What is AI governance?

AI governance is the set of policies, processes, and accountability structures that ensure AI systems are used responsibly, transparently, and in compliance with applicable regulations such as the EU AI Act and ISO 42001. It covers AI surface mapping, decision accountability, risk classification, and audit readiness.

What does the EU AI Act require from enterprises?

The EU AI Act requires enterprises to classify AI systems by risk level, maintain an AI inventory, implement human oversight for high-risk AI, conduct conformity assessments, and keep technical documentation and audit trails. Complaix provides the infrastructure to meet these requirements operationally.

How does Complaix help with AI compliance?

Complaix provides an AI governance operating system that maps every AI tool in use across your organisation, assigns human accountability to every AI-influenced decision, scores your AI exposure risk, and generates board-ready governance reports aligned to the EU AI Act, ISO 42001, FCA guidance, and UK GDPR.

What is an AI Exposure Score?

An AI Exposure Score is a 0–100 metric that quantifies an organisation’s risk exposure from its current AI usage. It is calculated across five governance dimensions: AI surface visibility, decision accountability, operational governance, regulatory alignment, and accountability maturity. Complaix calculates and tracks this score continuously.

What is the difference between AI governance advisory and a SaaS platform?

AI governance advisory builds your governance infrastructure from scratch — mapping AI usage, assigning accountability, and delivering a board-ready report. The Complaix Platform then keeps that infrastructure operational with live dashboards, continuous decision logging, and regulatory update briefings. The Foundation Engagement bundles both.

Is Complaix aligned to ISO 42001?

Yes. The Complaix System is designed to align with ISO 42001 (AI Management Systems), the EU AI Act, FCA AI guidance, and UK GDPR. Every governance artefact produced by Complaix is mapped to the relevant regulatory requirements.

Transparent Pricing

Three paths to governed AI.

Choose the path that matches where you are. Start with a free assessment, build with Advisory, run with the Platform, or do both at once with Foundation Engagement.

Monthly

Yearly

Auto-detected from your location

Verified client outcomes

0Major non-conformities across all external audits

14 weeksAverage time from zero to audit-ready governance

100%Of clients passed regulatory review first time

3×Faster shadow AI surface mapping vs manual audit

Select your path to see relevant services

🧭 Build your governance infrastructure

One-time advisory engagements that give you the frameworks, artefacts, and accountability structures your organisation needs. Start free.

Advisory, Step 1

AI Accountability Assessment

Free

No commitment required

A structured diagnostic that maps your AI exposure, identifies governance gaps, and produces your AI Exposure Score. The starting point for every Complaix™ engagement.

AI Surface Discovery questionnaire
AI Exposure Score (0-100)
Category-level gap analysis
Governance readiness summary
Recommended next steps

Take the Free Assessment

Advisory, Step 2

AI Vulnerability Report

from£3,500

One-time engagement · billed on invoice

A detailed written report identifying your highest-priority AI governance vulnerabilities, regulatory exposure, and a prioritised remediation roadmap.

Full AI Surface audit
Regulatory exposure mapping (EU AI Act, ISO 42001, sector-specific)
Prioritised vulnerability register
Remediation roadmap with effort estimates
Executive summary for board reporting

Book a Discovery Call

Advisory, Step 3

Governance Advisory

from£12,000

One-time engagement · billed on invoice

Hands-on advisory engagement to design and build your AI governance framework. Policies, accountability structures, decision logs, and risk registers, built for your organisation.

AI Governance Framework design
Decision Accountability Matrix
AI Risk Register (initial population)
Policy and procedure templates
Regulatory alignment mapping
2 × governance workshops

Book a Discovery Call

Not sure which path is right for you?

Use this guide to find the best starting point.

Full comparison

See exactly what is included in each path.

Platform Modules

What you get on each tier

Every platform tier is built on the same core governance infrastructure. Higher tiers unlock additional modules for deeper intelligence, compliance automation, and enterprise-grade controls.

Module	Foundation From £2,499/mo	Operational From £4,999/mo
Core Governance
AI Surface Registry Catalogue every AI tool in use
Decision Log Log AI-influenced decisions with human owners
Risk Register Identify and track AI risks
Governance Playbook Structured governance policies
Maturity Tracker Track governance maturity level 1-5
Document Vault Secure document storage
ISO Checklists ISO 42001 compliance checklists
Regulatory Intelligence EU AI Act and regulatory update alerts
Operational Intelligence
Evidence Requests Track and respond to compliance evidence requests	-
Risk Flags Automated AI risk flag detection	-
Analytics Dashboard Governance trend analytics and reporting	-
Executive Reports Board-level AI governance report generator	-
Document Templates Pre-built governance document templates	-
Vendor Assessment Third-party AI vendor risk assessments	-
Third-Party Governance Consolidated vendor risk dashboard	-
Enterprise Controls
Audit Trail Export Full audit log export for regulators	-	-
Custom Frameworks Build organisation-specific governance frameworks	-	-
AI Incident Log ISO 42001 Clause 10 incident tracking	-	-
Platform-wide
Notification Preferences Configure alert preferences
Team Management Invite and manage platform users
EU AI Act Conformity Tracker Article-by-article conformity tracking

Module access is provisioned automatically based on your subscribed tier. Advisors can adjust individual module access from the Advisor Dashboard.

FAQ

Common questions

Why Complaix

How we compare

Generic GRC platforms were built for IT risk, not AI governance. Complaix is purpose-built for the AI accountability gap that regulators are now closing.

✦Complaix

Purpose-built AI governance

Purpose-built for AI governance

Five-framework methodology

EU AI Act + ISO 42001 + FCA aligned

AI Surface Mapping across all tools

Decision accountability chains

Audit-ready evidence packs

Board-ready governance reporting

ISO 42001 readiness scoring

Real-time AI risk register

Incident log with regulatory clause mapping

Monthly governance health reports

Foundation Engagement onboarding

Transparent pricing from day one

Ongoing advisory support included

From £2,499/mo

or £18,500 Foundation Engagement

Generic GRC Tools

ServiceNow, Archer, OneTrust

-Built for IT/cyber risk, not AI

-No AI-specific methodology

-Partial regulatory coverage

-No AI discovery capability

-No accountability chain feature

-Manual evidence collection

-Generic dashboards only

-No ISO 42001 readiness scoring

-Partial risk register (IT-focused)

-No AI incident logging

-No AI governance reporting

-No AI-specific onboarding

-Complex enterprise pricing

-Add-on modules required for AI

Enterprise only

Custom pricing, typically $50k+ annually

Big 4 Consultancies

Deloitte, KPMG, PwC, EY

-Project-based engagements only

-Bespoke frameworks (inconsistent)

-Strong regulatory knowledge

-Manual assessment only

-Recommendations, not systems

-Deliverable documents only

-Executive presentations

-Partial ISO 42001 coverage

-No real-time risk register

-No automated incident logging

-No automated reporting

-Expensive retainer model

-Six-figure minimum spend

-No ongoing platform access

£50k+ project

Retainer from £150k/yr

Compliance Automation

Vanta, Drata, Secureframe

-Built for SOC 2 / ISO 27001, not AI

-No AI Act or ISO 42001 coverage

-No AI governance methodology

-No AI surface mapping

-No decision accountability

-Automated evidence for IT controls

-Compliance dashboards only

-No ISO 42001 readiness scoring

-No AI risk register

-No AI incident logging

-No AI governance reporting

-Self-serve onboarding

-SaaS pricing from $1k/mo

-IT compliance only, no AI governance

From $1,000/mo

IT compliance only, no AI governance

✦ Complaixvs. alternatives

10 reasons Complaix is different — tap each to learn more

Full feature comparison available on desktop (landscape view)

Feature / Capability	✦ Complaix Purpose-built AI governance	Generic GRC Tools (ServiceNow, Archer)	Big 4 Consultancies (Deloitte, KPMG, PwC)	Compliance Automation (Vanta, Drata)
AI Governance Foundation
Purpose-built for AI governance		-	-	-
Five-framework AI methodology		-	-	-
EU AI Act alignment		Partial		-
ISO 42001 alignment		-	Partial	-
FCA AI guidance alignment		-		-
Discovery and Visibility
AI Surface Mapping across all tools		-	-	-
Shadow AI detection		-	-	-
AI tool classification and risk scoring		Partial	-	-
Continuous AI inventory monitoring		-	-	-
Accountability and Governance
Decision accountability chains		-	-	-
Human oversight documentation		-	Partial	-
Incident log with ISO 42001 Clause 10		-	-	-
Real-time AI risk register		Partial	-	-
AI maturity model (5 levels)		-	-	-
Reporting and Evidence
Audit-ready evidence packs		-	-	IT only
Board-ready governance reporting		Partial		-
ISO 42001 readiness scoring		-	-	-
Monthly governance health reports		-	-	-
Regulatory clause mapping		-	Partial	-
Service Model
Foundation Engagement onboarding		-	-	-
Ongoing advisory support included		-	Retainer	-
Dedicated governance advisor		-		-
Self-serve platform access			-
Implementation time	90 days	6-12 mo	3-6 mo	2-4 wks
Transparent, predictable pricing		-	-	Partial
Pricing model	From £2,499/mo or £18,500 Foundation	Enterprise only Custom pricing	£50k+ project Retainer from £150k/yr	From $1,000/mo IT compliance only

Comparison based on publicly available information. Features and pricing may vary by vendor configuration and region.

Not sure where to start?

Take the free assessment to get a precise picture of where your governance gaps are. No commitment, no credit card.

Questions about security or data handling? Visit our Trust Centre