RegulaPilot
AI-powered compliance workflow system with a real backend and structured LLM pipeline
Problem
Compliance teams operate in environments where large volumes of dense regulatory text must be translated into actionable decisions. Existing tools focus on summarisation, but fail to convert information into structured workflows — leaving teams to manually extract obligations, assign ownership, and manage risk under time pressure.
Approach
Workflow-first system design: instead of summarising text, the platform extracts structured entities — obligations, risks, priorities, and source references — using a deterministic LLM pipeline. The focus was on building a real backend + AI integration that produces operational outputs rather than informational summaries.
Architecture
Full-stack AI workflow architecture with a FastAPI backend and structured LLM pipeline. Designed with clear separation between API layer, validation layer, and AI processing, enabling reliable transformation of unstructured text into structured compliance data.
Frontend Layer
React/Next.js UI for inputting regulatory text and visualising structured outputs in a dashboard format
API Layer
FastAPI backend exposing REST endpoints for documents, users, and obligations
AI Processing Layer
OpenAI-powered extraction pipeline converting regulatory text into structured JSON outputs
Validation Layer
Pydantic schemas enforce strict data structure and normalise LLM outputs
Data Layer (MVP)
In-memory storage using Python dictionaries, designed for seamless migration to PostgreSQL
Key Engineering Decisions
Workflow over summarisation
Instead of generating summaries, the system produces structured, actionable workflows, making it usable in real compliance operations.
Deterministic LLM extraction
Temperature set to 0 with JSON-only responses to ensure consistent, structured outputs suitable for downstream processing.
Schema-first design
All outputs are validated and normalised using Pydantic, ensuring reliability and preventing malformed AI responses from breaking the system.
Separation of concerns
Clear split between API layer, schema definitions, and AI service layer allows independent evolution and scalability.
MVP with production path
Built quickly using in-memory storage, while designing for future upgrades including PostgreSQL, authentication, and async processing.
Security Considerations
Designed with future support for authentication, role-based access control, and audit logging. The architecture supports secure handling of sensitive regulatory data and traceability through source-linked outputs.
Testing Strategy
End-to-end API workflow tested through document processing pipeline: user creation, document upload, AI extraction, and obligation retrieval. Validation layer ensures schema correctness, with future plans for automated tests covering LLM output consistency and API behaviour.
Outcome
A fully working AI-native system with a real backend and LLM integration. Demonstrates how unstructured regulatory text can be transformed into structured, actionable workflows, validating the shift from information tools to decision systems in compliance environments.
Interested in working together?
Let's discuss your next project.