Does Panovia replace our current tools?

No. Panovia sits on top of the tools your team already uses.

How does Panovia cite its answers?

Every answer includes the document name, page, section and revision state.

Can Panovia work with WhatsApp and email?

Yes. Channel Capture ingests messages and emails without changing how teams communicate.

How does human verification work?

Critical actions are routed to the right person for explicit approval before any external action.

How is customer data handled?

Panovia does not train AI on your data. Each customer's project sits in its own logical environment. Data handling is reviewed during implementation.

Audit-Defensible AI: What the Phrase Actually Means

What this page is

This page defines audit-defensible AI as a structural property of an AI architecture, names the three operational tests that separate architectures that pass from architectures that do not, and explains why audit-defensible AI is becoming the procurement-grade standard for regulated industries in 2026. Every claim on this page is anchored to a verifiable source.

The page sits alongside the architectural argument at panovia.ai/blog/h2a2h-governance. From Monday 15 June 2026, the three operational tests can be applied to DWG, Revit and IFC files in the free version of Panovia at panovia.ai/sign_up.

What audit-defensible AI is

Audit-defensible AI is AI whose output, asked any forensic question by a regulator, counsel or auditor, can answer the question from the system itself, not from human memory.

This is a structural property of the architecture, not a description of an outcome.

The formulation matters. “AI that has been audited” describes a process that occurred. Audit-defensible AI describes an architectural property that holds at every moment, by design. The distinction is procurement-critical.

Why the phrase is now operative

Three regulatory and empirical forces converge through 2026 to make audit-defensible AI the procurement standard for regulated industries.

First, regulatory deadlines. The EU AI Act enters full high-risk system compliance on 2 August 2026, with penalties up to €35 million or 7% of worldwide annual turnover.¹ Articles 13, 14 and 15 establish transparency, human oversight, and accuracy and robustness as legal obligations for high-risk systems.¹ California's AI Transparency Act and Generative AI Training Data Transparency Act took effect 1 January 2026.² The Texas Responsible Artificial Intelligence Governance Act is in force from early 2026.³ Other US states are following.

Second, empirical AI failure data. The Stanford 2026 AI Index documented 362 AI incidents in 2025, up from 233 in 2024, a 55% year-on-year rise.⁴ The same Index measured hallucination rates ranging from 22 to 94% across 26 frontier models under user-implied false belief.⁴ Forrester's Jayesh Chaurasia and Noel Yuhanna, writing 10 March 2026, set the operative framing for the year: “Context, Not Models, Is The Real AI Bottleneck.”⁵

362AI incidents in 2025 — up 55% on 2024

22–94%Hallucination range across 26 frontier models

€35MEU AI Act penalty ceiling, or 7% of turnover

$5BGartner AI compliance forecast by 2027

Third, professional-services precedent. Sullivan and Cromwell apologised to a New York court in April 2026 over an AI-hallucinated filing in the Prince Global Holdings Chapter 15 bankruptcy case.⁶ The US Fifth Circuit sanctioned an attorney $2,500 in February 2026 in Fletcher v. Experian Information Solutions over a brief drafted using Thomson Reuters CoCounsel and vLex Enterprise containing hallucinated content.⁷ EY Canada withdrew a 44-page cybersecurity study on 14 May 2026 after GPTZero researchers identified 16 of 27 cited sources as fabricated, misattributed or linked to non-existent web pages.⁸

$5B

Gartner forecasts $5 billion in AI compliance investment by 2027, with fragmented AI regulation covering 50% of the world's economies.

Gartner Top Predictions for IT, October 2025

Each precedent is a procurement signal: AI work product is now being interrogated at the highest professional levels, and architectures that cannot survive interrogation are commercially exposed.

The three operational tests

Three tests separate architectures that pass from architectures that do not.

Test 1: Source traceability. For every output the agent produces, can the reviewer trace the claim back to the specific document, the specific page, and the specific revision that produced it?

The test is binary. If the answer is “the agent looked at the project record” or “the audit log can be reconstructed,” the architecture has failed the test. Citation has to be structural at the moment of generation. The reviewer clicks from the agent's claim back to the source file with the original page reference and the correct revision. No reconstruction. No human memory.

Test 2: External action accountability. For every action the agent has taken in the world, can the reviewer see which human approved it before it happened?

External actions include emails sent, records changed, submissions filed, counterparty commitments made. If the agent acted autonomously on any consequential decision, the architecture has failed. Approval has to be architectural rather than configurable. Bounded autonomy is the structural property; the agent's reach extends to the analytical and informational layer, never to the consequential layer without explicit human approval at the moment of action.

Test 3: Uncertainty exposure. For every contested claim in the project record, did the agent show the disagreement or did it pick a side?

Where two sources disagree, both citations have to surface. The agent does not pick a side. The named human resolves the disagreement. Uncertainty visible by default; certainty earned only by explicit human adjudication. Architectures that collapse contradictions into single outputs fail under audit because the audit will eventually find the contradiction.

All three tests are architectural commitments.
None is a setting. None is a feature.
The tests hold from the first line of code, or they do not hold at all.

Where audit-defensible AI is most needed

Audit-defensible AI is the procurement standard for any industry where AI-generated work product must survive forensic interrogation later.

Architecture, Engineering and Construction. Building Safety Regulator Gateway 2 reviews in the UK. BCIS data for the 12 weeks to 1 May 2026 records 323 Gateway 2 decisions, a 71% approval rate, and a 25-week overall average.¹⁰ ISO 19650 information management audits across UK, European and increasingly Middle Eastern and Asian projects. MoHRE compliance in the UAE. Vision 2030 procurement frameworks in Saudi Arabia. Federal contracting in the United States.

Financial services and law. Sullivan and Cromwell's April 2026 New York court apology and the Fifth Circuit attorney sanction in Fletcher v. Experian are early procurement signals for the legal sector.⁶⁷

Accounting. EY Canada's 14 May 2026 study withdrawal and Deloitte's amendment of a $1.6 million Newfoundland and Labrador healthcare report in 2025 are early procurement signals for professional services.⁸¹¹ Healthcare, pharmaceutical research, regulated manufacturing, defence procurement, immigration adjudication. The list expands as 2026 progresses.

What an architecture passing all three tests looks like

Human-to-Agent-to-Human Governance: bounded autonomy, citation at source, approval before action, uncertainty surfaced. A human query enters the agent layer; the agent cites, requests approval, and surfaces uncertainty; the cited output returns to the human delivered with source, page and revision.

Three architectural properties hold together. The first is structural source citation at generation time, not retrospective audit-log reconstruction. The second is named-human approval gating on every external action, not configurable workflow approval that can be turned off. The third is uncertainty surfaced by default across contested information sources, not collapsed into single outputs.

These three properties hold together because they are architectural. They are visible from the first interaction the user has with the system. They cannot be turned on for some users and off for others. They are not premium features.

This is the architectural posture Panovia calls Human-to-Agent-to-Human Governance.

From 15 June 2026, the three tests can be applied to DWG and PDF files in the free version of Panovia at panovia.ai/sign_up.

Common questions

What is the difference between audit-defensible AI and explainable AI?

Explainable AI is about model interpretability: can a human understand why a model produced a given output, in terms of weights, features or training data. Audit-defensible AI is about output traceability: can a human trace the output back to specific source documents, specific approval steps, and specific moments where uncertainty was exposed. The two are complementary but distinct. Audit-defensibility is closer to procurement-grade compliance; explainability is closer to research-grade interpretability.

Is audit-defensible AI a regulatory requirement?

The phrase itself is not yet codified in regulation, but the three operational tests are implicit in the obligations of the EU AI Act (Articles 13, 14, 15), California's AI Transparency Act, the Texas Responsible AI Governance Act, and the procurement standards emerging across regulated industries. By 2027, Gartner forecasts that fragmented AI regulation will cover 50% of the world's economies, with $5 billion in compliance investment.

Can existing enterprise AI tools be made audit-defensible?

Some can be retrofitted partially. Tools that already track citations to source documents have a foundation. Tools that already require human approval on outgoing actions have a foundation. Whether the foundation is sufficient depends on whether the three tests pass at architectural level rather than as configurable add-ons. Vendors that built around the three commitments from the first line of code start in a different structural position from vendors retrofitting the commitments later.

How do the three tests apply to the AEC AI vendor landscape in mid-2026?

The 2026 AEC AI vendor landscape includes platform-anchored plays (Procore's Datagrid-embedded CDE, announced 1 June 2026; Graphisoft's Nemetschek Group-level collaboration layer, announced 3 June 2026), authoring-tool-anchored plays (Autodesk's construction intelligence features anchored to Autodesk Construction Cloud, AI Assistant features across Revit and ArchiCAD), and vendor-neutral architectural plays (Panovia's H2A2H Governance approach). Any AEC firm evaluating vendors in mid-2026 should apply the three tests directly to each system under consideration. The answer to “does this system pass” is the procurement-grade signal.

What does audit-defensible AI mean for AEC specifically?

In AEC, audit-defensible AI is the architectural standard required to defend AI-assisted work product in front of the UK Building Safety Regulator (Gateway 2 review), an ISO 19650 information management auditor, an MoHRE compliance reviewer, a Vision 2030 audit, federal contracting due diligence, and counsel in dispute proceedings. The Gateway 2 evidence reconstruction page at panovia.ai/blog/gateway-2-evidence-reconstruction defines what this looks like in operational detail.

What can I do in the free version of Panovia?

From Monday 15 June 2026 at panovia.ai/sign_up. Upload your own DWG and PDF files and run cited queries against the project record. The agent answers with source-anchored citations, surfaces contradictions between revisions, and waits on human approval before any external action.

Efehan Maleri

Founder and CEO of Panovia, an AI-native coordination and knowledge platform for the Architecture, Engineering and Construction sector. Panovia is headquartered with Attimo, its parent firm. Attimo is a UCL Hatchery 2026 cohort company.

Connect on LinkedIn →

Try the free version of Panovia

From Monday 15 June 2026. Upload your DWG and PDF files. Run cited queries against the project record.

Request Early Access

To follow the architectural argument

Full argument: panovia.ai/blog/h2a2h-governance
Gateway 2 evidence reconstruction: panovia.ai/blog/gateway-2-evidence-reconstruction
Subscribe to The Reliable Knowledge Layer at thereliableknowledgelayer.substack.com

Footnotes

1. Regulation (EU) 2024/1689 (EU Artificial Intelligence Act). Articles 13 (transparency), 14 (human oversight) and 15 (accuracy, robustness and cybersecurity). Article 99 (penalties). Full high-risk system compliance enters force 2 August 2026. eur-lex.europa.eu/eli/reg/2024/1689/oj
2. California Senate Bill 942 (AI Transparency Act) and Assembly Bill 2013 (Generative AI Training Data Transparency Act), effective 1 January 2026. California Legislature: leginfo.legislature.ca.gov
3. Texas Responsible Artificial Intelligence Governance Act, in force early 2026. Texas Legislature: capitol.texas.gov
4. The 2026 AI Index Report, Stanford Institute for Human-Centered Artificial Intelligence, Chapter 3 (Responsible AI), published April 2026. hai.stanford.edu/ai-index/2026-ai-index-report/responsible-ai
5. Jayesh Chaurasia and Noel Yuhanna, “Context, Not Models, Is The Real AI Bottleneck: Reltio's System-of-Context Bet,” Forrester, 10 March 2026.
6. “Top Law Firm Apologizes to Bankruptcy Judge for AI Hallucination,” Bloomberg, 21 April 2026. Open-access alternative: “Another ‘hallucinated’ court filing highlights the difference,” CNN, 23 April 2026.
7. “Fifth Circuit Sanctions Opinion Gives Practical Advice for AI Use,” The Texas Lawbook, covering Fletcher v. Experian Information Solutions, Inc., opinion published 18 February 2026 by Chief Judge Jennifer Elrod.
8. Om Ogale, Paul Esau and Alex Cui, “Investigation: Hallucinations in Ernst & Young Report on Loyalty Fraud,” GPTZero, 14 May 2026. Secondary corroboration: Computing.co.uk.
9. “Gartner Unveils Top Predictions for IT Organizations and Users in 2026 and Beyond,” Gartner press release, 21 October 2025. By 2027, fragmented AI regulation will grow to cover 50% of the world's economies, driving $5 billion in compliance investment.
10. BCIS (Building Cost Information Service), “Latest building control approval application data,” covering the 12 weeks to 1 May 2026. Dr David Crosthwaite (BCIS chief economist) on the record.
11. “Accounting watchdog to investigate Deloitte over fake citations in $1.6M healthcare report,” The Independent (Newfoundland), covering Deloitte Canada's 526-page Health Human Resources Plan for the Government of Newfoundland and Labrador.
12. “Procore CDE lays foundation for agentic AI,” AEC Magazine, 1 June 2026.
13. “Graphisoft to preview collaboration layer and Archicad-Forma connection,” AEC Magazine, 3 June 2026.