FAQ
Frequently Asked Questions
Everything you need to know about AgentGovern and AI compliance. Can't find your answer? Talk to our team.
AgentGovern is a compliance-as-code platform that instruments your AI agents (LangChain, CrewAI, OpenAI Agents SDK, or any custom loop) and evaluates every action in real time against regulatory frameworks like the EU AI Act, NIST AI RMF, and SEC guidelines. It generates audit-ready evidence automatically.
The EU AI Act is the world's first comprehensive AI regulation, classifying AI systems by risk level and imposing obligations on providers and deployers of high-risk AI. The main provisions became enforceable in stages from 2024, with obligations for high-risk AI systems (including many agentic AI applications in financial services) fully in force from August 2026.
Yes. AgentGovern provides first-class support for LangChain via a drop-in SDK integration. Wrap your AgentExecutor in one line of code and all actions are immediately instrumented, policy-evaluated, and logged for compliance.
AgentGovern supports LangChain, CrewAI, OpenAI Agents SDK, and any custom Python or TypeScript agent loop via our generic SDK. Framework-specific integrations provide deeper observability, while the generic wrapper works with any agent architecture.
AgentGovern adds less than 5ms of overhead per agent action in typical configurations. Policy evaluation runs asynchronously where possible, and synchronous blocking only occurs when policy enforcement requires it (e.g., blocking a non-compliant action before execution).
AgentGovern ships policy packs for EU AI Act, NIST AI Risk Management Framework (AI RMF), SEC AI Governance Guidelines, OCC Model Risk Management (SR 11-7), and ISO 42001. Enterprise customers can author custom policies in YAML that map to any internal or jurisdictional framework.
Every agent action passing through AgentGovern is logged with a tamper-evident timestamp, the policy evaluation result, the action payload (configurable redaction), and the applicable regulatory reference. These logs are aggregated into one-click conformity assessments exportable as PDFs for regulators or internal audit teams.
Behavioral drift occurs when an AI agent's actions change over time in ways that violate compliance policies. For example, an agent begins accessing data it wasn't originally authorized to access. AgentGovern monitors statistical patterns in agent behavior and alerts your compliance team when drift is detected, before it becomes a regulatory incident.
Yes. AgentGovern operates in three modes: Observe (log only), Alert (log and notify), and Enforce (intercept and block). In Enforce mode, a non-compliant action is blocked before execution and the event is logged with full context for audit review.
Yes. The AgentGovern SDK is open source (MIT license) and always free. You can instrument agents locally and evaluate policies without a cloud account. The cloud compliance dashboard, drift detection, team management, and audit report generation are part of the Professional and Enterprise plans.
AgentGovern has four tiers: Free (Developer), Starter, Professional, and Enterprise. Pricing, action limits, seat counts, and feature details are kept current on the pricing page at zirahn.com/pricing. That's the source of truth, not this FAQ.
AgentGovern is SOC 2 Type II certified. We recognize that compliance teams selling to regulated industries need their vendors to hold the same standard they enforce on their customers.
Most customers have the SDK integrated and sending data within a single engineer-day. Enabling policy packs, configuring dashboards, and training compliance teams typically takes 1-3 weeks end-to-end. Our pilot customers report going from zero to their first audit-ready report in under 3 weeks.
Yes, on-premises deployment is available on the Enterprise plan. This is common among financial institutions with strict data residency requirements. The SDK operates identically; compliance data is sent to your private instance rather than Zirahn's cloud.
AgentGovern is primarily used in Financial Services (banking, capital markets, insurance), Healthcare (clinical AI, administrative automation), and any regulated industry deploying agentic AI at scale. Our policy packs and case studies reflect these verticals' specific regulatory landscapes.
Still have questions?
Our compliance engineers are happy to discuss your specific use case.
Request access →