Auditable AI Data Preparation That Meets Regulatory Standards
Ertas Data Suite gives compliance and risk officers the audit trail, data sovereignty, and traceability controls they need to approve AI initiatives — without slowing down the data teams building them.
The Challenges You Face
AI Projects Lack the Documentation Regulators Expect
When regulators ask how an AI model was trained, most organizations cannot provide a complete answer. Training data preparation happens in ad-hoc scripts with no audit trail, making it impossible to demonstrate the data governance rigor that regulatory frameworks increasingly require.
Cloud AI Tools Create Third-Party Risk
Every cloud-based AI tool that processes organizational data requires a vendor risk assessment, a data processing agreement, and ongoing monitoring. The pace at which data teams want to adopt new AI tools far exceeds the compliance team's capacity to evaluate them.
Data Lineage Gaps Make Model Validation Impossible
Model risk management frameworks require organizations to validate that AI models were trained on appropriate, properly handled data. Without end-to-end data lineage from source through preparation to training, this validation is based on faith rather than evidence.
Regulatory Requirements Are Multiplying
EU AI Act, NIST AI RMF, industry-specific guidance (SR 11-7, FDA AI/ML SaMD), and state-level AI regulations all impose documentation and accountability requirements on AI systems. Compliance officers need tools that produce the evidence these frameworks demand, not tools that create additional risk.
How Ertas Solves This
Ertas Data Suite is designed to be the tool that compliance officers can approve without reservation. It runs entirely on-premise as a native desktop application — no data leaves your network, no third-party risk assessment is needed, no data processing agreement is required. The third-party risk question is eliminated by architecture, not by paperwork.
Every action in Data Suite is recorded in an append-only audit trail with immutable timestamps, user attribution, and complete transformation details. This trail provides the documentation that regulatory frameworks demand: who prepared the data, what transformations were applied, what quality checks were performed, and how the final training dataset was produced.
For compliance and risk officers, Data Suite transforms AI data preparation from a documentation gap into a documentation strength. Instead of asking data teams to retroactively create compliance artifacts, the artifacts are produced automatically as a byproduct of the normal workflow.
Key Features for Compliance & Risk Officers
Immutable Audit Trail
Every operation — data ingestion, cleaning transformation, label assignment, augmentation step, and export action — is logged to an append-only ledger. Entries cannot be modified or deleted after creation, providing tamper-evident documentation of the entire data preparation process.
Zero Third-Party Risk
Data Suite runs as a self-contained desktop application with no network connectivity, no cloud dependencies, and no telemetry. There is no third-party data processor to assess, no DPA to negotiate, and no ongoing vendor monitoring to perform.
Regulatory Report Export
Export audit trail data in structured formats aligned with common regulatory frameworks — NIST AI RMF, EU AI Act documentation requirements, SR 11-7 model inventory formats, and ISO/IEC 42001 evidence templates.
Role-Based Access Documentation
The audit trail captures which user performed each operation, providing the access control documentation needed for SOC 2 Type II, ISO 27001, and industry-specific regulatory requirements around data handling.
Why It Works
- Data Suite's on-premise architecture has eliminated the vendor risk assessment bottleneck for AI data preparation — compliance teams approve deployment in days rather than the months required for cloud-based alternatives.
- The immutable audit trail provides the 'high-risk AI system' documentation required by the EU AI Act's Article 12 logging requirements and Article 11 technical documentation requirements.
- Organizations using Data Suite have passed model risk management examinations with auditors specifically citing the completeness of data preparation documentation as a strength.
- Zero network connectivity means Data Suite satisfies data residency requirements in every jurisdiction by default — no geographic routing analysis, no cross-border data transfer assessments, no standard contractual clauses.
- Automatic audit trail generation means compliance documentation is a byproduct of normal workflow rather than a separate burden — data teams stop treating compliance as a tax and compliance teams stop being a bottleneck.
Example Workflow
A bank's compliance officer needs to approve the data preparation process for a new AI model that will assist in BSA/AML transaction monitoring. The model risk management framework requires documentation of data sourcing, preparation steps, quality controls, and personnel involved.
The data team uses Ertas Data Suite on a workstation within the bank's secure network. They ingest transaction data, clean and normalize records, have BSA analysts label suspicious patterns, and export a training dataset. Every step is automatically logged to the audit trail.
The compliance officer reviews the audit trail export, which documents: the exact data sources ingested, every cleaning transformation applied, which analysts labeled which records, what quality validation checks passed, and the final dataset composition. This documentation satisfies the bank's model risk management policy requirements and provides the evidence needed for the next OCC examination — all produced automatically without any additional compliance-specific effort from the data team.
Ship AI that runs on your users' devices.
Early bird pricing starts at $14.50/mo — locked in for life. Plans for builders and agencies.