The audit trail AI agents need — built where it matters.

The premise.

In late 2025 we were running compliance reviews for UK regulated firms that had quietly put AI agents into production over the previous eighteen months. The pattern was identical at every firm: the engineers were proud of the agent, the security team had basic logging in place, and nobody could answer the question "if a regulator asked tomorrow, what would you send them?"

The EU AI Act enforcement window was already on the calendar. Lloyd's underwriters had started asking about AI logging at renewal. Existing observability and compliance automation tools — well-built for their categories — were not the right shape for the question.

We built Agent Audit because someone had to.

What we believe.

• Cryptographic integrity is non-negotiable. A log that the vendor can edit is not evidence. Every receipt is hash-chained and independently verifiable.
• PII stays at the customer perimeter. We redact at the SDK boundary. We don't want your sensitive data, and you don't need to trust us with it.
• Auditor-shaped output beats engineer-shaped output. The pack is built for the person who has to accept it as evidence — not for the dashboard they'll never look at.
• Cross-vendor by design. Real production agent stacks use multiple providers. The audit primitive has to sit above any single one.
• UK data residency is a feature. Regulated buyers care about where their evidence lives. London by default; EU and US when asked.

Who we are.

Agent Audit is built by VantagePoint Networks, a UK cyber and AI tooling firm. We've shipped multiple production products in the security and compliance space — including VP Audit (network security assessment), VantageData (patent intelligence with hardened public API), and several others.

We are deliberately small. We work directly with the firms we serve. Decisions about the platform are made by the people who answer the support email.