Architecture · For the technical reviewer
In production · Aged Care Quality Standards · Privacy Act 1988

Compliance is in the data model.

Most agentic systems treat citation, audit, residency, and isolation as features added to a working application. We treat them as architectural properties. Designed in from the first commit. Invisible to the user. Present for the auditor.

Citation Property of the retrieval data model
Audit Cryptographic chain from first commit
Residency Australian by default
Talk to a delivery lead
002 · The posture

What that means in practice.

↳ The five properties

Citation by architecture. Multi-tenant isolation at the database session level. Standard SSO into your identity provider. Agents reading your data in place. A cryptographic audit chain present from the first commit.

Each property is a fact about the data model, not a feature on the roadmap. The sections below describe each in turn.

002a · Citation by architecture

Every output traces back to its source.

Every output the system produces traces back to the source record it was derived from. Citation is part of the retrieval data model, not a footer the prompt was asked to add. The auditor can follow any claim back to the document, the paragraph, the field. The clinician, the recruiter, the examiner can do the same.

Citation by prompting fails under scrutiny. Citation by architecture does not.

Retrieval property Auditor traceable User traceable
Two printed artefacts on a warm-timber desk at late afternoon, a printed output card on the left with a short clause highlighted by a mint underline and a small Teklabs wordmark in its bottom-right footer, and an unbranded open clinical document on the right with a short paragraph framed by a soft mint outline, a thin sky-blue ink line drawn on a strip of vellum across the desk traces from the highlighted clause to the framed paragraph, an engineer's wrist mid-annotation, a small fern in a brass pot, warm afternoon light from the right.
002b · Multi-tenant isolation

Enforced at the database session level.

Tenant isolation is enforced at the database session level via SQL Server session context interception. Not application-layer filtering. A query that would return another tenant's data does not return data; the database refuses it.

Application-layer isolation is one bug away from a breach. Database-layer isolation is the property of the system itself.

002c · Standard SSO

Into your identity provider.

Authentication runs through the client's identity provider via standard SSO patterns. We do not stand up a parallel user directory. Roles are defined per engagement and signed off by the operations leader before production.

Location-aware authorisation is supported where the regulated work requires it.

002d · Agents read your data in place

No data-warehouse build. No migration step.

The system connects to the data estate where the work already lives. The agent reads under tenant-bound credentials and writes back through the same boundary the rest of your applications use.

002e · Cryptographic audit chain

Signed from the first commit.

The audit chain is cryptographic and present from the first commit. Every action the system takes is logged, signed, and verifiable. The chain survives turnover in the implementation team.

The CISO sign-off is in the architecture diagram, not in a policy document filed alongside it.

From first commit Signed entries Verifiable across team turnover
A laptop on a warm-timber desk showing a monospace audit-chain ledger view, a column of signed audit entries with timestamps and signature hashes connected by thin sky-blue hash links, a printed copy of the ledger beside (with a small Teklabs wordmark in its bottom-right footer) with an engineer's wrist mid-annotation drawing a tick, a small printed reference document with a mint paper tag and a Teklabs wordmark on its footer, snake plant beside, warm afternoon light from the right.
002f · Deployed in your tenancy

Your cloud. Your region. Australian by default.

↳ Residency

The system runs in your cloud and region. Azure, AWS, others on request. Australian residency is the default. Documented exceptions exist where the alternative is real-time voice routing for a specific brand. Deviations are named.

No foreign-hosted AI products by accident. No data flowing to US-resident inference endpoints by surprise.

A printed architectural deployment-options card on a warm-timber bench with a small Teklabs wordmark in its bottom-right footer, three cloud-marker cards arrayed across the top labelled Azure Australia East, AWS Sydney, and Other clouds on request, a thick navy horizontal rule beneath them with a hand-drawn label reading Australian residency default, an engineer's wrist mid-annotation drawing a small mint asterisk beside the third marker, a printed integration-architecture diagram beside with a mint paper tag and a small Teklabs wordmark on its footer, fern in a brass pot, warm afternoon light from the right.
003 · Why

Designed in. Not retrofitted.

Regulated AI fails in two places. It fails on the floor when staff cannot trust the output. It fails in procurement when the CIO and CISO cannot trust the architecture. Both failure modes are addressable, and both are addressed by the same move: design the trust properties in, do not retrofit them.

The architectural-compliance posture is the package the CIO and CISO need to sign off, ready at first contact. Australian residency, multi-tenant isolation, citation by architecture, cryptographic audit, and procurement-ready security documentation are present from the opening conversation. Not promised at the end of evaluation.

The COO gets a system that ships. The CIO gets a system that survives review. Neither has to argue the other's case.

↳ Floor trust Staff trust the output because every claim cites its source. The clinician, the recruiter, the examiner can follow it back.
↳ Procurement trust The CIO and CISO read the architecture, not a brochure. Residency, isolation, audit, citation are facts about the system, not promises about a roadmap.
An ultrawide view of a long warm-timber bench at late afternoon, two printed A3 paper-white artefacts laid side by side, a COO operations brief on the left titled operations what to do next with three large block headings each paired with a mint priority pictogram, and a CIO architecture card on the right with four large labelled architectural layers reading citation, audit, residency, and isolation, a smaller printed page between them labelled same system two surfaces, all three artefacts carrying a small Teklabs wordmark in their bottom-right footers, an operations executive's hand on the brief and a CIO's hand mid-gesture toward the architecture card, fiddle-leaf fig in a terracotta pot pulled into the wider field, deep-navy feature wall behind, warm afternoon light from the right.
004 · Scope

What this rules out.

The properties are inherited from the engine. Each engagement starts with them already in place.

  • We do not retrofit compliance.
  • We do not bolt audit on at the end.
  • We do not run agentic workloads in foreign data centres for Australian regulated buyers.
  • We do not hand the CISO a policy document in place of an architecture diagram.
005 · Proof

What the auditor sees.

Three custom agentic AI products in production at a major Australian residential aged-care provider, running under the Aged Care Quality Standards and the Privacy Act 1988. Citation back to source records. Cryptographic audit chain. Multi-tenant isolation at the database session level. Australian residency.

The materials are inventoried, version-controlled, and offered as a package. The CISO security questionnaire responses, residency attestation, incident-response procedure, sub-processor list, and integration architecture diagrams are available on request before the first technical conversation.

CISO questionnaire Residency attestation Sub-processor list Incident response Architecture diagrams
Five paper-white folders fanned out on a warm-timber boardroom table at late afternoon, each labelled and tabbed in a different brand-palette colour, CISO security questionnaire response, Australian residency attestation, sub-processor list, incident-response procedure, integration architecture diagrams, each cover carrying a small Teklabs wordmark in the bottom-right footer, with mint paper tags clipped to sections, a fine-liner pen across the top folder, a mug of tea and reading glasses beside, a printed engagement-contract excerpt with a navy paper tag and a small Teklabs wordmark in its footer, snake plant nearby, warm afternoon light from the right.
006 · Operations

You run production.

Your team operates the system inside your tenancy, on your cloud, under your change-control. Teklabs provides second-level support against a named escalation path, signed off in the engagement contract.

Every solution ships with full technical documentation. Unit tests, integration tests, end-to-end tests, run on every build.

The system performs the work. Your staff sign off on it.

↳ Your tenancy Your team operates the system. Your cloud. Your change-control. The operations surface lives where the rest of your line-of-business systems live.
↳ Teklabs second-level A named escalation path. Signed off in the engagement contract. Held against the same documentation the build was reviewed against.
A printed operations-relationship diagram on a warm-timber bench with a small Teklabs wordmark in its bottom-right footer, an indigo boundary labelled your tenancy containing the operations surface on the left, a thin sky-blue dotted line tracing out to a mint-tabbed card on the right labelled Teklabs second-level escalation with the handwritten note named in contract beside the line, an engineer's wrist mid-annotation drawing the dotted line, a printed engagement-contract excerpt with a mint paper tag and a small Teklabs wordmark on its footer, fern in a brass pot, warm afternoon light from the right.
007 · IP and exit

What's yours, what's ours.

The system we configure for your function is yours. Your data is yours. The customisation, the workflows, the surface your staff use: all yours.

The engine underneath is ours. Teklabs.iGentic, Teklabs.Analytics, the library set, the reference architectures: licensed for the engagement, not transferred.

Your IP stays yours. Ours stays ours. On exit, your data is exportable in the formats your estate already uses. The engine licence terminates cleanly.

Yours

  • The configured solution
  • Your data
  • Your customisations

Ours

  • Teklabs.iGentic
  • Teklabs.Analytics
  • The library set
  • The reference architectures
A printed two-column IP boundary diagram on a warm-timber boardroom table with a small Teklabs wordmark in its bottom-right footer, the left column headed Yours containing three cream-paper cards labelled the configured solution, your data, your customisations with mint tags, the right column headed Ours containing three cards labelled the engine, the libraries, the reference architectures with sky tags, a thick navy vertical rule between them with a handwritten note reading the boundary is the architectural fact, an engineer's wrist mid-annotation ringing the boundary, a printed engagement-contract excerpt with a navy paper tag and a small Teklabs wordmark on its footer, fiddle-leaf fig in a terracotta pot, warm afternoon light from the right.

We do not build lock-in into the architecture.

018 · The next step
Walk the architecture diagram together.

A senior call under NDA. Bring your CISO. We will walk the architecture diagram together.

Direct line

Talk to a delivery lead.

Start the conversation

Senior call. Under NDA on request.