21; concentration risk is explicit. - [UK GDPR](https://regulus.neullabs.com/regulations/uk-gdpr): Post-Brexit UK domestic equivalent of EU GDPR. Same shape with the Information Commissioner's Office (ICO) as supervisor and notable divergences on adequacy decisions and the age of consent. ## ADK plugins - [Audit plugin](https://regulus.neullabs.com/plugins/audit): Append-only audit event emission with SHA-256 hash chaining, 24-month retention by default, and offline verification via the regulus audit verify CLI. The substrate every other plugin writes through. - [Data residency plugin](https://regulus.neullabs.com/plugins/data-residency): Fail-closed residency on memory and artifact writes. Checks the resolved region against the active profile's allowed set. Cross-border writes are denied, not silently dropped. - [Governance evidence plugin](https://regulus.neullabs.com/plugins/governance-evidence): Routes signed evidence envelopes to ServiceNow IRM, OneTrust AI Governance, MetricStream, or a generic HMAC-signed webhook. Framework citations and regulation clause references attach automatically. - [Kill switch plugin](https://regulus.neullabs.com/plugins/kill-switch): Identity-backed dual-control kill switch. Two authorised Principals must invoke the switch to collapse an agent's tool surface. Fail-closed afterwards; engagement events feed the audit chain. - [Model risk plugin](https://regulus.neullabs.com/plugins/model-risk): Tier-aware gating that enforces SS1/23 and ISO 42001 model classification rules. Ties each model invocation to a registered model ID, tier, and validation evidence pointer. Required for UK MRM teams. - [Policy plugin](https://regulus.neullabs.com/plugins/policy): Pre-tool-call policy evaluation. Decisions are fail-closed and emit a structured audit event with the matched policy clause text quoted verbatim. - [Privacy plugin](https://regulus.neullabs.com/plugins/privacy): PII redaction on inbound prompts and outbound responses, plus re-redaction on memory writes. Patterns are configurable per jurisdiction. Defaults align with GDPR and UK GDPR purpose limitations. - [Identity expiry guard](https://regulus.neullabs.com/plugins/identity-expiry-guard): Short-lived-token enforcement. Rejects tool calls whose Principal's credentials have expired and emits a structured rejection event with the cause. Crucial when agents run hours-long jobs. ## Governance frameworks - [ISO/IEC 23053:2022](https://regulus.neullabs.com/frameworks/iso-23053): Framework for AI systems using ML. Terminology + lifecycle. The conceptual model behind Regulus's model-risk taxonomy. - [ISO/IEC 23894:2023](https://regulus.neullabs.com/frameworks/iso-23894): AI risk management guidance from ISO. Companion to the general ISO 31000 risk-management standard, applied to the AI lifecycle. - [ISO/IEC 42001:2023](https://regulus.neullabs.com/frameworks/iso-42001): Certifiable AI management-system standard. Clauses 4–10 plus Annex A controls. Regulus ships a Statement of Applicability generator. - [NIST AI RMF 600-1 GenAI Profile](https://regulus.neullabs.com/frameworks/nist-ai-rmf-600-1): NIST's Generative AI Profile — twelve GenAI-specific risks (hallucination, prompt injection, data leakage, value-chain risk) on top of the AI RMF. - [NIST AI RMF Agent Interop Profile](https://regulus.neullabs.com/frameworks/nist-ai-rmf-agent-interop): NIST's draft profile for agent interoperability — provisional in Regulus, expected to GA Q4 2026 once NIST publishes the final concept IDs. - [NIST AI RMF 1.0](https://regulus.neullabs.com/frameworks/nist-ai-rmf): Voluntary AI governance framework from NIST. GOVERN, MAP, MEASURE, MANAGE — four functions that organise the controls an AI-using organisation should ship. ## Comparisons - [vs Guardrails libraries](https://regulus.neullabs.com/compare/guardrails): Guardrails libraries operate on the prompt/response boundary. Regulus operates on the full agent trajectory — purpose limitation, residency, dual-control, audit envelopes. - [vs LangChain alone](https://regulus.neullabs.com/compare/langchain): LangChain is an agent-building toolkit. Regulus is a compliance plane targeting Google ADK as primary runtime. An alt-runtime module wraps LangChain4j; new work lands on ADK first. - [vs Vertex AI alone](https://regulus.neullabs.com/compare/vertex-ai): Vertex AI is the runtime. Org Policy + VPC-SC + Assured Workloads handle the data plane. The agent's decision plane — purpose limitation, audit, kill switch — is the layer Regulus fills. - [vs Building in-house](https://regulus.neullabs.com/compare/build-in-house): Every regulated team has built at least the audit-log and kill-switch pieces themselves. Here's where the gaps usually show up after 6–12 months, and where Regulus differs. ## Articles - [Annex III high-risk: five questions that decide whether your agent is in scope](https://regulus.neullabs.com/blog/annex-iii-high-risk-classification-five-questions): Most agentic AI workflows in production end up high-risk under Annex III. Here are the five concrete questions to ask of your agent — answer yes to any, and the EU AI Act's Article 9 obligations bind. - [FCA Consumer Duty (GC23/2) outcomes monitoring for AI-driven decisioning](https://regulus.neullabs.com/blog/fca-consumer-duty-outcomes-monitoring-for-ai-decisioning): Consumer Duty PRIN 12 demands outcomes monitoring on a cross-cutting basis. For AI agents making retail-customer decisions, this means runtime evidence tagged to the four Duty outcomes. - [GDPR Article 5(1)(b) purpose limitation in agentic AI: from PDF to runtime](https://regulus.neullabs.com/blog/gdpr-article-5-purpose-limitation-from-pdf-to-runtime): GDPR purpose limitation is a runtime check, not a contract clause. Here's how to enforce it at the agent's tool dispatch with a Principal claim and a BeforeToolCallback decision. - [EU AI Act Article 9 in code: how to evidence risk management for ADK agents](https://regulus.neullabs.com/blog/eu-ai-act-article-9-evidence-for-adk-agents): Article 9 risk management isn't a PDF — it's a continuous runtime obligation. Here's how to evidence it for a Google ADK agent, mapped to specific BasePlugin callbacks and audit envelope fields. - [GPAI Code of Practice (2 August 2026): what enforcement actually looks like](https://regulus.neullabs.com/blog/gpai-code-of-practice-2-august-2026): The GPAI Code of Practice deadline is 2 August 2026. From that date the AI Office can request evidence from any GPAI-derived agent in the EU. What that means in practice for deployers building on ADK. - [Google ADK plugin SPI deep-dive: BeforeAgentCallback to AfterToolCallback](https://regulus.neullabs.com/blog/google-adk-plugin-spi-deep-dive): Walking through Google ADK's plugin SPI from BeforeAgentCallback through AfterToolCallback with worked examples. Where to attach policy, where to attach privacy, where to attach the audit envelope. - [Hash-chained audit trails for ADK agents: SHA-256 + RFC 9421 in ~200 lines of Java](https://regulus.neullabs.com/blog/hash-chained-audit-trails-for-adk-agents): How to build a tamper-evident audit chain for an ADK agent. SHA-256 over the previous event's hash, offline verification, retention policies. Plus where RFC 9421 fits for cross-org agent calls. - [Is your LLM agent a 'model' under PRA SS1/23? The five tests that decide it](https://regulus.neullabs.com/blog/is-your-llm-agent-a-model-under-pra-ss1-23): PRA SS1/23's Principle 1 defines a model in broad terms. Five concrete tests applied to a typical LLM-powered agent — the answer is yes in every case. What that means operationally. - [NHS DSPT + agentic AI: mapping the 10 data security standards to runtime controls](https://regulus.neullabs.com/blog/nhs-dspt-and-agentic-ai-10-standards-to-runtime-controls): The NHS DSPT's 10 standards are the gating compliance asset for AI in NHS settings. Here's the runtime-controls map — which Regulus plugin delivers evidence for each NDG standard. - [Vertex AI Agent Engine compliance gaps and how to close them without forking the runtime](https://regulus.neullabs.com/blog/vertex-ai-agent-engine-compliance-gaps): Vertex AI is the runtime; Org Policy + VPC-SC + Assured Workloads is the data plane. The agent's decision plane has no default story. Where the gaps are and how to close them via the ADK plugin SPI. ## Reference (external) - Source code: https://github.com/neul-labs/regulus - Technical docs: https://docs.neullabs.com - Maven Central: https://central.sonatype.com/namespace/com.neullabs - Gradle Plugin Portal: https://plugins.gradle.org/plugin/com.neullabs.compliance - Install one-liner: https://raw.githubusercontent.com/neul-labs/regulus/main/install.sh - RSS feed: https://regulus.neullabs.com/rss.xml - llms-full.txt: https://regulus.neullabs.com/llms-full.txt - Sitemap: https://regulus.neullabs.com/sitemap-index.xml