One hash chain. Four regulators.
Every link is SHA-256, every byte in Frankfurt eu-central-1. Four regulator-specific export packs — not one generic compliance report.
Same chain. Four regulator vocabularies.
Same SHA-256 chain underneath. Different vocabulary above. BaFin examiners read MaRisk AT 7.3; a notified body reads MDR Class IIa; a procurement officer reads DORA Article 28. The chain ships once — not one generic "compliance report" that satisfies none of them.
EU AI Act
Articles 13, 14, 26, and 73 — mapped row-by-row to the chain. Regulator's words on the left, artefact hash on the right. Article 73's 15-day clock runs in the chain. Not in our dashboard.
Financial Services
BaFin asks how the agent decided. MaRisk AT 7.3 sets the incident clock. DORA Article 28 demands ICT-vendor evidence. SCHUFA-Urteil C-634/21 forces human-intervention proof under GDPR Article 22. The chain answers all four in one export — not four separate compliance reports.
Healthcare & Life Sciences
MDR Class IIa/IIb software requires a deterministic gate before clinical impact. GDPR Article 9 demands special-category evidence per decision. MDCG 2025-6 mandates traceability into the medical-device file. The chain delivers all three — without an LLM in the audit path.
Enterprise
Dedicated Frankfurt tenancy. 99.9% SLA today; 99.99% on the Enterprise roadmap (gated on multi-AZ replication). DORA Articles 28-30 satisfied in one export pack — vendor concentration, ICT-third-party policy, sub-outsourcing register. We don't white-label. We don't run on customer-cloud.
Four doors. No SDR funnel.
You've seen four audiences and the vocabularies they each get. If none fits cleanly — or if procurement asks "does it cover all of them" — talk to the engineer who built the chain. Both doors lead to engineering. Neither leads to sales.