Instrata is the AI-governance and privacy compliance platform for companies deploying automated decisions in regulated industries — shipping the operational layer existing vendors only describe.
01 — Why now
By 2027, compliance teams are measured on per-decision mechanics, not policy documents: — Did the §1704 letter ship in time? — Was the §1705 reconsideration logged? — Is the model version still queryable a year later? Vendors sell frameworks. We ship the mechanics.
02 — The operational layer
Instrata operationalizes the workflow compliance teams will be audited on.
Available today
Six discovery channels, every AI system mapped to a state-specific obligation.
One dashboard, per-state obligation map.
Model version → ADMT influence → human override → outcome → disclosure timestamp.
Shipping Q3–Q4 2026
Auto-drafts the letter the moment the decision lands.
SLA-tracked reviewer queue, append-only.
Blocks PHI/PII from leaking into ChatGPT and Claude.
Prevents duplicate adverse-action notices in lending.
03 — Proof
Adverse-action ships Q3. Until then, watch the engine work a DSAR — synthetic data, per-record statute selection, citations written as it goes. Same boundary will gate §1704. Same audit chain. Same approval phrase.
Scenarios
8
State DSAR statutes
6
Federal retention rules
3
Model
Claude Sonnet 4.6
Anthropic does not train on Claude API inputs.
04 — The buyer
Buyer
Head of compliance
Company size
$50M–$500M ARR
Beachhead
HR + lending
ACV
$25K–$150K
Mid-market companies deploying AI in hiring, lending, insurance, healthcare, automotive. The 2027 clock hits HR and lending first — that's the beachhead. Automotive in motion via Nissan.
05 — The team
Ankur Soni — founder. Sat next to Nissan's privacy team for months, watching the manual workflow Instrata now automates. Resigned to go full-time.
Ready when you are
Thirty minutes. We walk your team through one decision — DSAR, adverse-action, or reconsideration — from intake to citation.