Compliance in the LLM Era: The New Regulatory Stack for AI Platforms

Five years ago, an AI company's compliance obligations fit on a single page. A privacy policy, a terms of service, maybe a cookie banner, and — if you were cautious — a GDPR data processing agreement. That was it. AI was treated as software, and software was treated lightly.

In April 2026, that world is gone.

An AI platform launching today operates inside an overlapping regulatory stack that includes the EU AI Act, the Digital Services Act, GDPR, sector-specific rules (finance, health, education), export controls, age verification mandates, content provenance requirements, and — increasingly — explicit KYC/AML-style obligations on who can access models and what they can do with them. Anthropic's recent rollout of passport-and-selfie verification on Claude is one visible symptom of this shift. It will not be the last.

This post maps the compliance stack AI companies now operate inside, explains what has changed in the last 18 months, and lays out a practical architecture for building a product that can survive regulatory scrutiny without destroying developer experience.

What Changed

Four things happened, roughly in parallel, between late 2024 and early 2026.

First, regulators caught up. The EU AI Act entered force in staged rollout starting August 2024, with general-purpose AI model obligations hitting in August 2025 and high-risk system obligations hitting August 2026. The UK set up the AI Safety Institute with formal testing agreements. The US executive order on AI created reporting thresholds for large training runs. Brazil, Japan, South Korea, Singapore, and the UAE all published AI frameworks. China had already required generative AI identity verification since 2023.

Second, AI platforms became systemically important. Claude, ChatGPT, Gemini, and Grok now sit in the workflow of tens of millions of enterprise employees and hundreds of millions of consumers. That scale triggers the Digital Services Act's "very large online platform" obligations in the EU, consumer protection regimes across multiple jurisdictions, and the general gravity of "if it breaks, it breaks a lot of things."

Third, the abuse vectors matured. Deepfake fraud, voice cloning, automated phishing, synthetic identity creation, model distillation, copyright extraction, CSAM generation, agentic scams — all moved from proof-of-concept to industrial operations. Every regulator now has a list of real incidents to point to when writing rules.

Fourth, the industry ran out of excuses. For most of 2023 and 2024, AI companies successfully argued that self-regulation and voluntary commitments were sufficient. By 2026, with clear evidence of industrial-scale distillation, deepfake fraud reaching billions in annual losses, and AI chatbots implicated in teen suicides and impersonation scams, that argument no longer holds.

The result is that AI compliance is no longer a product-level afterthought. It is an architectural concern, on par with scaling and security.

The Regulatory Stack in 2026

An AI platform operating across major markets now has to handle the following layers, simultaneously.

EU AI Act

The first comprehensive AI law in force. Key obligations by category:

• General-purpose AI (GPAI) models: transparency documentation, training data summaries, copyright policy, technical documentation available to downstream deployers. Models with "systemic risk" (trained above the 10^25 FLOP threshold) face additional obligations: systemic risk assessment, red-teaming, serious incident reporting, cybersecurity protections.
• High-risk AI systems: risk management systems, data governance, technical documentation, record-keeping, human oversight, accuracy and robustness requirements, post-market monitoring. Applies to AI in employment, credit, insurance, education, critical infrastructure, law enforcement, and more.
• Limited-risk AI (chatbots, deepfakes): transparency obligations — users must know they are interacting with AI, and synthetic content must be labeled.
• Prohibited AI: social scoring, real-time biometric identification in public spaces (with narrow exceptions), emotion recognition in workplace/education, predictive policing based solely on profiling, untargeted facial recognition scraping.

Penalties go up to 7% of global annual turnover for prohibited AI, 3% for other violations.

Digital Services Act (DSA)

Applies to any online platform serving EU users. AI chatbots with significant scale trigger the "very large online platform" (VLOP) obligations: systemic risk assessments, independent audits, transparency reporting, researcher data access, content moderation obligations, crisis response mechanisms. Maximum penalty: 6% of global turnover.

GDPR

Still the foundational privacy regime for any AI product touching EU personal data. Relevant AI-specific pressure points:

• Legal basis for training data. Scraping public web content for model training is under active litigation in multiple EU jurisdictions.
• Right to erasure. How do you "delete" a person from a trained model? Active enforcement on this is still emerging.
• Automated decision-making (Article 22). Triggers when AI outputs materially affect individuals. Requires human review options.
• Data minimization. Hard to reconcile with foundation model training on massive datasets.

The EDPB (European Data Protection Board) issued an opinion in December 2024 clarifying some of these, but enforcement is uneven across member states and active.

Sector-Specific Rules

AI used in regulated sectors picks up sector obligations automatically:

• Finance: MiFID II, PSD2/PSD3, EBA guidelines on AI in credit scoring, FINRA AI guidance, CFPB circulars on algorithmic discrimination
• Health: MDR (EU medical device regulation) for diagnostic AI, HIPAA and FDA guidance in the US
• Education: student data protection laws (FERPA in the US, state-level laws)
• Employment: NYC Local Law 144, EU AI Act high-risk category for hiring tools, EEOC guidance on algorithmic discrimination
• Insurance: NAIC model bulletin on AI, state-level regulation

An AI platform that lets enterprise customers deploy into any of these sectors inherits a share of the obligation.

Export Controls

AI is dual-use. The US has export-controlled certain advanced GPUs since 2022, expanded controls to model weights under specific capability thresholds, and maintains Entity List restrictions on access to US AI technology by specific foreign actors. The EU has export controls on dual-use items including AI under the EU Dual-Use Regulation. This shows up as a compliance obligation in who you can sell API access to, which customers pass sanctions screening, and which models can be deployed in which jurisdictions.

KYC, AML, and Access Controls

The newest addition to the stack, and the one most AI companies are least prepared for. Drivers:

• Frontier labs' own Responsible Scaling Policies (ASL-3 and above require KYC)
• Distillation attack defense (see Anthropic's February 2026 disclosure)
• Export-control screening (requires identified customers)
• Misuse prevention (CSAM, weapons uplift, fraud)
• Regulatory convergence with fintech (AI infrastructure increasingly treated as financial infrastructure)

The practical result is that AI platforms are building out KYC programs — identity verification, sanctions screening, beneficial ownership checks, suspicious activity monitoring — that look remarkably similar to the ones fintechs and crypto exchanges already run.

Age Verification

Rapidly becoming mandatory across major markets. The UK's Online Safety Act, EU member state implementations of content age-gating, US state-level laws (Utah, Louisiana, Texas and others), and platform-level policies like Apple's App Store requirements all push in the same direction: products with adult content, financial services, addictive design elements, or significant risk to minors must verify age.

For AI chatbots, this manifests as age-gated access to certain capabilities, protections around minors' interactions, and — in some jurisdictions — prohibitions on certain model behaviors in the presence of underage users.

Content Provenance and Watermarking

The EU AI Act requires synthetic content to be labeled. The US executive order on AI asked NIST to develop content authentication standards. The C2PA (Coalition for Content Provenance and Authenticity) specification is becoming a de facto industry standard. AI platforms generating images, audio, and video are expected to embed cryptographic provenance signals in outputs.

The Compliance Architecture That Works

If you are building an AI product in 2026, the compliance stack above can feel paralyzing. It does not have to. The core insight: compliance for AI is an architectural problem, not a policy problem. Written policies, privacy notices, and DPAs are necessary but nowhere near sufficient. The controls have to be wired into the product.

Here is the minimum architecture that works for a modern AI platform.

Identity and Access Layer

Every user, every session, every API call flows through a layer that knows:

• Who the user is (tier of verification)
• Where they are (jurisdiction)
• What tier of access they have (free, paid, enterprise, capability-gated)
• What their risk profile looks like (behavioral, historical, device)

This is the same layer that handles KYC, AML screening, sanctions checks, age verification, and export-control screening. Build it once, wire it into every product surface.

Technical components:

• Document verification with liveness detection at tier upgrades
• Sanctions, PEP, adverse media screening on account creation
• Device fingerprinting and behavioral monitoring for ongoing risk scoring
• Ongoing monitoring with re-verification triggers

Didit is one provider built for exactly this shape — pay-per-check, global coverage, fast verification, AI-native API.

Content Safety Layer

Input filtering, output filtering, abuse detection, CSAM scanning, copyright protection, and content provenance signals. This is where model safety meets regulatory obligation. Specific capabilities:

• Prompt classification for abuse categories (CSAM, weapons uplift, fraud, self-harm)
• Output classification matched to the same categories
• Hash-matching against known-bad content (NCMEC, copyright databases)
• Watermarking and C2PA provenance for generated media
• Red-team regression suite for known jailbreaks

Audit and Reporting Layer

Regulators increasingly require structured reporting. Build the audit log infrastructure to support it from day one:

• Every decision with material impact logged with inputs, outputs, model version, prompt, and user tier
• Incident reporting pipeline connected to internal escalation and external regulatory filing
• Transparency report generation (aggregated, anonymized metrics on flags, bans, refusals)
• Research access infrastructure for DSA-style data access requests
• Export-ready evidence packages for specific compliance frameworks (EU AI Act technical documentation, ISO 42001, SOC 2)

Jurisdiction Routing

Different rules apply in different places. A single codebase has to handle:

• EU users under GDPR, EU AI Act, DSA
• UK users under UK GDPR, Online Safety Act, UK AI regulation
• US users under state-by-state patchwork (California CCPA/CPRA, Utah AI law, Colorado AI Act, NY Local Law 144)
• Brazil users under LGPD and upcoming AI law
• China users under CAC generative AI rules

The compliance layer routes requests, enforces jurisdictional constraints, and handles data residency. This is not optional for global platforms.

Model Governance Layer

For frontier labs specifically, but increasingly for any company building on top of models:

• Model cards with training data provenance, evaluation results, known limitations
• Red-team reports for systemic risk models
• Incident response for model behavior failures
• Version control for models deployed in regulated contexts
• Downstream deployer documentation (the EU AI Act transparency obligations flow through the supply chain)

Common Mistakes, and How to Avoid Them

Treating Compliance as a Policy Document

The single most expensive mistake. A beautifully written privacy notice does nothing if the product does not enforce the rules described in it. Build enforcement into the architecture, then describe it in the policy — not the reverse.

Assuming Self-Attestation Is Enough

"Users must be over 18" in your terms of service does not satisfy age verification mandates. "Users may not use our product for illegal purposes" does not satisfy CSAM prevention obligations. You need verification, not attestation.

Waiting for Regulatory Clarity

The regulations are not becoming less strict over time. Every round of clarification has tightened the obligations, not loosened them. Building for the 2025 EU AI Act today means already being behind for the 2026 high-risk provisions. Build for the stricter interpretation.

Holding Biometric and Identity Data Yourself

This is a specialized, regulated custody business. If you are not a KYC vendor, do not become one by accident. Use a dedicated provider (Persona, Onfido, Didit) for identity data, and stay on the right side of the data controller/processor line.

Treating Safety and Compliance as Separate

They are the same function, with different audiences. Your red-team program is part of your EU AI Act systemic risk documentation. Your CSAM classifier is part of your DSA obligations. Your sanctions screening is part of your export-control posture. Integrated governance is efficient. Siloed governance guarantees gaps.

Underestimating the Compliance Cost of Enterprise Sales

Enterprise customers will demand evidence — SOC 2 Type II, ISO 27001, ISO 42001 (AI-specific), data processing agreements, subprocessor lists, jurisdictional data residency proofs. Not building these in the first year costs months of enterprise deals in the second year.

What Good Looks Like in 2026

A well-architected AI platform in 2026 has, at minimum:

• Risk-based identity verification wired into every tier and capability boundary
• Sanctions and export-control screening at account creation and on a recurring schedule
• Age verification at any surface where minors face material risk
• Content safety infrastructure — input filtering, output filtering, CSAM scanning, watermarking
• Audit logs and transparency reporting capable of feeding regulatory filings without heroic engineering
• Jurisdiction-aware routing and data residency controls
• A safety and governance function reporting into leadership, integrated with product and engineering, not bolted on
• Documented model governance — cards, evaluations, red-team reports, incident response
• Vendor due diligence on every model, tool, and data provider in the stack
• Active monitoring for abuse patterns — distillation, fraud, scraping, impersonation

This is a significant engineering investment. It is also non-negotiable for any AI company that wants to operate at scale in regulated markets.

The Compliance Stack Is the Product

The instinct for AI builders is to treat compliance as overhead — the tax you pay to ship your "real" product. In 2026, that framing is wrong. The compliance stack is increasingly part of the product. Enterprise customers choose vendors on compliance posture. Regulators gate access to markets on compliance evidence. Users trust platforms that show their work.

The AI companies that win the next five years will be the ones that treat the compliance stack the way infrastructure companies treat uptime: as a first-class engineering concern, with investment, tooling, and leadership attention to match.

Anthropic's quiet rollout of passport-and-selfie verification on Claude is not an aberration. It is a preview. Every major AI platform is going to end up in the same place, whether through voluntary adoption or regulatory compulsion. The companies that get there first, and do it well, will earn a durable advantage. The ones that wait will spend the back half of the decade retrofitting under pressure.

Compliance is not the enemy of AI innovation. Unchecked abuse, opaque models, and regulatory uncertainty are. Building the stack described above is how the industry earns the right to keep building the next generation of capability.

---

Didit builds identity verification, AML screening, and compliance infrastructure for AI-native products. 220+ countries, 14,000+ document types, $0.30 per verification, no minimums. Start for free or talk to the team.