Compliance exports
Conformity bundles, Annex IV packs, and regulator-ready evidence
Compliance exports
Nexus generates regulator-ready evidence packs from live audit data, AI system inventory, and policy manifests. Exports are designed for compliance officers preparing EU AI Act conformity assessments and ongoing supervisory requests.
Available export types
| Export | Endpoint | Format |
|---|---|---|
| Conformity bundle | POST /api/v1/compliance/export/conformity-bundle | JSON + manifest hash |
| Annex IV | POST /api/v1/compliance/export/annex-iv | |
| Deployer pack | POST /api/v1/compliance/export/deployer-pack | ZIP (JSON + audit sample) |
| EU database submission | POST /api/v1/compliance/export/eu-database | JSON (ESMA schema) |
| Article 12 log | GET /api/v1/compliance/export/art12 | JSON / CSV |
| Supply chain | GET /api/v1/compliance/export/supply-chain | JSON |
| Audit trail | GET /api/v1/audit/export | JSON / CSV |
All exports require tenant-scoped API keys (hnx_…) or authenticated console session.
Conformity bundle
Primary artifact for EU AI Act Article 43 conformity assessments:
curl -X POST "https://nexus.hardalion.com/api/v1/compliance/export/conformity-bundle" \
-H "Authorization: Bearer $TENANT_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"ai_system_id": "ais_trading_agent_v2",
"include_audit_sample": true,
"policy_pin": "hardalion://nato-prou-strict-financial@1.0.0"
}'Response includes:
manifestHashfor tamper detection- Pinned NPL policy version with link to npl-spec
- AI system inventory snapshot
- Sample of hash-chained audit entries
- Operator configuration summary
Annex IV technical documentation
curl -X POST "https://nexus.hardalion.com/api/v1/compliance/export/annex-iv" \
-H "Authorization: Bearer $TENANT_API_KEY" \
-H "Content-Type: application/json" \
-d '{ "aiSystemId": "ais_trading_agent_v2" }' \
-o annex-iv-ais_trading_agent_v2.pdfGenerates Annex IV aligned technical documentation from registered system metadata.
Deployer pack
For deployers exercising Article 26 obligations:
curl -X POST "https://nexus.hardalion.com/api/v1/compliance/export/deployer-pack" \
-H "Authorization: Bearer $TENANT_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"ai_system_id": "ais_trading_agent_v2",
"include_fria": true
}' \
-o deployer-pack.zipDashboard workflow
- Open Compliance in the Nexus console
- Select the registered AI system
- Review policy pin and shadow metrics summary
- Click Export conformity bundle
- Store
manifestHashin your GRC system - Optionally run offline verification with npl-spec audit tools
Verify exported evidence
curl -X POST "https://nexus.hardalion.com/api/v1/audit/verify" \
-H "Authorization: Bearer $TENANT_API_KEY" \
-H "Content-Type: application/json" \
-d '{ "manifest_hash": "abc123..." }'Public compliance API
Stateless compliance checks (no tenant audit write) are available at api.hardalion.com: