Skip to contentSkip to content
Operational AI

19 AI Engines. Operational Intelligence.

Every AI engine is embedded in workflows — analysing evidence, generating policies, scoring risk, detecting phishing patterns, and recommending remediations. Not isolated chat features.

13
Direct Engines
5
Named Agents
1
Orchestrator
16
Deterministic Modules

AI Engine Distribution

19 AI engines + 16 deterministic modules = 35 intelligence services

How engines work together

Signal Sources

Evidence uploads, scans, integrations, user actions

Engine Analysis

AI processes signals — classifies, scores, and maps to controls

Output Decision

Recommendations, narratives, risk scores, fix plans generated

Workflow Action

Alerts fired, reports written, queues updated, agents dispatched

13 Direct AI Engines

Embedded directly in platform workflows. Each engine fires on specific events — uploads, submissions, findings, and requests.

FloConversational Intelligence

AI-powered compliance assistant with streaming responses, RAG knowledge retrieval, and tool use that queries live platform data.

StreamingRAGTool Use

FloAvaContextual Guidance

Embedded in every assessment. Contextual requirement explanations, evidence suggestions, and guided mode for junior QSAs.

Assessment-EmbeddedContextual

Policy CopilotDocumentation AI

5-step wizard generates PCI-mapped security policies. AI classification, clause generation, DOCX & PDF export.

GenerationExportMapping

Evidence IntelligenceDocument AI

Auto-analyses every uploaded document. AI Vision for screenshots, sensitive data detection, requirement mapping, gap analysis.

Vision AIAuto-AnalyseGap Detection

Remediation AIFix Intelligence

AI-generated fix plans with effort estimates, SLA management, 3-level escalation engine, and compensating control suggestions.

Fix PlansSLAEscalation

Architecture AIEnvironment Intelligence

Natural language to network diagrams. CDE scope assessment, segmentation risk detection, change impact analysis.

Diagram GenerationRisk Detection

Human Risk AIPeople Intelligence

4-factor risk scoring combining training, phishing, policy, and behaviour. Predictive trajectories, real-time recalculation.

Risk ScoringPredictiveReal-Time

Phishing AICampaign Intelligence

Generates realistic phishing scenarios by objective, difficulty, and tone. CEO fraud, credential harvest, invoice scams. Auto-remediation on click-through.

Scenario GenerationAuto-Remediation

Lead MatchingQSA Marketplace

Deterministic scoring algorithm with AI-generated match reasoning. Connects merchants with the right QSA based on industry, scope, and location.

ScoringAI Matching

Document ExtractorIntake Intelligence

Upload existing ROC or SAQ reports. AI extracts fields and pre-populates 260 assessment responses automatically.

ExtractionPre-populate

Executive NarrativeBoard Reporting

Generates board-ready compliance reports from deterministic signals with AI-polished wording. Signal-hash cached for consistency.

Board ReportsSignal-Based

AI CopilotRequirement Insights

Per-requirement compliance insights combining deterministic signals with AI-generated prose. Cached by signal hash.

Per-RequirementCached

AI Support TriageTicket Intelligence

Classifies support tickets by category, generates suggested responses, checks escalation thresholds, serves AI suggestions to agents.

ClassificationAuto-Response

Coverage by Workflow Area

AI engines are distributed across all five core compliance workflow areas — ensuring no gap in the compliance lifecycle goes unassisted.

Assessment & Compliance5 engines
Evidence & Documents3 engines
Training & People3 engines
Risk & Governance4 engines
Operations & Support4 engines

5 Named Compliance Agents

Specialised AI agents built on shared AI infrastructure with advisory-only enforcement and deterministic fallback.

Evidence Validator

Validates evidence items against control requirements

Merchant Coach

Guided compliance coaching for merchants through PCI DSS requirements

Portfolio Intelligence

Acquirer portfolio-level risk analysis across merchant populations

QSA Review Assistant

Assists QSA assessment reviews with contextual requirement analysis

Scope Advisor

CDE scope definition and reduction advice for merchants and QSAs

< 2s
Avg Response Time
Real-time analysis
99.7%
Engine Uptime
Continuous availability
Cached
Deterministic Results
Signal-hash consistency
Advisory
Safety Mode
Never auto-changes data

The Orchestrator

The layer that coordinates all 19 engines.

Compliance AI Orchestrator

Provider-swappable compliance insights, recommendations, explanations, and draft generation with context assembly and full audit trail. Coordinates all 19 engines with deterministic fallback — if AI services are unavailable, the platform continues operating with rule-based outputs.

Provider-Swappable
Switch AI providers without code changes
Context Assembly
Gathers all context before inference
Audit Trail
Every AI decision logged with provenance
Deterministic Fallback
Rule-based outputs when AI is unavailable

Intelligence Architecture

35 Intelligence Services

19 AI-powered engines work alongside 16 rule-based deterministic modules — giving every compliance workflow both intelligent analysis and rock-solid foundations.

Direct AI Engines13
Named Agents5
Orchestrator1
Deterministic Modules16

+ 16 Deterministic Intelligence Modules

Rule-based. No external AI required. The signal foundation AI engines build on.

Compliance Intelligence

Cross-framework compliance scoring

Control Intelligence

Control health and effectiveness metrics

Evidence Intelligence

Rule-based evidence validation

Regulatory Intelligence

Regulatory change tracking and mapping

Risk Engine

Deterministic risk scoring and aggregation

Scoping Engine

CDE boundary and scope calculations

Correlation Engine

Cross-control dependency mapping

ML Intelligence

Pattern detection on historical data

Posture Intelligence

Real-time security posture tracking

QSA Intelligence

QSA workflow and capacity modelling

PCI Scope Intelligence

PCI DSS scoping rule engine

Platform Intelligence

System health and usage analytics

Acquirer Intelligence

Portfolio-level merchant risk signals

PCI Req Intelligence

PCI DSS requirement dependency graph

AI Intelligence

AI output quality and confidence signals

Platform Agents

Scheduled autonomous compliance tasks

See the engines in action

Every engine runs on your live compliance data from day one.

Start Free TrialBook a Demo