Private beta, Q2 2026

Your AI agents shouldn't get
autonomy they haven't earned.

Promitas routes every agent action through a human on day one. Patterns earn auto-approve only after they've proven safe, rule by rule. Visibility, control, and an audit trail built for the teams that have to answer for the outcome.

Prefer a chat? Book a 20-minute intro call

agent   queued: create_payment
        $12,500 → acme

rules   flag_for_review
        rule #10 high-value

m.chen Why this vendor,
        this amount?

agent   Q1 retainer. Contract
        A-442. PO-3981 attached.

m.chen Approved. Rationale:
        "contract + PO match"

system  executed.
        elapsed 00:00:18

verdict resolved in 18s

# finance team rules
- name: block-high-value
  scope: team:finance
  condition:
    threshold_exceeded:
      field: amount_gbp
      threshold: 10000
  action: flag_for_review
  priority: 10

# Block payments to new vendors
- name: new-vendor-check
  scope: team:finance
  condition:
    vendor_not_approved: true
  action: block
  priority: 1

verdict flag_for_review, #10

{
  "event": "ev_01JA9XK3R2",
  "ts": "2026-04-19T14:18Z",
  "agent": "finance-01",
  "action": "create_payment",
  "data": {
    "amount_gbp": 12500,
    "vendor": "acme"
  },
  "rule": "block-high-value",
  "verdict": "flag_for_review",
  "reviewer": "m.chen",
  "decision": "approved",
  "rationale": "PO-3981 match",
  "final": "executed"
}

verdict approved, exported

The problem

Organisations are deploying AI agents without the oversight they expect from human teams. Agents send emails, move money, touch customer data. When something goes wrong, there is no rule, no reviewer, and no record.

The answer is not to freeze adoption. The answer is to put the same controls around AI work that you put around every other critical process: policy, approval, and a paper trail.

Why now

The agent stack matured. Governance didn't.

In the last six months, every major model provider shipped agent infrastructure. The deployment primitives are here. The oversight primitives are not. Promitas closes that gap.

Oct 2025

AWS ships Bedrock AgentCore with long-running agent runtime.
Dec 2025

OpenAI launches the Responses API, built for multi-step agents.
Jan 2026

Anthropic releases Managed Agents with first-class tool use.
Now

A team can deploy an autonomous agent in a weekend. The controls needed to run them safely have not caught up.

The loop

Progressive autonomy, not blind trust.

Most AI tooling forces a binary choice: fully autonomous or fully manual. Promitas treats autonomy as a spectrum that earns its way up, one verified rule at a time.

01
Deploy

Connect your existing agents or spin up new ones. Works with Bedrock, OpenAI, and Anthropic out of the box. Swap models without rewriting a rule.
02
Govern

Define rules. Start strict: route every outbound email to review, block transfers over a threshold, require approval on new vendors or customers.
03
Review

A human resolves each flag in a per-agent chat. Every intervention is logged with the reviewer, the rationale, and the outcome.
04
Grant autonomy

Once a pattern has a clean review history, promote it from review to auto-approve for that scope. Autonomy is a dial, not a switch.

What's different

Not another observability tool.

Observability tells you what your agents did. Promitas decides what they're allowed to do, and earns them more autonomy as they prove safe.

agents / live streaming

▾ finance-01 (3 sub-agents) ok
├─ invoice-drafter ok · 00:00:03
├─ vendor-verifier ok · 00:00:11
└─ payment-processor review
▾ legal-02 (2 sub-agents) idle
├─ contract-reader ok · 00:02:41
└─ clause-suggester ok · 00:02:41

Sub-agent dashboard. Every spawn, tool call, and verdict in one tree.

agent / response hover a citation

The payment to Acme Consulting for £12,500 aligns with the retainer in contract and matches purchase order .

source [1] contract_A442.pdf page 3, § 2.1 "retainer schedule" "Quarterly retainer invoices of £12,500 due on the first working day of each quarter."

Hover citations. No invented references. Every number traced back to its source.

01
Hover-to-source citations

Every claim an agent makes is anchored to the document, page, and paragraph it came from. Hover to verify.
02
Sub-agent visibility

Every sub-agent spawn, tool call, and hand-off rendered as a live tree. See the whole run at a glance, no sifting through log files.
03
LLM-as-judge oversight

A second, colder model scores every risky action before it ships. If it disagrees, a human reviews.
04
Confidence-threshold routing

Set the dial per rule. Below your threshold, route to a human. Above it, auto-approve with a trace.
05
Model-agnostic

Works with Bedrock, OpenAI, and Anthropic out of the box. Swap models without rewriting a single rule.

The pillars

Three guarantees for any agent you deploy.

Visibility

See every agent, every decision, every output in real time. No black boxes. Filter by team, agent, risk level, or rule verdict.

Unified activity log across providers

Control

A configurable rules engine decides what routes to a human and what is allowed to run unattended. Scope rules by organisation, team, or a single agent.

Per-agent chat for human-in-the-loop review

Audit

Immutable trail of actions, rule verdicts, approvals, and human interventions. Export for compliance, regulators, or a board review.

Regulator-ready exports

For whom

Built for teams where a mistake has a cost.

Financial services

Every agent action logged against policy. Block what must be blocked, flag what should be reviewed, grant autonomy where the record says it is safe.

SOC 2 ready
Threshold rules
Four-eyes approval

Legal and compliance

Prove an AI decision after the fact. Export the rule trace, the agent input, the verdict, the reviewer, and the final action as a single record.

Immutable audit
Exportable traces
Rationale capture

Operations and revops

Let agents draft invoices, reconcile data, and handle inbox triage. Keep the human in the loop only where risk or novelty demands it.

Per-agent chat
Escalations inbox
Team-scoped policies

Compliance by design

Built for regulated environments.

Promitas maps to the control families that regulators and auditors already know. Every agent decision is paired with a rule trace, a reviewer, and an immutable record. Exports are regulator-ready, not a forensic project after the fact.

The EU AI Act treats many agentic systems as high-risk. ISO 42001 sets the management system standard for responsible AI deployment. Promitas gives you the governance, logging, and human-oversight posture both frameworks expect, on day one.

EU AI Act

High-risk system controls

Aligned by design
GDPR

Lawful basis, DPA, minimisation

Built in
ISO 42001

AI management system

On the roadmap
SOC 2 Type II

Security, availability, confidentiality

In preparation
ISO 27001

Information security management

On the roadmap

Region: EU data residency
DPA: Sub-process register
Encryption: AES-256 at rest
SSO: SSO + SCIM ready
Audit: Immutable audit log

Request access

Early access is curated.

We are working closely with a small cohort of design partners through Q2 2026. If you run an AI programme that matters to your business, we want to hear about it.

Or book a 20-minute intro call.

Your AI agents shouldn't getautonomy they haven't earned.

Deploy

Govern

Review

Grant autonomy

Hover-to-source citations

Sub-agent visibility

LLM-as-judge oversight

Confidence-threshold routing

Model-agnostic