Overview The Treeship Compliance Engine enables AI agents to automatically meet regulatory requirements across jurisdictions while maintaining transaction privacy through Zero-Knowledge proofs.
Prove compliance without revealing confidential business data or personal information.
Supported Regulations Financial
Data Privacy
Industry Specific
KYC/AML : Know Your Customer / Anti-Money LaunderingPSD2 : Payment Services Directive 2SOX : Sarbanes-Oxley ActMiFID II : Markets in Financial Instruments Directive Implementation Basic Compliance Check import { Treeship } from '@treeship/sdk' ; const treeship = new Treeship ({ apiKey: process . env . TREESHIP_API_KEY }); // Create compliance-aware transaction const transaction = await treeship . commerce . createTransaction ({ type: 'cross_border_payment' , amount: 50000 , fromCountry: 'US' , toCountry: 'EU' , compliance: { frameworks: [ 'GDPR' , 'PSD2' , 'AML' ], generateProof: true } }); // Generate compliance proof const complianceProof = await transaction . generateComplianceProof ({ assertions: [ 'gdpr_consent_obtained' , 'aml_checks_passed' , 'psd2_authentication_complete' ], // Private inputs (never exposed) privateInputs: { customerData: { /* encrypted */ }, riskScore: 0.23 , verificationMethod: 'biometric' } }); console . log ( 'Compliance verified:' , complianceProof . isValid ); Multi-Jurisdiction Compliance // Agent operating across multiple jurisdictions const globalAgent = await treeship . commerce . createAgent ({ name: "GlobalTrader" , compliance: { jurisdictions: { 'US' : [ 'SOX' , 'AML' , 'OFAC' ], 'EU' : [ 'GDPR' , 'PSD2' , 'MiFID2' ], 'UK' : [ 'GDPR' , 'FCA' , 'AML' ], 'JP' : [ 'APPI' , 'FIEA' ] }, // Automatic compliance routing autoRoute: true , fallbackJurisdiction: 'US' } }); // Transaction automatically complies with both jurisdictions const crossBorderTx = await globalAgent . createTransaction ({ from: { country: 'US' , entity: 'us_subsidiary' }, to: { country: 'EU' , entity: 'eu_customer' }, amount: 100000 , // Automatically applies US + EU compliance autoCompliance: true }); Compliance Proofs 1. Data Minimization Proofs Prove you’re collecting only necessary data:
const dataProof = await treeship . compliance . generateDataMinimizationProof ({ dataFields: [ 'email' , 'country' , 'age_range' ], purpose: 'service_delivery' , assertions: [ 'fields_necessary_for_purpose' , 'no_excessive_collection' , 'retention_period_defined' ] }); 2. Consent Proofs Verify consent without exposing personal data:
const consentProof = await treeship . compliance . generateConsentProof ({ consentId: 'consent_hash_123' , assertions: [ 'explicit_consent_given' , 'consent_not_expired' , 'withdrawal_mechanism_available' , 'specific_purpose_defined' ], // Merkle tree of consents merkleRoot: '0x7f9a3b...' }); 3. Audit Trail Proofs Maintain verifiable audit trails:
const auditProof = await treeship . compliance . generateAuditProof ({ timeRange: { start: '2024-01-01' , end: '2024-12-31' }, assertions: [ 'all_transactions_logged' , 'no_gaps_in_records' , 'immutable_storage' , 'authorized_access_only' ] }); Real-World Example: Healthcare Data Processing // Healthcare AI agent processing patient data const healthcareAgent = await treeship . commerce . createAgent ({ name: "HealthAnalyzer" , type: "medical_ai" , compliance: { frameworks: [ 'HIPAA' , 'GDPR' , 'FDA' ], certifications: [ 'ISO_13485' , 'SOC2_TYPE2' ] } }); // Process patient data with compliance const analysis = await healthcareAgent . analyzePatientData ({ // Encrypted patient data encryptedData: patientDataBlob , compliance: { // HIPAA Requirements hipaa: { minimumNecessary: true , deIdentification: 'safe_harbor' , accessControls: true }, // GDPR Requirements gdpr: { lawfulBasis: 'vital_interests' , dataSubjectRights: true , crossBorderTransfer: 'adequacy_decision' } }, // Generate proof of compliant processing generateProof: true }); // Multi-layer compliance proof const complianceBundle = await analysis . generateComplianceBundle ({ layers: [ { framework: 'HIPAA' , assertions: [ 'phi_encrypted_at_rest' , 'access_logged' , 'minimum_necessary_applied' ] }, { framework: 'GDPR' , assertions: [ 'lawful_basis_documented' , 'purpose_limitation_enforced' , 'data_minimization_applied' ] } ] }); // Share proof with regulators const regulatorProof = await complianceBundle . prepareForRegulator ({ regulator: 'FDA' , includeMetadata: true , signWithKey: healthcareAgent . complianceKey }); Automated Compliance Workflows
Define Compliance Requirements
const requirements = await treeship . compliance . defineRequirements ({ businessType: 'financial_services' , jurisdictions: [ 'US' , 'EU' ], dataTypes: [ 'personal' , 'financial' , 'behavioral' ], transactionTypes: [ 'payments' , 'lending' , 'investments' ] });
Generate Compliance Policy
const policy = await treeship . compliance . generatePolicy ({ requirements: requirements , riskTolerance: 'low' , automationLevel: 'full' });
Deploy Compliance Monitors
const monitors = await treeship . compliance . deployMonitors ({ policy: policy , alertThresholds: { suspiciousActivity: 0.7 , regulatoryChange: 'immediate' , nonCompliance: 'zero_tolerance' } });
Continuous Compliance
// Real-time compliance monitoring monitors . on ( 'compliance_event' , async ( event ) => { if ( event . type === 'potential_violation' ) { // Automatic remediation const remediation = await treeship . compliance . remediate ({ event: event , actions: [ 'pause_transaction' , 'generate_report' , 'notify_compliance' ] }); } }); Best Practices
Implement data minimization from the start
Use homomorphic encryption for computations
Generate proofs locally when possible
Implement secure multi-party computation
Subscribe to regulatory change feeds
Implement versioned compliance policies
Maintain backward compatibility
Test compliance updates in sandbox
Maintain immutable audit logs
Generate periodic compliance reports
Implement proof aggregation
Prepare regulator-specific views
Compliance Dashboard Monitor compliance in real-time:
// Initialize compliance dashboard const dashboard = await treeship . compliance . createDashboard ({ agent: globalAgent , metrics: [ 'compliance_score' , 'violations_prevented' , 'proofs_generated' , 'regulatory_coverage' ] }); // Real-time compliance metrics dashboard . on ( 'metrics_update' , ( metrics ) => { console . log ( 'Compliance Score:' , metrics . complianceScore ); console . log ( 'Active Regulations:' , metrics . activeRegulations ); console . log ( 'Proof Generation Rate:' , metrics . proofsPerSecond ); }); Next Steps 
