Runfile is the flight recorder for AI agents — a tamper-evident record of every prompt, tool call, retrieval, approval and refusal, signed and replayable for the auditors who’ll ask what happened.
Built for DORA — live now — the April 2026 interagency model-risk principles, GDPR Article 22, SOX, HIPAA, and the EU AI Act high-risk obligations landing 2 Dec 2027. Not another span store. The system of record.
Your agents are already in production. They draft credit decisions, route claims, move money, escalate cases. Every action they take is, eventually, an action someone will have to answer for — in a deposition, an OCC exam, an Article 12 inspection, a Q4 internal audit.
The tools you bought to ship them were not built for that conversation. Developer observability gives you spans with fourteen days of retention and no integrity guarantee. GRC platforms give you checklists. Neither answers the auditor’s question: show me, end-to-end, what this agent did on behalf of this customer, and prove the log hasn’t been touched since.
That is not a feature in your stack. It is a different data model.
A tiny SDK instruments LangGraph, the OpenAI Agents SDK, or anything emitting OpenTelemetry GenAI semantic conventions. Prompts, tool calls, retrieval chunks, human approvals, guardrail activations, side effects, costs — captured with full fidelity and deterministically tokenized for PII at the boundary so we never see the customer’s secrets.
Each event is appended to a SHA-256 hash chain in the customer’s region. A daily Merkle root is signed by an HSM-backed key that the agent runtime cannot touch and anchored to a public transparency log. Storage is S3 Object Lock in compliance mode. We can prove the log is intact. So can a third party, offline, with the verifier CLI.
One command produces a signed evidence package: a human-readable PDF, the underlying signed event log, Merkle inclusion proofs, and a verifier you hand to the auditor. Controls in EU AI Act, DORA, GDPR, SR 11-7 successor guidance, SOX and HIPAA are mapped against the actual events that satisfy them.
One decorator wraps your agent. The SDK forwards every event — in OTel GenAI semantic conventions — to the Runfile boundary, where it is canonicalised, tokenised for PII, hash-chained, and stored in your region. Nothing about your runtime changes.
# pip install runfile
from runfile import capture
from langgraph.graph import StateGraph
@capture(agent="credit_review", version="3.2.1")
def run(principal, request):
graph = StateGraph(State)
# …your agent…
return graph.invoke({"client": principal,
"loan": request})
# That's it. Every prompt, tool call, retrieval,
# approval and refusal is hash-chained in your region
# and ready for an auditor — under DORA, the April 2026
# interagency MRM principles, GDPR Art. 22, SOX, HIPAA
# and the EU AI Act (high-risk live 2 Dec 2027).The CCO reads the cover PDF — scope, controls, results, signatures. The auditor runs the verifier and grep’s the JSONL. The court, if it ever comes to that, reads the public anchor and the Rekor entry number on page one.
DORA is live. GDPR Article 22 has been live for eight years. The April 2026 interagency MRM principles are in force. The EU AI Act high-risk obligations land 2 December 2027 — and per the May 2026 Digital Omnibus, that date is now fixed, not standards-conditional. The window to be ready is now. We’re working with a small set of design partners across US, UK and EU regulated finance — if you’re the CCO, Head of AI Risk or Head of Internal Audit at a bank, insurer or asset manager, come talk to us.