{
  "lastUpdated": "2026-06-16",
  "_disclaimer": "SAIG provides runtime controls, audit evidence, and compliance-supporting workflows. It does not provide legal advice, certification, or a guarantee of regulatory compliance.",
  "frameworks": [
    {
      "name": "EU AI Act",
      "supportType": ["runtime controls", "audit evidence", "policy enforcement", "technical documentation support"],
      "scope": "Articles 9-15, 17, and 52 — risk management, data governance, logging, transparency, human oversight, accuracy workflows"
    },
    {
      "name": "GDPR",
      "supportType": ["runtime controls", "audit evidence", "PII detection", "anonymization"],
      "scope": "PII detection, anonymization, data minimization workflows, data subject access export support, 6-language coverage"
    },
    {
      "name": "Swiss FADP / nDSG",
      "supportType": ["runtime controls", "sovereignty enforcement", "audit evidence"],
      "scope": "Swiss-Only sovereignty mode, special category protection, cross-border transfer controls, automated decision notification support (Art. 22)"
    },
    {
      "name": "DORA",
      "supportType": ["runtime controls", "incident signals", "audit evidence"],
      "scope": "Operational resilience controls: circuit breaker, rate limiting, incident management, governance SLA tracking"
    },
    {
      "name": "FINMA",
      "supportType": ["audit evidence", "runtime controls", "governance receipts"],
      "scope": "Tamper-evident audit trail with cryptographic signatures, emergency kill switch, governance receipts for financial AI oversight"
    }
  ],
  "disclaimers": [
    "SAIG does not provide legal advice.",
    "SAIG does not guarantee regulatory compliance.",
    "SAIG is not a certified compliance product unless certification proof exists in the repository.",
    "SAIG does not replace legal counsel.",
    "Organizations should consult qualified legal professionals for compliance decisions."
  ]
}