Regulatory Compliance
Persona
Role: Compliance Officer at a state-level regulatory agency.
You manage compliance programs across dozens of regulated entities -- utilities, financial institutions, and environmental operators. Each entity must submit periodic compliance filings, and your team must audit those submissions, flag deficiencies, and produce reports for agency leadership. The current process relies on email attachments and manual spreadsheet tracking.
Business Problem
Regulated entities submit compliance data through inconsistent channels. Your team has no centralized view of submission status, no immutable audit trail of reviewer actions, and no automated reporting for board meetings. You need:
- A structured submission intake process tied to specific regulations and reporting periods.
- An immutable audit log that records every action taken on a submission.
- Automated compliance reports that aggregate findings by period and status.
Four-Step Application
This scenario works best as a four-step, human-in-the-loop application. The existing object model already gives this scenario a strong delivery backbone through Submission, AuditEntry, and ComplianceReport.
- Mission metric focus: shorter response times, higher citizen trust, and better service-level performance.
- Human + AI pattern: Each step combines structured workflow data with chat assistance, background generation, document understanding, and accessible interaction patterns when they improve the experience.
Step 1. Capture demand and context
- Goal: Make it easy for the user to start the Regulatory Compliance journey with complete, trusted context.
- Required data: Submission context such as the core workflow data.
- AI support: Use chat to guide intake, generate clearer prompts, create accessible summaries, and assist with voice or vision-led capture when a form alone is not the best experience. EAI can support structured intake, chat workflows, and document-centred capture today; richer native multimodal capture may still need workflow extensions or connected services.
- Business impact: Improve completion rate, reduce first-touch effort, and raise customer or staff confidence in the UX from the very first interaction.
- EAI delivery: Model the intake as tenant-isolated object types and resources, then use actions, chat workflows, and document indexing or classification to keep the initial record complete and usable.
Step 2. Prepare the decision
- Goal: Turn the captured context into the next best action for Regulatory Compliance without forcing the human reviewer to assemble the case manually.
- Required data: Submission state and history.
- AI support: Run background summarisation, extraction, classification, recommendation drafting, and answer generation so a reviewer sees a prepared case instead of raw fragments. EAI delivers the structured records and AI workflow hooks for this today; specialised scoring engines, external rules, or advanced reasoning controls may still need integration work.
- Business impact: Reduce cycle time, improve quality and consistency, and protect the mission-critical metric before the case moves into execution.
- EAI delivery: Link records across the scenario, persist decision state as resources, and use workflow actions plus chat assistance to keep humans in control while AI prepares the work.
Step 3. Execute and collaborate
- Goal: Coordinate the actual work, handoffs, approvals, and user updates needed to deliver the service or outcome.
- Required data: AuditEntry execution state.
- AI support: Draft replies, produce work packets, monitor exceptions in the background, and surface the next action for each operator. EAI can orchestrate tenant-isolated records, actions, chats, and document workflows today; deeper system-to-system automation may require additional connectors or workflow capability.
- Business impact: Increase operator productivity, reduce rework across handoffs, and improve service consistency across the application journey.
- EAI delivery: Use linked object types, actions, resource updates, and workflow-triggered AI assistance so the team can execute in one model instead of splitting work across disconnected tools.
Step 4. Resolve, explain, and improve
- Goal: Close the loop with a clear outcome, an understandable explanation, and feedback that improves the next case.
- Required data: final status, outcome, audit history, and follow-up signals across Submission, AuditEntry, and ComplianceReport.
- AI support: Generate outcome summaries, customer-friendly answers, compliance-ready notes, management insights, and accessible follow-up content. EAI can store outcome records and support answer generation today, while richer proactive agents, advanced analytics, or channel-specific accessibility features may need additional product capability.
- Business impact: Increase trust, quality, and measurable business value through shorter response times, higher citizen trust, and better service-level performance.
- EAI delivery: Keep the full audit trail in structured resources, use AI workflows to explain outcomes, and feed the resulting signals into future product, service, and operational improvement work.
EAI Platform Support By Step
EAI provides the safe service boundary for Regulatory Compliance through Object Types, tenant-scoped resources, document processing, chat workflows, and CLI verification. For this scenario, the main records are Submission, AuditEntry, and ComplianceReport.
| Process step | What EAI provides | Calling pattern |
|---|---|---|
| Step 1. Capture demand and context | Tenant-scoped intake resources for Submission context such as the core workflow data. Object Type validation, starter forms, optional document intake, and chat-guided capture keep the first record complete. | Define fields in src/eai.config/object-types.ts, run eai types validate and eai types seed, create initial Submission records with useResources('Submission') or eai resources create Submission, and keep browser calls behind /api/eai/.... |
| Step 2. Prepare the decision | Linked resource queries over Submission state and history. Search, schema checks, document classification or RAG indexing, and chat summaries turn raw context into a prepared decision. | Use useResources('Submission') list/query/search patterns, verify shape with eai resources schema, use useDocuments().upload/classify/ragIndex, eai docs upload, eai docs classify, and eai docs index where supporting material exists, and send decision-support prompts through useChat(workflowId, 'chat') or eai chat send. |
| Step 3. Execute and collaborate | Resource updates and actions for AuditEntry execution state. Status changes, assignments, notes, generated work packets, and chat support keep humans in control during execution. | Model actions in the Object Type code, call client.resources.executeAction(type, id, action) or the app hook equivalent, update records through the app service layer, and verify with eai resources get/list/query. |
| Step 4. Resolve, explain, and improve | Outcome resources for final status, outcome, audit history, and follow-up signals across Submission, AuditEntry, and ComplianceReport. Audit-friendly links, indexed final documents, reporting snapshots, and answer generation make the result explainable and reusable. | Persist outcomes as resources, index final material with eai docs index or useDocuments().ragIndex, send explanation prompts with useChat or eai chat stream, and use eai resources aggregate/search for reporting checks. |
Prompt, Code, And Service Pattern Mapping
The Object Type code example on this page is the implementation contract for the EAI platform services. eai-gofer should read that code as the source of truth for which resource, document, and chat calls belong in the app.
Use this prompt shape when asking eai-gofer or another coding agent to implement the scenario:
Use the EAI App Template. Model Regulatory Compliance with Object Types for Submission, AuditEntry, ComplianceReport. Use useResources for records and actions, useDocuments for uploads/classification/RAG where documents appear, useChat for workflow assistance, and verify with eai types/resources/docs/chat commands. Use eai publicapi only when no named command covers the required platform call.
| Scenario artifact | How it maps to EAI service calls |
|---|---|
| Four-step process | Step 1 becomes resource creation, Step 2 becomes resource query/search plus optional document or chat preparation, Step 3 becomes resource update/action calls, and Step 4 becomes outcome persistence plus explanation/reporting calls. |
| Object Type definitions | eai types validate, eai types seed, and eai resources schema make the model available and checkable before UI work starts. |
| Properties and indexes | Fields become useResources payloads, filters, list views, and eai resources create/list/query/search checks. Indexed fields should support lookup and triage, not duplicate canonical records. |
| Links between Object Types | Relationships become linked-resource UI, timeline context, and audit trails that app code loads through resource queries rather than separate bespoke stores. |
| Actions and status fields | Workflow buttons and operator transitions call resource action/update helpers, then verify state with eai resources get/list/query. |
| Document and chat prompts | Prompts should call the platform documents and chat patterns: useDocuments().upload/classify/ragIndex, eai docs upload, eai docs classify, and eai docs index for documents, and useChat, eai chat send, or eai chat stream for conversational assistance. |
Object Types
| Name | Key Properties | Links | Actions |
|---|---|---|---|
| Submission | regulation, entity, period, status | has many AuditEntries, has one ComplianceReport | submit, review, flag-deficiency |
| AuditEntry | submission, action, user, timestamp | belongs to Submission | (system-generated) |
| ComplianceReport | period, status, findings, dueDate | belongs to Submission | generate, publish, archive |
CLI Workflow
-
Scaffold the app
eai init regulatory-compliance -
Authenticate and pull environment
eai logineai env pull --include-secretsIf you are an external developer, see [Configuration](/docs/configuration) for login and local environment setup. -
Define Object Types
Add Submission, AuditEntry, and ComplianceReport to
src/eai.config/object-types.ts. -
Validate and seed
eai types validateeai types seedTenant: regulatory-compliance✔ Submission — 4 props, 2 links, 3 actions✔ AuditEntry — 4 props, 1 link, 0 actions✔ ComplianceReport — 4 props, 1 link, 3 actions✔ All Object Types are valid -
Create a submission
eai resources create Submission \--data '{"regulation": "ENV-2024-07", "entity": "Acme Utilities", "period": "Q1-2026", "status": "submitted"}' -
List submissions pending review
eai resources list Submission --filter 'status=submitted' -
Start local development
eai dev
Code Example
// src/eai.config/object-types.ts
export const objectTypes = {
'regulatory-compliance': [
{
name: 'Submission',
displayName: 'Submission',
description: 'A compliance filing submitted by a regulated entity for a specific regulation and period',
properties: [
{ name: 'regulation', type: 'text' as const, required: true, indexed: true },
{ name: 'entity', type: 'text' as const, required: true, indexed: true },
{ name: 'period', type: 'text' as const, required: true },
{ name: 'status', type: 'select' as const, required: true, defaultValue: 'draft',
options: [
{ label: 'Draft', value: 'draft' },
{ label: 'Submitted', value: 'submitted' },
{ label: 'Under Review', value: 'under-review' },
{ label: 'Compliant', value: 'compliant' },
{ label: 'Deficient', value: 'deficient' },
],
},
],
linkTypes: [
{ name: 'auditEntries', target: 'AuditEntry', cardinality: 'many' as const },
{ name: 'complianceReport', target: 'ComplianceReport', cardinality: 'one' as const },
],
actions: [
{ name: 'submit', displayName: 'Submit Filing' },
{ name: 'review', displayName: 'Begin Review' },
{ name: 'flag-deficiency', displayName: 'Flag Deficiency' },
],
status: 'published' as const,
},
{
name: 'AuditEntry',
displayName: 'Audit Entry',
description: 'An immutable record of an action taken on a compliance submission',
properties: [
{ name: 'submission', type: 'text' as const, required: true },
{ name: 'action', type: 'text' as const, required: true },
{ name: 'user', type: 'text' as const, required: true },
{ name: 'timestamp', type: 'date' as const, required: true },
],
linkTypes: [
{ name: 'submission', target: 'Submission', cardinality: 'one' as const },
],
actions: [],
status: 'published' as const,
},
{
name: 'ComplianceReport',
displayName: 'Compliance Report',
description: 'A periodic report aggregating compliance status and findings for leadership review',
properties: [
{ name: 'period', type: 'text' as const, required: true, indexed: true },
{ name: 'status', type: 'select' as const, required: true, defaultValue: 'draft',
options: [
{ label: 'Draft', value: 'draft' },
{ label: 'Final', value: 'final' },
{ label: 'Published', value: 'published' },
{ label: 'Archived', value: 'archived' },
],
},
{ name: 'findings', type: 'text' as const, required: false },
{ name: 'dueDate', type: 'date' as const, required: true },
],
linkTypes: [
{ name: 'submission', target: 'Submission', cardinality: 'one' as const },
],
actions: [
{ name: 'generate', displayName: 'Generate Report' },
{ name: 'publish', displayName: 'Publish Report' },
{ name: 'archive', displayName: 'Archive Report' },
],
status: 'published' as const,
},
],
};
Key Takeaways
- Immutable audit trail. AuditEntry records are system-generated with no update or delete actions, ensuring a tamper-resistant compliance history.
- Regulation-specific submissions. Tying each submission to a regulation code and reporting period allows precise tracking across dozens of compliance programs.
- Report lifecycle management. ComplianceReports move through draft, final, published, and archived states, giving leadership confidence that published reports are reviewed and approved.
- Deficiency flagging drives accountability. The flag-deficiency action on Submissions creates a clear escalation path that triggers follow-up workflows.