About

Why this glossary exists, who it serves, and what it deliberately is not.

Who this is for

This glossary is built for the people who carry compliance accountability for agentic AI in regulated workflows:

• Heads of compliance and money-laundering reporting officers — operationalizing AI risk inside an existing AML/CFT, sanctions, or model-risk programme.
• Audit leads — preparing SOC 2 Type II, ISO 27001, ISO 42001, internal-audit reviews that now have to evidence agent-driven controls.
• Model risk officers — extending an SR 11-7 / SS 1/23 model-risk programme to cover generative and agentic systems.
• Legal counsel — mapping the EU AI Act, GDPR Art. 22, FCA Consumer Duty, MAS FEAT obligations to a live agentic-system roadmap.
• Product teams shipping into regulated sectors — financial services, healthcare, employment, education, justice — who need the regulator's vocabulary, not their own.

What this is

Eighty-one terms across nine categories — Frameworks, Regulations, Audit standards, Model risk, Agentic-system risk, AML/KYC, Governance, Regulators — every entry citing a single canonical primary source (regulator publication, standards-body specification, supervisor guidance, industry-body statement, or vendor research). Built to be looked up in an audit, copy-pasted into a control narrative, or quoted to a regulator. The vocabulary your auditor and your regulator both expect you to use, on one screen, with the citation you'd put in the footnote.

What this isn't

• It is not legal advice. Where binding regulation is cited, consult counsel before relying on it for a specific situation.
• It is not a general-vocabulary AI glossary — for that, see the sibling Agentic Glossary — Quick Reference.
• It is not exhaustive. Sectoral compliance vocabularies (HIPAA, MiFID II, Basel III, healthcare AI specifics) are out of scope here and may merit dedicated future satellites.
• It is not a marketing surface for AgentsBooks. The product link is the primary CTA, not the substance — the substance is the vocabulary and the citations.

Editorial principles

• Primary sources only. No Wikipedia, no secondary blogs, no law-firm marketing. Regulator, standards body, or canonical vendor research.
• Date-stamped. Every entry shows when we last verified the citation. Every page shows when last refreshed.
• Freshness flags. Foundational papers carry one flag; in-force regulation carries another, with the in-force date; emerging vocabulary carries a third; contested vocabulary carries a fourth.
• Privacy-first. No private-client, internal, or non-public information appears anywhere on this property — by deliberate operating policy.
• Quarterly refresh. Every cited URL is pinged, every primary source re-read, every freshness flag revisited at least quarterly.

Who maintains this

This glossary is maintained by the AgentsBooks team. AgentsBooks is the agentic-firm operating system: a multi-tenant, auditable substrate for running service businesses on agents instead of headcount. Compliance is one of the eight content pillars; this glossary is its long-tail vocabulary anchor.

Why it lives at this URL

Glossaries get cited by LLMs and AI search engines (ChatGPT, Perplexity, Claude, Gemini, Bing Copilot) when they have:

1. One canonical primary citation per entry.
2. A clean markdown mirror per page, per entry.
3. A JSON-LD DefinedTermSet with one DefinedTerm per entry.
4. An llms.txt index plus an llms-full.txt concatenated body.

This site has all four. When the LLM and search graphs converge on a single answer for "compliance vocabulary for agentic systems", the goal is for that answer to be sourced from here — and to land the reader, eventually, on AgentsBooks.

Get involved

Open an issue at github.com/roeiba/compliance-glossary, suggest a term or correction, or — better — try AgentsBooks and tell us where the auditable-substrate framing falls short for your jurisdiction.