“The most dangerous assumption in enterprise AI adoption is that the model is the risk. The prompt is the risk. The data flowing through the prompt is the risk — and now, the tools the agent calls are the risk. OBEL™ exists to govern that entire flow.”
01 — The Problem
The AI governance gap is structural — and widening.
Enterprise AI adoption in regulated environments is growing at a CAGR exceeding 35%. Yet adoption in security-conscious and compliance-bound organisations remains structurally suppressed — not because of a capability problem, but because of a governance gap.
The same properties that make frontier models powerful — trained on vast public data, operated by third-party providers, accessible via open APIs — make them structurally incompatible with the information-handling obligations of governments, financial institutions, hospitals, universities, and defence contractors.
When regulated enterprises attempt direct LLM integration, they encounter three compounding failure modes:
The Data Egress Problem
Every prompt submitted to a third-party AI API is a potential data transmission event. For organisations handling personal information, classified material, or commercially sensitive IP, unmediated prompt submission creates regulatory breach exposure and classification spillage risk.
The Auditability Vacuum
Enterprise risk and compliance functions require an immutable record of every AI interaction — who submitted what, when, what the model received after any intermediary processing. Vanilla API access provides no such record. There is no chain of custody that would satisfy a regulator, an internal audit function, or a court of law.
The Cost and Access Control Problem
Unconstrained LLM access is a budget shock waiting to happen. Token costs compound unpredictably with usage. Without hierarchical budget controls, a single team's enthusiastic adoption can exhaust an organisation's entire AI allocation before month end.
A fourth failure mode — and the fastest-growing — has emerged with autonomous AI agents. An agent may execute dozens of AI sub-steps, access file systems, query databases, and call external services — all without human review. Each action is a potential data egress event, a sovereignty violation, and an audit gap. Standard governance tools provide no meaningful constraint on these workflows.
02 — The Solution
OBEL is not a wrapper. It is a security layer.
OBEL is the institutional-grade AI governance layer for regulated enterprises — a secure, auditable proxy positioned between every user and agent on one side, and every AI model and external tool on the other. OBEL enforces data sovereignty, maintains an immutable audit trail, and controls costs before a single token — or a single tool call — reaches an external system.
Every prompt
Scanned for classification markings, scrubbed of personal information and credentials, committed to an immutable audit vault — then dispatched to the model. Never the other way around.
Every agent tool call
Intercepted and governed before execution. OBEL's governance applies to every external tool invocation an autonomous agent makes, with human-approval enforcement for sensitive operations.
Every generated image
Passed through the full governance pipeline and stamped with cryptographic provenance metadata — attribution that persists across platform boundaries.
Every user
Retains control over their conversation content through a dual-party access protocol that prevents admin access to conversation bodies without an explicit, user-issued consent.
Every organisation
Accesses only what it has licensed — through a clean separation of billing entitlement and individual user access that scales from a solo professional to a sovereign agency.
Every policy change
Logged to a dedicated governance audit trail with source attribution — demonstrating to auditors that the security perimeter is actively maintained.
03 — ARGUS-i™ Runtime Engine
Always watching. Never bypassed.
ARGUS-i™ is OBEL's proprietary runtime engine — the always-on governance layer that makes real-time, synchronous decisions on every request before a single token is transmitted or a single tool is invoked. Named for the all-seeing giant of Greek mythology, ARGUS-i™ does not merely log events after the fact. It decides.
Classification Scanner
Every message is classified against a sovereign schema before the model sees anything. Content classified above the configured threshold is hard-blocked — the request is denied before inference begins. This is a FAIL-SHUT gate. If the scanner cannot confirm its posture, access is denied.
PII & Secrets Scrubber
Personal information — names, email addresses, phone numbers, government identifiers, financial account numbers, and credentials — is detected and replaced with typed placeholders before the LLM receives the prompt. The model never sees the original values.
Tamper-Evident Audit Vault
A governance record is committed before the model is called. If the write fails, inference does not proceed. Records are append-only. The commit identifier changes if any record is altered — making tampering detectable.
Autonomic Discovery
A self-learning layer continuously analyses interaction patterns to identify novel data types, sector-specific identifiers, and emerging threat patterns not covered by existing rules. Proposals surface to administrators for review — the security perimeter grows with the organisation's own usage, not just when OBEL ships a rule update.
Agent Governance
Every tool call an autonomous AI agent makes is intercepted, scrubbed, classified, and audited before execution. Sensitive external operations are routed to a human-approval queue. No agent action bypasses the governance stack.
04 — Governance Principles
Six principles that are not configurable.
01
Classification before scrubbing
The classification engine sees the original, unmodified content first. A sovereignty marking embedded in a document header cannot be altered before it is detected. Only content cleared by the sovereign gate reaches the scrubbing layer.
02
Sovereign block before the LLM
Content assessed above the configured sovereignty threshold is rejected immediately — not forwarded in redacted form, not queued for review. The model never receives the content. Not a cleaned version. Nothing.
03
Scrubbed content only to the LLM
The language model receives the scrubbed prompt — with PII replaced by typed placeholders — not the original. The original is never transmitted to any third-party inference service under any configuration.
04
Audit vault before inference
A governance record is committed before the model is called. If the vault write fails, inference does not proceed. There is no configuration that allows inference to run against an unaudited session.
05
FAIL-SHUT, not FAIL-OPEN
If the governance engine cannot confirm its posture — due to network conditions, configuration unavailability, or any other cause — access is denied. OBEL will not operate against an undefined governance posture.
06
Governance owns the prompt layer, not the model
OBEL does not modify, fine-tune, or otherwise alter AI models. It governs what reaches them and what is committed to record. Model providers remain accountable for their models. OBEL is accountable for the envelope.
05 — Privacy Within the Governance Layer
Governance without privacy is surveillance.
The deployment of an AI governance proxy creates a secondary privacy concern: the governance layer itself becomes a repository of employee thought processes, strategic deliberations, legal analysis, and HR interactions. OBEL establishes a clear separation — metadata belongs to the organisation; conversation content belongs to the user.
Sovereign Handshake
Conversation transcripts are protected by a dual-party access protocol. An administrator cannot access the body of a user's conversation without the user's explicit, real-time consent. The consent action itself is logged. The access itself is time-limited and audited.
Sovereign Reset
Users can request hard deletion of all their interaction data — an irreversible operation that removes personal conversation data from OBEL's systems within a single atomic action. Compliance records required by the organisation's data retention policy are preserved. Everything else is gone.
Notification Centre
Every access request — whether from an administrator or an automated governance process — is surfaced to the affected user as an actionable notification. Users can approve or deny administrator access requests in real time.
06 — Sector Applications
Built for the organisations most constrained by compliance.
07 — Commercial Model
Simple, transparent, aligned to your usage.
OBEL offers two paths to access: bring your own AI provider API keys and pay a flat per-seat monthly fee — no usage markup, no surprises — or purchase an OBEL Premium Models Pack and reload prepay credit as required, with OBEL managing provider relationships on your behalf. No per-seat billing friction. No usage guesswork.
Individual Pro
14-day free trial — no credit card required. Full Premium model access, PII scrubbing, ARGUS-i™ governance, and audit trail from day one.
Standard
Bring your own keys or activate a Standard Models Pack. Governed team workspace.
Premium
Frontier model access across OpenAI, Anthropic, and Google. Full ARGUS-i™ governance.
Enterprise
Custom deployment, dedicated support, and negotiated commercial terms. Contact sales.
Gov Highside
Sovereign classification enforcement, air-gap deployment path, and classified-network MCP integration. Contract only.
Full plan comparison and pricing at useobel.ai/pricing.
Next steps
Ready to evaluate OBEL™ for your organisation?
Individual professionals can start a free trial today. Enterprise and government teams can request a technical briefing or deployment assessment.
Get a copy of this document