What shipped and when.
Every major AILS release, in plain language. No marketing fluff.
ISO 37001 Anti-Bribery + EU AI Act FRIA Art. 27 + compliance audit 100/100 — 787 tests
ISO 37001 Anti-Bribery Management System module: gift and hospitality register with configurable EUR threshold (default €50), approval workflow, due diligence screening with PEP/sanctions/adverse media checks, training compliance tracker, Italian Decree 231 ODV meeting log with finalisation lock, risk mapping, Modello Organizzativo PDF, and an Anti-Bribery Advisor SSE agent. Fundamental Rights Impact Assessment (FRIA) under EU AI Act Art. 27: full FRIA lifecycle (draft → approve with re-auth → publish with immutability gate), affected groups and rights-at-stake inventory, residual risk justification, regulator-ready PDF, Draft-AI SSE agent (EU Charter / Art. 27 narrative), and module-gated to ai-act tenants only. Compliance audit hardening: CSRF header added to internal demo reseed cron HTTP calls (all 6 demo tenants were silently failing nightly reseeds), CB certificate number space expanded from 900 → 90,000 values per year to eliminate duplicate-key exhaustion. Platform stats: 787 tests / 74 suites / 88 AI agents / 33 PDF generators / 14 compliance frameworks / 31 modules / 170,000+ lines of production code. SYSRUN-20260619-M8XP: 787/787 · 100/100.
ISO 17020:2026 Inspection Body vertical + Bring Your Own Database (BYOD) relational DB support
Tenth vertical: full ISO 17020:2026 inspection body operations. Inspection orders with INS-{TENANT}-{YYYYMM}-{SEQ} numbering, findings recorder, AI narrative generator (haiku, speed-optimised), report issuance with PDF, and impartiality risk register with 6-month review scheduling. Type A independence enforced at the API layer — if the reviewer is the same person as the assigned inspector, issuance is rejected with TYPE_A_INDEPENDENCE_VIOLATION before re-authentication is prompted. Three AI agents: Inspection Narrative Generator, Impartiality Advisor, and Compliance Advisor. BYOD relational database support: tenants can connect their own PostgreSQL, SQL Server, or Oracle instance via encrypted connection string. Connection testing with latency measurement and plain-language error messages. DB Configuration Agent for guided setup. All connection strings encrypted at rest; never returned in API responses. Platform stats: 723 tests / 67 suites / 88 AI agents / 33 PDF generators / 14 compliance frameworks / 31 modules / 170,000+ lines of production code. SYSRUN-20260619-NU5G: 723/723 · 100/100.
ATEX/IECEx Ex Certification vertical + EU AI Act enhancements + AIMS management review
New Ex Certification module for ATEX/IECEx explosion-protected equipment (module slug: ex-certification). Six IEC 60079 protection types (Ex d/e/i/p/n/m) with clause-by-clause assessment checklists, Ex marking builder per IEC 60079-0:2017, QAR PDF generation, and an AI advisory review agent. All assessments are marked DRAFT/PROVISIONAL pending expert verification — NEEDS-EXPERT-VERIFICATION flags throughout. NGEC1 demo tenant seeded with three equipment records (Ex d junction box, Ex e terminal block, Ex ia intrinsic safety sensor). EU AI Act: risk classification fully decoupled from gap scores — now purely questionnaire-driven (Art. 6/Annex III logic); Digital Omnibus phasing surfaced with three effective dates (Aug 2026/Jan 2027/Aug 2027). AIMS Management Review: platform-level AI governance dashboard (ISO/IEC 42001 §9.3), posture snapshot at review creation, improvement actions with close workflow, AI executive summary. Marketing vertical pages now show Live/Integration/Future status badges with standing accreditation disclaimer. Platform stats: 693 tests / 58 suites / 77 AI agents / 28 PDF generators / 13 compliance frameworks / 30 modules / 170,000+ lines of production code.
ISO/IEC 17011 Accreditation Body vertical — closed-loop trust chain complete
The ninth vertical closes the conformity assessment loop: Manufacturer (FounderOS) → Testing Lab → Certification Body (ISO 17065) → Accreditation Body (ISO 17011). One governed platform covers every node. Full accreditation body operations: application intake, assessments, accreditation certificates, surveillance calendar, assessor register, complaints and appeals. AI conflict-of-interest screener per ISO 17011 cl. 5.2. Decision independence enforced at the API layer — if the certificate decision-maker was on the assessment team, issuance is rejected with the clause cited. MIND™ Demo Layer added (MindPanel drawer on demo dashboards). Platform stats: 656 tests / 56 suites / 77 AI agents / 28 PDF generators / 13 compliance frameworks / 9 verticals / 165,000+ lines of production code.
Institutional Tier — Grant Tracking, FAIR Data & Academic Lab Mode
University core facilities and government research labs now have a purpose-built tier. Grant tracking with F&A overhead auto-computed (NIH 15% MTDC cap enforced). FAIR Data Publishing — persistent identifiers, public share links, DataCite JSON export for Zenodo/Dryad/Figshare deposit. Lab Mode toggle switches the entire UI from commercial to academic terminology (Sample Submission, Lab Report, Principal Investigator, Internal Chargeback). Multi-department structure with cost centres. Funder mandate fields for NIH, Horizon Europe, and NSERC DORA. $299/mo institutional tier, annual billing.
Platform rebrand + 484 end-to-end tests — 100/100 health score
New teal vector logo and tagline "One Platform. Every Workflow. Total Control.™" 53 test suites covering every major workflow path, vertical module, compliance assertion, security probe, and EU AI Act control. Includes Standards Currency Monitor agent (ASTM/ISO/IEC/AOAC superseded-method detection), always-on health monitoring with live score endpoint, and SAP QM / Salesforce CRM / IEC Electrical vertical launches.
EMR/FHIR R4 integration agent live
Native bidirectional connection to Epic, Cerner, Meditech, and Allscripts. Inbound ServiceRequest orders auto-populate AILS. Outbound DiagnosticReport results push to the EMR. No middleware.
Cultivation Module — GACP + FDA Schedule III ready
Seed-to-harvest documentation for cannabis, hemp, and botanicals. Batch tracking, IPM records, dual-witness waste destruction, and a forward-looking FDA Schedule III readiness audit.
CLIA vertical live — 42 CFR Part 493 compliance layer
Full CLIA compliance: patient results, Westgard QC rules, CAP/COLA proficiency testing, personnel qualifications (Subpart M), and HIPAA BAA available at signup.
Pharma/GMP vertical — ICH stability studies + batch release
OOS investigations, ICH Q1A/Q1E stability studies, method validation, AI batch release risk scoring, and mandatory second-person COA review.
TOTP-based 2FA + hardened test suite
21 CFR Part 11 compliant two-factor authentication. Re-authentication required before every critical signature. Architecture enforced — not a setting.
Want to see what's coming next? Book a demo and we'll walk you through the roadmap.
