Nothing acts without clearance. A structurally independent governance layer that holds binding veto over every AI output — live, in production. The controller proposes; governance disposes; fail-closed by design.
Most AI tools score outputs · Mergetic Runs gates them
patent-pending split-authority architecture · tamper-evident audit · any model, any cloud
The controller approved this output. Governance independently blocked it and routed it to human review — a structural check a single-model pipeline cannot reproduce.
An evaluation tells you your AI is risky. But once it's live and acting on real customers, who stops the bad output before it lands? Three structural gaps that linear AI pipelines can't close.
When the model that generates an output is also the one that approves it, there's no authority that can overrule it. Correlated judgment can't catch correlated failure.
A bad decision propagates through a workflow before anyone notices. Post-hoc monitoring tells you what already went wrong; it can't stop the output acting.
EU AI Act Articles 12 and 14 presume an independently verifiable record of why an output was allowed. A model narrating its own reasoning doesn't meet that bar.
Every output runs a governed pipeline. A controller routes on a composite score; a structurally separate governance node — with its own reasoning and its own rulebook — holds the binding veto. Disagreement resolves fail-closed.
The controller proposes.
Governance disposes.
Score clears the threshold and governance approves — the output is released.
Borderline score — routed for a check before it can act.
Below threshold — the output is sent back to be reproduced.
Governance vetoes — the output is held and escalated to human oversight.
Runtime governance is easiest to understand through the person who has to answer for the AI. Pick a domain — the problem, what Mergetic does, and the outcome.
The AI made its recommendation, the loan officer accepted it, and the record shows only the outcome — not the reasoning, not the inputs it weighted, not who reviewed it. The CPC 2025 requires her to demonstrate the AI operated within defined rules and that a human was accountable. She can demonstrate neither.
Every AI decision passes through the governance layer first. Every input is logged. Every output is evaluated against the CPC 2025 RulePack. Every decision carries a confidence rating, a risk flag, and a complete record of every reasoning step.
Siobhán shows the regulator a complete decision record within the hour — what data the AI considered, what weight it gave each factor, what score the output achieved, and the human reviewer who confirmed it before it was applied.
An interactive live view of the architecture: every run, scored and routed, with the full reasoning trail. Walk a financial-compliance run that emits, and a high-risk run where governance vetoes the controller. Available as a guided walkthrough.
Judge separated from generator
Per-decision binding veto
Hash-chained, tamper-evident
Any model, any cloud
Mergetic's architecture embeds governance capabilities that map directly to the EU AI Act's core obligations for high-risk AI systems.
Timeline: high-risk obligations — including risk management (Art. 9), traceability (Art. 12), human oversight (Art. 14) and post-market monitoring (Art. 72) — apply from 2 August 2026. A postponement to 2 December 2027 (stand-alone Annex III) and 2 August 2028 (embedded Annex I) was provisionally agreed through the Digital Omnibus in May 2026, but is not yet law.
Continuous evaluation and scoring at every pipeline stage. Composite risk metrics trigger automatic escalation or blocking before an output can propagate.
Full execution logs captured in the Memory Spine — every reasoning path, every synthesis decision, every governance override, auditable end-to-end.
Configurable escalation triggers route edge cases to human reviewers. The system supports human decision-making authority — it does not replace it.
Mergetic provides architectural capabilities that support regulatory alignment. This does not constitute legal advice or certification. Organisations should consult qualified legal counsel for compliance assessment.
The benchmark and the Control Tower share IP but are bought separately. The evaluation is the front door; runtime governance is where it leads — if and when you choose.
An independent, scored verdict on whether your AI is safe to deploy — measured against gold-standard answers across 25+ FS frameworks.
View the benchmarkOnce you've found the risk, govern it live: a structurally independent layer that holds binding veto over every output in production.
Request a pilotRequest a pilot or a live walkthrough of the Run Inspector. Early pilots help shape the production rollout.
john@mergetic.com