Your agent broke the rule. You broke the rule.
There's no "the AI did it" clause in the NDPA, the CBN's transaction controls, the NIMC Act 2026, or any of the dozen other laws across the continent. Your agents are making decisions every second that could violate them — and nobody finds out until the regulator asks.
comply54 enforces African regulatory law inside your AI stack, before anything executes.
comply54 is the first AI agent governance and runtime compliance framework built specifically for African regulatory environments.
LangChain, CrewAI, and AutoGen are built for capability.
None of them enforce it.
Every major AI framework ships with tools, memory, and reasoning. None of them ship with awareness of CBN transaction caps, NDPA cross-border restrictions, BVN/NIN biometric data rules, or NFIU currency transaction reporting thresholds.
That gap is yours to close — and when something goes wrong, it is your organization that answers to the regulator, not the framework's authors.
comply54 closes that gap. One integration. Every agent action evaluated against the applicable law before it runs.
What happens when an agent gets it wrong
These are not hypothetical. Each scenario below maps to a real regulatory obligation that an AI agent can violate without any human intent.
Your agent returns a customer's BVN in a chat response. That's a Schedule 1 sensitive data breach.
Your onboarding agent stores NIN data after the verification completes. The NIMC Act 2026 explicitly prohibits this.
Your payment agent approves a ₦12M transfer for a Tier 2 customer. That exceeds the ₦10M single-transaction NIP cap.
Your agent processes a ₦5M+ transaction without flagging it for Currency Transaction Reporting within 24 hours.
How comply54 works
It sits between your agent and its tools. Every action is checked. Blocked calls never execute. Your team gets a paper trail without writing a single compliance rule.
Agent decides to act
Your AI agent calls a tool — transfer funds, look up a NIN, respond to a customer, export data.
comply54 intercepts
Before the tool executes, comply54 evaluates the action against every applicable regulation for your jurisdiction and sector.
You get a structured decision
Allow, block, or escalate — with the exact law, section, penalty, and rule that triggered it. Not a vague warning. The actual citation.
A signed receipt proves it happened
Every decision produces a cryptographically signed JWT receipt — tamper-evident, offline-verifiable proof that the check ran, what input was evaluated, and what the decision was. Store it in your audit log. Show it to a regulator.
One import. The law enforced.
When a violation fires, comply54 returns the exact regulation, the specific section, the rule that triggered, and a unique audit ID — not a vague error message. Your engineering team ships in hours. Your compliance team can read the output.
from comply54 import NigeriaFintechCompliance
compliance = NigeriaFintechCompliance()
result = compliance.check(
action="transfer_funds",
params={"amount": 15_000_000, "currency": "NGN"},
context={"kyc_tier": 2},
)
# Blocked before execution — no need to handle it downstream
if result.blocked:
v = result.primary_violation
print(v.messages[0])
# → CBN NIP §4.2: Single-transaction cap ₦10M exceeded (₦15M attempted)
print(v.rule_triggered) # nip_cap
print(v.citations[0].document)
# → CBN NIP (NIBSS Instant Payment) Framework §4.2 — Per-Transaction Cap
Works with the frameworks you already use
LangGraph, CrewAI, AutoGen, and LangChain adapters ship out of the box. Drop comply54 into an existing agent in under an hour — no rewrite, no new infrastructure, no OPA binary to install.
from comply54.langgraph import Comply54Guard, comply54_route
from comply54 import NigeriaFintechCompliance
# One node. Every tool call your agent makes is
# evaluated against NDPA + CBN + BVN/NIN + NFIU
# before it executes. Blocked calls never reach the tool.
graph.add_node("compliance", Comply54Guard(
compliance=NigeriaFintechCompliance()
))
graph.add_conditional_edges(
"compliance", comply54_route,
{"tools": "tools", "agent": "agent"}
)
Every decision, cryptographically signed.
Blocking a violation is half the story. The other half is proving it happened — to your board, your auditors, and the CBN or NDPC if they come asking.
comply54's signed receipt system attaches a tamper-evident Ed25519 JWT to every compliance decision. Offline-verifiable, tied to the exact input evaluated, and signed with keys that never leave your infrastructure.
Ed25519 signed JWT
Every ComplianceResult carries a receipt_token — a compact JWT signed with your Ed25519 private key. Tamper-evident by design.
100% offline verification
Auditors and regulators verify receipts with only your public key. No network, no comply54 instance, no third-party service.
Bring your own key
comply54 never generates or stores your signing key. Your keys live in your secret manager (AWS KMS, HashiCorp Vault, GCP KMS).
Input digest — exact proof
A SHA-256 digest of the exact action and parameters is embedded in every receipt. Recompute it to prove the receipt covers the specific transaction under inspection.
from comply54 import NigeriaFintechCompliance
from comply54.receipts import verify_receipt
compliance = NigeriaFintechCompliance(signing_key=private_key_pem)
result = compliance.check(
action="transfer_funds",
params={"amount": 8_500_000, "currency": "NGN"},
context={"kyc_tier": 2, "sanctions_screened": True},
)
# Every result carries a signed, tamper-evident receipt
print(result.receipt_token)
# eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJjb21wbHk1N...
# Verify offline — no network, no comply54 instance needed
payload = verify_receipt(result.receipt_token, public_key_pem)
print(payload.decision) # "allow"
print(payload.input_digest) # sha256:3f4a8c... — proves the exact input
print(payload.rule_triggered) # None (allowed — no rule fired)
print(payload.comply54_version) # "0.4.0"
Built for every regulated sector in Africa
Pre-assembled compliance bundles for the sectors with the highest regulatory exposure.
Nigerian Fintech
Payment agents, lending platforms, digital banks, and wallet providers operating under CBN licence. Every agent action touching funds or identity is a regulatory event.
Healthcare AI
Clinical decision support, EHR agents, and telemedicine platforms. Patient consent, clinical data confidentiality, and cross-border health data rules are all enforced.
Insurance Platforms
AI-assisted claims adjudication, underwriting engines, and fraud detection. NAICOM auto-denial caps, anti-discrimination rules, and AML thresholds enforced automatically.
Pan-African AI Platforms
Nigerian, Kenyan, and South African packs are production-ready. Ghana, Rwanda, Egypt, Tanzania, Uganda, Ethiopia, and Mauritius packs are included in preview — coverage depth varies by jurisdiction.
Your agents should know the law
before they act.
comply54 is open source, installs in minutes, and works with every major AI agent framework. Nigerian and African compliance is a requirement, not a feature.