Skip to main content

Enterprise Guide

ARQERA helps organizations deploy AI safely at scale. This guide covers compliance, security, deployment options, and total cost of ownership.

Why Enterprise Teams Choose ARQERA

ChallengeHow ARQERA Helps
"We can't audit what our AI does"Every action logged with cryptographic proof
"Compliance is blocking AI adoption"Built-in SOC 2, GDPR, EU AI Act support
"We need human oversight at scale"Approval workflows that don't bottleneck
"Different teams need different policies"Multi-tenant governance with role-based access
"We're worried about AI risk"Real-time evaluation catches problems before they happen

Compliance

Frameworks Supported

FrameworkStatusWhat ARQERA Provides
SOC 2 Type II✓ CompliantFull audit trail, access controls, encryption
GDPR✓ CompliantData processing agreements, subject rights, retention
EU AI Act✓ ReadyAnnex III high-risk requirements, human oversight
ISO 27001✓ AlignedInformation security management
UK DPA 2018✓ CompliantPost-Brexit GDPR equivalent
Cyber Essentials✓ CertifiedUK government baseline security

EU AI Act Readiness

The EU AI Act's high-risk requirements take effect August 2, 2026. ARQERA addresses:

RequirementARQERA Capability
Human oversight (Art. 14)Escalation workflows, approval queues
Transparency (Art. 13)Explainable verdicts, reasoning logs
Record-keeping (Art. 12)100% evidence capture, tamper-proof
Risk management (Art. 9)Real-time evaluation, policy enforcement
Technical documentation (Art. 11)Automated compliance reports

Full EU AI Act Guide →

Compliance Dashboard

Track your compliance posture in real-time:

  1. Go to Governance → Compliance
  2. Select a framework (SOC 2, GDPR, etc.)
  3. View control status (passed, failed, not applicable)
  4. Export reports for auditors

Auditor Access

Grant auditors read-only access to evidence:

  1. Settings → Team → Invite
  2. Select role: Auditor
  3. Auditors can view evidence and export reports
  4. They cannot modify policies or approve actions

Security

Architecture

Your App ─── TLS 1.3 ───► ARQERA API

┌────────┴────────┐
│ │
Evaluation Evidence Store
(stateless) (encrypted at rest)
│ │
└────────┬────────┘

Audit Log
(immutable)

Security Features

FeatureDescription
Encryption in transitTLS 1.3, HSTS, certificate pinning
Encryption at restAES-256 for all data
API key scopingTenant-scoped, rotatable, revocable
SSO/SAMLIntegrate with Okta, Azure AD, OneLogin, etc.
SCIM provisioningAutomatic user lifecycle management
MFARequired for admin roles
IP allowlistingRestrict API access by IP
Audit loggingEvery access and change logged

SOC 2 Controls

ARQERA maintains SOC 2 Type II certification. Key controls:

  • CC6.1 — Logical access controls
  • CC6.2 — Authentication mechanisms
  • CC6.3 — Access removal processes
  • CC7.1 — Security monitoring
  • CC7.2 — Incident response
  • CC8.1 — Change management

Request our SOC 2 report: security@arqera.io

Penetration Testing

We conduct annual penetration tests with third-party firms. Summary reports available under NDA.


Deployment Options

Cloud (Default)

Multi-tenant SaaS hosted on GCP (europe-west2, London).

AspectDetail
HostingGoogle Cloud Platform, London region
Data residencyEU by default, US available
Uptime SLA99.9% (Enterprise: 99.99%)
BackupsDaily, 30-day retention

Dedicated Cloud

Single-tenant instance in your preferred cloud region.

AspectDetail
IsolationYour own infrastructure
RegionsAny GCP, AWS, or Azure region
CustomizationCustom domains, branding
PricingContact sales

On-Premises

Self-hosted in your data center.

AspectDetail
DeliveryDocker containers or Kubernetes Helm chart
Requirements4 vCPU, 16GB RAM minimum
SupportDedicated implementation team
PricingAnnual license + support

Integration

SSO Configuration

ARQERA supports SAML 2.0 and OIDC:

SAML Setup:

  1. Go to Settings → SSO
  2. Select SAML 2.0
  3. Enter your IdP metadata URL
  4. Map attributes (email, name, groups)
  5. Test connection
  6. Enable SSO enforcement

Supported IdPs:

  • Okta
  • Azure Active Directory
  • OneLogin
  • Google Workspace
  • Ping Identity
  • Custom SAML/OIDC

SCIM Provisioning

Automatically sync users from your identity provider:

  1. Go to Settings → SCIM
  2. Generate SCIM endpoint and token
  3. Configure your IdP with these credentials
  4. User creation, updates, and deactivation sync automatically

API Integration

The governance API integrates with any system:

# Your AI system calls ARQERA before any action
result = await arqera.evaluate(
action="send_email",
context={"to": "external@company.com"},
user_id="u_123",
tenant_id="t_acme"
)

Full API Documentation →


Multi-Tenant Governance

Organization Hierarchy

Enterprise Account
├── Business Unit: Sales
│ ├── Team: EMEA
│ └── Team: Americas
├── Business Unit: Engineering
│ ├── Team: Platform
│ └── Team: AI
└── Business Unit: Finance

Policy Inheritance

Policies cascade down the hierarchy:

  • Enterprise policies apply to everyone
  • BU policies apply to that business unit
  • Team policies apply to that team only

Lower levels can tighten but not loosen higher-level policies.

Role-Based Access

RoleCapabilities
ViewerRead evidence, view dashboards
UserRun agents, approve their own actions
ApproverApprove actions for their team
AdminConfigure policies, manage users
AuditorRead-only access to all evidence
OwnerFull access, billing, SSO config

Total Cost of Ownership

Pricing

PlanPriceIncludes
Business$19/user/month (min 20)SSO, compliance, unlimited evaluations
EnterpriseCustomDedicated support, SLA, custom integrations

ROI Model

Costs avoided with ARQERA:

RiskWithout ARQERAWith ARQERA
Compliance fine (GDPR)Up to €20M or 4% revenueEvidence proves compliance
Compliance fine (EU AI Act)Up to 7% revenueBuilt-in Annex III support
Data breach$4.45M averageReal-time DLP enforcement
AI mistake (reputation)$1-10M+Human oversight at scale
Audit preparation200+ hours/yearOne-click export

Productivity gains:

  • Reduce approval bottlenecks by 80%
  • Automate 90% of routine approvals
  • Enable AI adoption without compliance delays

Enterprise Pricing Example

Component100 users500 users
Base platform$23,880/year$113,880/year
Premium supportIncludedIncluded
Custom integrationsContact salesContact sales
Dedicated instance+$50,000/year+$50,000/year

Contact sales@arqera.io for a custom quote.


Implementation

Typical Timeline

PhaseDurationActivities
Discovery1 weekRequirements, integrations, policies
Setup1 weekSSO, SCIM, API keys, initial policies
Pilot2-4 weeks1-2 teams, iterate on policies
Rollout2-4 weeksOrganization-wide deployment
OptimizationOngoingPolicy tuning, automation

Success Criteria

Before rollout, ensure:

  • SSO working for all users
  • Policies match organizational requirements
  • Approval workflows route to correct people
  • Compliance dashboard shows green
  • Integration with primary AI systems complete
  • Training completed for approvers and admins

Support

TierResponse TimeChannels
Standard24 hoursEmail
Business8 hoursEmail, chat
Enterprise1 hour (critical)Email, chat, phone, Slack

Enterprise customers get a dedicated Customer Success Manager.


Case Studies

Financial Services Firm

Challenge: AI chatbot for customer service needed compliance sign-off

Solution: ARQERA governance on all customer-facing AI responses

Result:

  • AI deployment approved in 6 weeks (vs 6 months estimated)
  • 100% audit trail for regulator inquiries
  • Zero compliance incidents in first year

Healthcare Technology

Challenge: AI document processing needed HIPAA-compatible oversight

Solution: ARQERA policies for PHI detection and escalation

Result:

  • Automated 80% of document reviews
  • 20% escalated to human reviewers (PHI-containing)
  • Passed HIPAA audit with evidence exports

Global Retailer

Challenge: 50 AI agents across 12 countries, inconsistent governance

Solution: ARQERA multi-tenant deployment with regional policies

Result:

  • Single compliance dashboard for all regions
  • GDPR compliance for EU, CCPA for US
  • 60% reduction in compliance overhead

Getting Started

  1. Contact salessales@arqera.io
  2. Discovery call — 30 minutes to understand your needs
  3. Proof of concept — 2-week pilot with your team
  4. Procurement — Security questionnaire, DPA, contract
  5. Implementation — 4-8 weeks typical

Request Demo →


Resources


Enterprise inquiries: enterprise@arqera.io