AI AGENT COMPLIANCE ATTESTATION
Issued pursuant to EU AI Act Article 50 & MiCA Article 70
| Attestation Reference: | [ATTEST-YYYY-NNNN] |
| Date of Issue: | [DD Month YYYY] |
| Issuing Organisation: | [Legal Entity Name] |
| Registration / Licence No.: | [Regulatory Registration Number] |
| Competent Authority: | [National Supervisory Body, Member State] |
1. AGENT IDENTITY
| Agent Name | [Agent Display Name] |
| Agent ID (Kakunin) | [agt-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx] |
| Model / Weights | [Model Name and Version, e.g. GPT-4o-2024-11-20] |
| Model Hash (SHA-256) | [64-character hex hash of model weights] |
| Agent Version | [Semver, e.g. 1.2.3] |
| Deployment Environment | [Production / Staging] |
2. CRYPTOGRAPHIC CERTIFICATE (X.509 + W3C VC)
| Certificate Serial No. | [XX:XX:XX:XX:XX:XX:XX:XX] |
| Certificate Authority | Kakunin CA — did:web:kakunin.ai |
| KMS Key ARN | [arn:aws:kms:eu-west-1:ACCOUNT:key/KEY-ID] |
| Issued At | [ISO 8601 timestamp] |
| Expires At | [ISO 8601 timestamp] |
| W3C Verifiable Credential | [vc+jwt present / not issued] |
| DID Document | https://kakunin.ai/.well-known/did.json |
3. BEHAVIORAL MONITORING SUMMARY (30-DAY WINDOW)
| Events Ingested | [N events] |
| Current Risk Score | [0.000 — low / medium / high] |
| Average Risk Score | [0.000] |
| High-Risk Events (≥ 0.85) | [N — auto-revocation threshold] |
| Pre-Revocation Warnings (≥ 0.75) | [N] |
| Period Covered | [YYYY-MM-DD] to [YYYY-MM-DD] |
| Monitoring Platform | Kakunin Behavioral Analytics |
4. RCM CONTROL ASSESSMENT
| Control | Description | Status | Evidence |
|---|
| C-A1 | Agent cryptographic identity (X.509) | [PASS/FAIL] | Cert serial [XX:XX:XX] active |
| C-A2 | Model hash pinning (SHA-256) | [PASS/FAIL] | model_hash recorded in cert OID |
| C-B1 | Behavioral event ingestion | [PASS/FAIL] | [N] events in 30-day window |
| C-B2 | Risk scoring engine | [PASS/FAIL] | Score [0.000], band [low] |
| C-B3 | Behavioral drift detection | [PASS/N/A] | Baseline from [N] events |
| C-C1 | Certificate revocation capability | [PASS/N/A] | Immediate revocation available |
| C-D1 | Kill switch / signed halt receipt | [PASS/N/A] | Halt receipt issued on revocation |
| C-E1 | Audit log immutability (WORM) | PASS | PostgreSQL rules + S3 WORM backup |
| C-F1 | Compliance report generation | PASS | This attestation + LLM report available |
| C-G1 | Decision chain integrity (HMAC) | PASS | HMAC-SHA256 entry_hash on every row |
5. REGULATORY COMPLIANCE DECLARATIONS
EU AI Act — Article 50 (Transparency obligations):
The deploying organisation declares that the above-named AI agent is subject to continuous cryptographic identity verification, real-time behavioral monitoring, and immutable audit logging as required under Article 50 of Regulation (EU) 2024/1689. All logged interactions are available for inspection by the competent supervisory authority upon request.
Compliance Status: [COMPLIANT / ACTION REQUIRED]
MiCA — Article 70 (Operational risk requirements):
The deploying organisation declares that operational risk controls are implemented for this AI agent pursuant to Article 70 of Regulation (EU) 2023/1114, including: KMS-signed cryptographic certificate, model integrity verification, automated risk scoring, and incident notification to operators when risk scores exceed defined thresholds.
Compliance Status: [COMPLIANT / ACTION REQUIRED]
6. AUTHORISED SIGNATORY
I, the undersigned, being duly authorised on behalf of [Legal Entity Name], hereby attest that the information contained in this document is accurate and complete to the best of my knowledge.
Organisation Stamp (if applicable)
This attestation was generated using Kakunin compliance infrastructure. Machine-readable attestation data: GET https://www.kakunin.ai/api/v1/agents/[AGENT-ID]/compliance-report
Certificate verifiable at: https://www.kakunin.ai/api/v1/verify/[SERIAL] · DID Document: https://kakunin.ai/.well-known/did.json · Template version: 1.0 (2026-05)
How to use: Replace all
[bracketed fields] with your agent's actual data from the API response at
GET /api/v1/agents/:id/compliance-report, then click
Print / Save PDF.
Full documentation →