Your voice AI agents are about to become illegal in Europe.
Audact is the compliance API that validates what your AI says before it speaks, logs everything cryptographically, and ensures every call complies with EU regulations. One integration. All 27 member states. Under 20 milliseconds.
1 July 2026
End of Soft Opt-In โ Netherlands
From this date, no business may call any Dutch consumer โ including existing customers โ without demonstrable proof of explicit consent. Millions of CRM records become unusable overnight.
2 August 2026
EU AI Act Article 50 โ Transparency Obligations
Every AI system communicating with a natural person must disclose it is an AI before substantive interaction begins. Fines up to โฌ15 million or 3% of global annual turnover.
These are not future scenarios. These are hard legal deadlines.
The platform won't save you.
You're the deployer. You're liable.
Audact โ Compliance & Evidence Layer
Consent logging ยท AI disclosure ยท Audit trail ยท Real-time checks
Primary liability under EU AI Act & GDPR
Under the EU AI Act, the deployer โ not the platform โ bears primary liability for transparency compliance.
If your voice agent fails to disclose it's an AI, or calls without proper consent, your agency faces fines up to โฌ15 million. Not Vapi. Not Retell. Not ElevenLabs. Your agency.
Audact eliminates this risk with a single API integration.
How it works
Three pillars. One API. Every EU country.
Policy Engine
May this call take place?
Pre-dial evaluation against country-specific rules. Consent verification, quiet hours, DNC registers, recording requirements. Returns a binary verdict with a machine-readable explanation of every rule evaluated.
Real-Time Validator
May the AI say this?
Intercepts every AI response before speech synthesis. Disclosure gate, prohibited claim detection, price hallucination prevention, PII redaction, escalation detection, consent gating. Six deterministic checks โ no LLM in the loop.
Evidence Layer
Prove it went right.
SHA-256 hash-chained evidence for every interaction. HMAC-signed compliance receipts verifiable without Audact's database โ even years later, even without us. Tamper-proof audit trail for regulators. GDPR-compliant erasure via crypto-shredding.
Works with your stack
Zero code changes. Point your Server URL to Audact.
FOR DEVELOPERS & CTOs โ Inline validation, cryptographic evidence, and self-verifiable receipts for every AI-generated response. Five patent applications filed.
Deterministic compliance at telecom-grade speed.
// Request POST /v1/validate { "call_id": "call_8f3a2b7c", "response_text": "Ja, die reparatie kost u โฌ150, gegarandeerd.", "turn_number": 3, "configuration_id": "cfg_nl_inbound" } // Response โ 14ms { "verdict": "MODIFY", "final_text": "Ja, die reparatie kost u โฌ150. Ik kan daarover geen toezeggingen doen.", "fail_open": false, "checks": [ { "check_id": "disclosure_gate", "result": "PASS", "mode": "enforce" }, { "check_id": "blocklist_scan", "result": "FAIL", "mode": "enforce", "detail": "'gegarandeerd' โ guarantee_claims" }, { "check_id": "pricing_band" , "result": "PASS", "mode": "enforce", "detail": "โฌ150 within [โฌ80โโฌ250]" }, { "check_id": "pii_scan" , "result": "PASS", "mode": "enforce" }, { "check_id": "escalation_detection", "result": "PASS", "mode": "shadow" }, { "check_id": "consent_gating" , "result": "PASS", "mode": "shadow" } ], "evidence_hash": "a3f2b8c9...d0e1f2a3", "previous_evidence_hash": "7e2b44f1...c5f390ab", "evidence_event_id": "evt_a1b2c3d4", "receipt": { "version": "1.0", "timestamp": "2026-02-26T14:22:03.445Z", "sequence": 5, "verdict": "MODIFY", "input_hash": "b4d8e2f1...a3c5d7e9", "output_hash": "e5f6a7b8...c9d0e1f2", "ruleset_version": "nl_v1.1.0", "config_version": 3, "fail_open": false, "chain_position": { "previous": "7e2b44f1...c5f390ab", "current": "a3f2b8c9...d0e1f2a3" }, "signature": "HMAC-SHA256: f1a2b3c4...e5f6a7b8" } }
Every check is deterministic โ Aho-Corasick pattern matching, state lookups, numeric comparison. Predictable latency, every time. Fail-open on timeout: the call is never interrupted. A cryptographic timeout event records exactly which checks completed and which did not.
GB2603848.9
SHA-256 hash-chained events per interaction. Advisory lock serialisation for concurrent events. Same integrity guarantee as Git and Certificate Transparency. Any modification breaks the chain and is mathematically detectable by anyone.
GB2603848.9
Every validation returns an HMAC-SHA256 signed receipt containing: content hashes, verdict, per-check results with enforce/observe mode indicators, ruleset version, config version, fail-open status, and chain position. Verifiable offline by any third party โ regulators, courts, auditors โ without access to Audact's database.
GB2603849.7
Blocks all AI-generated substantive content until the mandatory AI disclosure has been delivered and recorded in the evidence chain. When blocked, remaining checks are not executed โ logical necessity and performance optimisation. Cannot be set to observation mode.
GB2603848.9
Evidence event hashes from all tenants are aggregated into a Merkle tree per time window. The root is externally timestamped via an RFC 3161 eIDAS-certified TSA. Each tenant receives a branch proof to verify inclusion without seeing other tenants' data. Modifying one tenant's evidence changes the root โ detectable by every other tenant.
Divisional application of GB2603849.7
Submit a communication context to N language model endpoints in parallel. Each candidate is validated independently. The candidate with the highest compliance score that meets the threshold is selected โ no post-hoc modification needed. When no candidate passes, a predetermined compliant template is substituted.
UK patent application filed
A delivery confirmation from the TTS engine or platform webhook is cryptographically linked to the validation event in the evidence chain. If the delivered content differs from the validated content, a mismatch event records the discrepancy type. Evidence chain proves what was validated AND what was delivered.
UK patent application filed
For AI models that generate audio without intermediate text: segment the audio stream via automatic speech recognition or prosodic boundary detection. Extract text, validate against the same deterministic checks. On BLOCK or MODIFY, substitute a pre-generated compliant audio segment in the same voice.
GB2603848.9 (amended); UK patent application filed
Five patent applications filed with the UK Intellectual Property Office: GB2603848.9, GB2603849.7, and divisional applications for pre-interaction policy evaluation and cross-tenant Merkle aggregation.
What early access members get.
Limited to the first 40 agencies. 27 spots remaining.
Direct engineering access
Dedicated Slack channel with the founding team. Weekly office hours during build phase.
Founding member pricing
Your rate is locked for 12 months from launch. The earlier you join, the more you save.
Shape the rulesets
Direct input on the NL, DE, and FR compliance rulesets. Your edge cases become our test cases.
Energy company fined for misleading telemarketing โ 2024
AI chatbot provider fined for GDPR violations โ 2025
Total fines imposed for unsolicited telemarketing โ 2025
The ACM set a July 2025 compliance deadline for telemarketing rules and has been conducting enforcement audits since. Enforcement is not theoretical โ it is happening now.
Be compliant on day one.
Audact launches before the August 2, 2026 deadline. Join the early access list.
No credit card. No commitment. Just early access to EU voice AI compliance infrastructure.