§ Magnifica · the compliance layer above your AI stack
aimagnifica.com · Stockholm · MMXXVI
§ Magnifica — The compliance layer above your AI stack

Test a prompt.
See it evaluated.

Every prompt screened against the EU AI Act, ISO/IEC 42001, the Swedish AI-förordningen, and Pope Leo XIV's Magnifica Humanitas — before it reaches Claude, GPT-4o, Gemini, Mistral, or your local LLM. Try it below; request a 30-day organisational trial when you're ready.

§ Live preview · type or click an example Preview engine · client-side
The live Gateway evaluates with Claude Opus 4.7 against your organisation's policy, logs every decision under EU AI Act Article 12, and routes to your selected LLM provider. The preview above runs the same logic in your browser without sending data to any external provider.
EU AI Act · Art. 12 logging · Art. 14 oversight · Art. 27 FRA
§ I · The Problem

Compliance has caught up with conscience.

In 2025, ChatGPT alone generated 410 million data-loss-prevention violations — a 99.3% increase in twelve months. Eleven percent of every prompt typed by an enterprise employee contained sensitive corporate data. Most of it was pasted in good faith by people who simply wanted to do their work.

Three forces have now converged on every European enterprise that uses artificial intelligence. The EU AI Act has made the use of high-risk AI systems a regulated activity, with conformity assessments, fundamental-rights impact assessments, and audit logs no longer optional. ISO/IEC 42001 has given boards a management-system standard against which AI governance can be audited. And the encyclical Magnifica Humanitas, published on 15 May 2026, has placed the question of whether AI use preserves human dignity on the desk of every chief executive in Europe.

Most organisations are not ready. Fewer than three in five operate a structured AI risk framework. The Big Four are mobilising but will not productize a credible response before late 2027. Magnifica exists to close that deficit — with one instrument that wraps any LLM stack and addresses procedure and disposition together.

ChatGPT DLP violations, 2025410 M
YoY increase+ 99.3 %
Sensitive data in prompts11 %
Orgs without framework43 %
Maximum EU AI Act fine7 % turnover
Compliance market 2035USD 10.5 B
§ II · How it decides

Three states. One framework. Every prompt.

Magnifica is the layer that sits above whatever LLM, gateway, or copilot your people already use. Each request follows the same path: classified, checked against your policy and the four normative pillars, then routed — or stopped.

§ Step I
Classify.
Pre-flight inspection
§ What happens Every prompt is scanned for PII (personnummer, IBAN, credit cards, names), customer-defined sensitive terms from your glossary, intent (employment ranking, financial advice, medical decisions), and confidentiality markers. Every uploaded document is read for sensitivity labels, embedded metadata, structured data patterns, and content classification.
§ Step II
Decide.
Against your policy
§ What happens The classification is checked against four sources at once: the EU AI Act, the Swedish AI-förordningen, ISO/IEC 42001, and the dispositional tests of Magnifica Humanitas. Your organisation's own policy adds the final layer. One of three verdicts results.
§ Step III.i
Allow.
OK · routed
§ Outcome No policy violations detected. The request is routed to the customer-selected provider — Claude, GPT-4o, Gemini, Mistral, or any LLM gateway you already operate. The response is scanned on egress, and the event is written to your EU AI Act Article 12 audit log.
§ Step III.ii
Review.
Approval required
§ Outcome Policy is ambiguous, the content is sensitive, or the request engages a Magnifica conscience flag (employment ranking, credit scoring, automated personnel decisions). The request is routed to a designated approver — manager, legal, ethics committee — and awaits sign-off. § If local LLM is available
The user is informed that the request must be handled by the sovereign deployment behind your firewall. The prompt never leaves your perimeter.
§ Step III.iii
Stop.
Do not upload
§ Outcome The request would violate your data policy, an EU AI Act prohibition, or a Magnifica dignity test. Three remediation paths are offered, in order: § Redact
Sensitive tokens (personnummer, customer names, financial figures) are replaced with reversible markers. The redacted prompt proceeds. The token map is stored, encrypted, in the audit log — accessible only to authorised users for response re-substitution.
§ Re-route to local
If your sovereign LLM is available, the request is routed to it. The prompt and any attached document never leave your network perimeter. The audit log records the deflection.
§ Refuse
The user is informed of the specific violation (Article 5 prohibition, Article 27 fundamental rights, Magnifica Humanitas §102) and the remediation path. No request is sent to any external provider. The refusal is logged for the next audit cycle.
§ Step IV
Refer.
When policy is silent
§ Outcome If a recurring class of request reveals a gap in your organisation's policy, Magnifica refers it to the Advisory marketplace — a curated network of governance specialists, regulatory experts, and ISO 42001 assessors who can draft the policy you do not yet have. The framework adapts to your organisation; your organisation adapts to the framework.
§ III · The Instrument

Three products. One framework. Any AI stack.

Magnifica wraps whatever AI infrastructure your people already use. If you operate Kong, Portkey, Bifrost, or an OpenAI gateway, Magnifica adds the compliance and dignity layer above it. If you operate nothing, Magnifica provides the gateway too.

§ III.i
Audit
The assessment.

A four-to-six-week structured assessment of your AI estate against all four framework pillars. Dual-axis scoring on regulatory compliance and human dignity. Board-readable report with remediation roadmap and your placement on the Magnifica Index.

§ Included
  • InventoryEvery AI system, every provider, every use case
  • ScoreCompliance + dignity, both axes of the Magnifica Index
  • ReportBoard-ready, with remediation roadmap
  • ReviewQuarterly check-in for one year
§ III.ii
Gateway
The enforcement.

The compliance layer above your AI stack. Screens every prompt and document, decides, routes — or stops. Sits above Kong, Portkey, Bifrost, or any LLM gateway you already operate; or replaces the need for one. Optional sovereign deployment for defence, banking, and government workloads.

§ Included
  • ScreenPrompt and document inspection at ingress and egress
  • DecideAllow · Review · Stop, against four pillars + your policy
  • RouteAbove any LLM or gateway you operate; to sovereign if needed
  • AuditEU AI Act Article 12 logs, SIEM-ready, exportable
§ III.iii
Advisory
The remediation.

A curated network of named European specialists in AI governance, regulation, ethics, and sovereign deployment. Engagements are routed from audit findings and Gateway refer-events to advisors matched by discipline. A portion of every engagement funds civil-society partners working on ethical AI.

§ Disciplines
  • GovernBoard policy, AI committees, ISO 42001 implementation
  • RegulateEU AI Act, GDPR, sectoral conformity assessment
  • EthicsFundamental rights, dignity tests, conscience policy
  • SovereignLocal LLM deployment, air-gapped, defence-grade
→ Apply to the cohort
§ IV · The Framework

Four sources. One standard.

Magnifica is anchored in four normative texts. Each carries weight in a different register; together they constitute the standard against which we audit and against which the Gateway decides.

I.
EU AI Act
Risk-tiered. Procedural. Binding.
Reg. 2024/1689 · Art. 9–15, 27
II.
Magnifica Humanitas
Dispositional. Is the human still the end?
Leo XIV · 15 V MMXXVI · MH 102, 237–240
III.
AI-förordningen
National. Personnummer-aware.
IMY Sverige · 2026 implementation
IV.
ISO/IEC 42001
Management system. Auditable.
ISO 42001:2023 · 23894 · 38507
§ V · Try the Gateway

A working preview. Real policy engine.

Type a prompt or click an example. The policy logic below runs in your browser — no data is sent to any provider. The live Gateway proxies real LLMs with the same logic plus your tenant policy.

Active policy Magnifica default + GDPR
Org · Acme AB · demo

Click a file to see how the Gateway screens it before any external call.

public-pitch.pdf
2.1 MB · PUBLIC
salaries-q3.xlsx
847 KB · CONTAINS PERSONNUMMER
roadmap-internal.docx
1.4 MB · CONFIDENTIAL
contract-draft.pdf
3.2 MB · COUNTERPARTY DATA
11:42 · igor.pandini → ClaudeALLOW
11:38 · john.bernstedt → GPT-4oREDACT
11:32 · antonia.andolini→ ClaudeALLOW
11:21 · samuel.segerson→ GeminiBLOCK
11:14 · lennart.carlzon→ MistralAPPROVAL
§ Demo · in-browser policy engine. No data is sent to any external provider. The live Gateway proxies real LLMs with the same logic plus tenant-specific policy.
§ VI · Why now

On 7 May 2026 the European Parliament, Council, and Commission reached political agreement to defer the EU AI Act's high-risk obligations to 2 December 2027 — a sixteen-month postponement. The market read the news as permission to wait. We read it as the only strategic window the European AI compliance market will offer. The standard for high-risk AI governance has not yet been written by anyone. It will be written in the next eighteen months. The forcing function has been deferred, not removed.

§ Editorial · MMXXVI · Stockholm
§ VII · How to get started

Three steps. One framework.

From a single prompt evaluated in your browser to a fully deployed compliance layer across your organisation, the path is deliberate and reversible at each step. No long-term commitment until your team has used the live service and chosen to continue.

§ Step I
Preview · now
Test in the hero.
Free · client-side · no signup

Try the preview engine in the hero of this page. Five canned examples or your own prompt; verdicts and reasoning render immediately. No data leaves your browser; nothing is logged.

  • VerdictsAllow · Review · Stop, against all four framework pillars
  • ExamplesPersonnummer, personnel ranking, customer data, more
  • PrivacyNothing transmitted, nothing stored
→ Try a prompt now
§ Step III
Deploy · ongoing
Go live across your organisation.
From € 4,200 / month · 50 seats included

Deploy the Gateway across your full organisation when the trial completes. Full policy management, unlimited evaluation volume, Sovereign deployment available for defence, banking, and government workloads. Annual and multi-year terms available.

  • VolumePer-seat pricing; unlimited evaluations within fair use
  • RoutingAbove any LLM stack: OpenAI, Anthropic, Google, Mistral, local
  • SovereignOn-prem or VPC for defence and regulated workloads
  • DiscountAnnual −12%, three-year −25%, anchor-customer −40%
→ See full pricing

All trial provisioning is white-glove during pilot. We onboard your team, encode your policy, and validate the deployment with you. Procurement materials, DPAs, and security disclosures are available on request to procurement@aimagnifica.com.

§ VIII · Pricing

Three tiers. Transparent rates.

Magnifica publishes its rates because an audit-grade brand answers to the same standard it asks its customers to meet. Volume discounts, multi-year terms, and bespoke sovereign deployments are negotiated transparently.

§ Tier I · Audit
Discovery
For first engagement.
€ 48,000
Fixed fee · per engagement
  • 4–6 week structured assessment
  • All four framework pillars scored
  • Magnifica Index placement
  • Board-ready report
  • Remediation roadmap
  • One year of quarterly reviews
§ Tier III · Sovereign
Bespoke
For air-gapped workloads.
On request
Defence · banking · government
  • Everything in Tier II
  • Local LLM deployment (Llama, Mistral, Qwen)
  • On-prem or customer VPC
  • Air-gapped option
  • Customer SIEM integration
  • Identity provider integration (Entra, Okta)
  • Advisory included for first year
§ IX.i
Book a briefing.

For CCOs, GCs, and audit committee chairs. A 45-minute briefing on the framework, the instrument, and what an engagement would look like for your organisation.

§ IX.ii
Open a partnership.

For law firms with AI, data protection, or financial-regulatory practices. A bilateral conversation about routing legal deliverables from Magnifica audits to your partners.

→ Read the invitation
§ IX.iii
Apply to the cohort.

For European practitioners in AI governance, EU AI Act, ISO/IEC 42001, fundamental rights, sovereign deployment, and sectoral compliance. The Advisory Network is being assembled as the founding cohort. Open call, editorial review, reply within ten working days.

→ Apply to the cohort