TRL 7 Validated · UK-First AI Security

The UK's First AI-Native
Consent & Redaction
Gateway

AI Disclosure Network™ stops data leakage at the prompt boundary. Our neural-cryptographic middleware secures every enterprise interaction with Large Language Models enforcing data sovereignty, blocking prompt injection, and generating compliance grade audit trails for DUAA 2025 and NHS DTAC.

Request a Demo → Explore Technology
// TRL 7 Performance Metrics
Injection Mitigation Rate 99.2%
Sensitive Entity Detection (F1) 96.4%
Conversational Latency <150ms
Token Re-hydration Fidelity 100%
Avg UK Data Breach Cost £3.29M
Employees Using Shadow AI 71%
About AI Disclosure Network

Closing the AI
Oversight Gap

As organisations across finance, law, and healthcare rush to adopt Generative AI, they face a systemic vulnerability: sensitive data is routinely exposed at the prompt boundary. Employees paste client records, trade secrets, and regulated data into uncontrolled AI interfaces creating catastrophic breach risk and regulatory non-compliance.

AI Disclosure Network™ was built to solve this exact problem. Our "Consent and Redaction Gateway" operates as a deterministic middleware layer between your enterprise and any LLM provider, mathematically enforcing Minimum Necessary Disclosure and protecting every interaction in real time.

Unlike passive monitoring tools, our platform provides structural governance — using neural-cryptographic fusion to make data leakage and prompt injection structurally impossible, not just statistically unlikely.

DUAA 2025 Compliant
NHS DTAC Ready
FCA Aligned
ISO 27001 Path
98.5% Gross Margin
Local-First Architecture
Founder & Lead Architect

Abdul Nafay Mohammed Irfan is the innovator founder and lead architect of AI Disclosure Network. A Computer Science graduate (BSc Hons) from Anglia Ruskin University, Nafay brings a rare combination of machine learning engineering, adversarial AI testing, and compliance-first design philosophy to the AI security space.

His specialist projects including Person Re-Identification using HOG and Car Data Analysis with Apache Spark ML provided the architectural foundation for the platform's high speed entity detection and Exposure-Delta engines.

His CPD certification in Research and Professional Ethics ensures every element of the platform is built around Privacy-by-Design principles aligned with UK and EU regulatory requirements.

Contact the Founder →
How It Works

Securing the Human-AI Interaction

Every enterprise AI interaction passes through our gateway in real time. Sensitive data is intercepted, tokenised, and governed before it ever reaches the LLM provider then securely restored when needed.

Prompt Interception Gateway
STEP 01

Intercept at the Boundary

Every prompt from your enterprise application is routed through the AI Disclosure Network™ gateway via a zero-code "droppable proxy" requiring no changes to existing workflows.

Exposure-Delta Evaluation Engine
STEP 02

Exposure-Delta Evaluation

Our proprietary engine calculates the "Minimum Required Disclosure" for the task. Any data exceeding the threshold is dynamically masked or tokenised before reaching the AI provider.

Reversible Token Vaulting
STEP 03

Reversible Token Vaulting

Sensitive entities (PII, PHI, trade secrets) are replaced with reversible tokens stored in a secure local vault. The AI processes logical context without ever seeing raw sensitive values.

Immutable Audit Ledger
STEP 04

Immutable Audit & Restore

Every interaction is hash-chained on an immutable ledger for DUAA 2025 audit compliance. Original data is re-hydrated only via authorised Trust Paths with 100% fidelity.

Core Technology

Five Proprietary Architectural Elements

The AI Disclosure Network framework is secured by five distinct neural-cryptographic innovations each a defensible layer in the world's first structural AI governance system.

Exposure-Delta Engine
Element A

Adaptive Exposure-Delta Engine

The first system to mathematicalize "Minimum Necessary Disclosure" for LLM tasks.

Calculates the "Exposure Delta" the difference between total data shared and the minimum required for a task. Triggers dynamic masking automatically to ensure only essential context reaches the AI provider, satisfying GDPR data minimisation at the architectural level.

Trust-Path Token Vault
Element B

Trust-Path Reversible Token Vault

Sensitive entities replaced with reversible tokens data sovereignty guaranteed 100%.

PII, PHI, and trade secrets are replaced with reversible tokens stored in an encrypted local Redis vault. Re-hydration is only permitted via authorised Trust Paths governed by request origin, destination endpoint, user role, and operational purpose preserving full AI utility.

Intent-Aware Agent Firewall
Element C

Intent-Aware Agent Firewall

Purpose-built for autonomous AI agents blocks agentic exfiltration vectors.

As organisations deploy autonomous AI agents, our firewall evaluates the operational intent of tool calls (e.g., "Summarise for internal use" vs. "Export to public URL"). It neutralises agentic exfiltration vectors that generic DLP tools cannot detect essential for the agentic AI economy.

Dual-Channel Cryptographic Binding
Element D

Dual-Channel Cryptographic Binding

Deterministic prompt injection defence at the protocol level not filter-based.

System instructions and user data are physically separated into independent channels and bound by hash-based signatures. This structural approach prevents prompt injection and jailbreaking at the protocol level making bypass a structural impossibility, not just a statistical challenge.

Immutable Provenance Ledger
Element E

Immutable Provenance Ledger

Hash-chained event ledger providing Article 12-ready audit trails for regulators.

Every AI interaction is recorded on an immutable, hash-chained event ledger with digital signatures. The Audit Provenance Framework can reconstruct the exact operational context of any past interaction, providing the tamper-evident evidence required by DUAA 2025, NHS DTAC, and the EU AI Act.

Local-First Edge-Cloud Architecture
Architecture

Local-First Hybrid Edge-Cloud

Sensitive data never leaves your perimeter. Zero raw exposure to any cloud provider.

All sensitive processing and token vaulting occur within the organisation's secure perimeter on-premise. Only anonymised telemetry is synced to the governance console on Azure UK South. This local-first design is a non-negotiable requirement for NHS, legal, and financial sector clients.

£1.505B
Total Addressable Market across UK high-value professional sectors
267,000
UK firms projected to fully adopt AI by 2025 our Serviceable Market
29.3%
CAGR of the UK AI Safety segment through 2032
£3.02M
Projected Annual Revenue by Year 5 at 98.45% Gross Margin
Licensing & Pricing

Enterprise-Grade Security.
Fraction of the Cost.

An annual Professional Tier subscription represents less than 0.2% of the average £3.29M UK data breach cost delivering insurance-style risk mitigation for DPOs and CISOs.

Basic Tier

Foundation

For SMEs & Local Councils requiring core AI governance.

£199
per month · billed annually
  • Real-time Prompt Redaction Gateway
  • Standard Immutable Audit Logs
  • PII / PHI Entity Detection
  • Sub-150ms Latency SLA
  • DUAA 2025 Compliance Reports
  • Email Support
Get Started →
Professional Tier

Advanced

For law firms, financial institutions & NHS Trusts.

£499
per month · billed annually
  • Everything in Foundation, plus:
  • Exposure-Delta Evaluation Engine
  • Trust-Path Reversible Token Vault
  • SDK & API Access
  • Sector-Specific Compliance Packs
  • Priority Compliance Support
  • Governance Scorecard Generation
Request Pilot →
Enterprise Tier

Full Deployment

For large institutions requiring complete agentic oversight.

Custom
avg £1,000/month · bespoke SLA
  • Everything in Advanced, plus:
  • Intent-Aware Agent Tool-Call Firewall
  • White-Label Deployment Option
  • On-Premise Governance Gateway Kit
  • Dedicated Red-Teaming & QA
  • 24/7 Technical Support
Enquire Now →
FAQ

Common Questions

What exactly is the "Oversight Gap" that AI Disclosure Network solves?

+
The Oversight Gap refers to the systemic vulnerability created when organisations deploy Generative AI without adequate governance. Over 71% of UK employees use unapproved "Shadow AI" tools, routinely pasting sensitive client data, internal trade secrets, and regulated information into public LLM interfaces. Without a governance gateway, this data crosses organisational boundaries undetected, creating data breach liability and regulatory non-compliance. AI Disclosure Network™ closes this gap by operating at the prompt boundary itself — the only point where intervention is both technically effective and operationally seamless.

How does Dual-Channel Cryptographic Binding prevent prompt injection?

+
Traditional guardrail models try to detect malicious prompts using semantic filters but these can be bypassed via obfuscation or many-shot jailbreaking techniques. Our Dual-Channel Prompt Packaging physically separates system instructions from user-provided data into two independent channels, bound by hash-based cryptographic signatures at the proxy level. The model processor cannot merge or re-interpret safety instructions with user data. This makes prompt injection a structural impossibility at the protocol level — not a probabilistic challenge that clever phrasing can bypass. It is a deterministic defence, not a best-effort filter.

Will the gateway affect our AI workflow performance or user experience?

+
No. The gateway is engineered specifically for high-frequency enterprise environments. Our TRL 7 prototype has been validated at sub-150ms conversational overhead in simulated trading and advisory environments well below the threshold of perceptible latency for professional users. The "droppable proxy" architecture requires zero code changes to existing AI applications. The local-first processing model also offloads the most compute-intensive tasks (entity detection and vaulting) to the client's own infrastructure, ensuring the governance layer does not introduce cloud-dependent bottlenecks.

How does the platform satisfy the DUAA 2025 and NHS DTAC requirements?

+
The Data (Use and Access) Act 2025 mandates "stringent safeguards" for automated processing, including data minimisation and tamper-evident audit evidence. Our platform operationalises data minimisation through automated Exposure-Delta evaluation, and provides the immutable hash-chained interaction ledger required for the "Right to Explanation" under DUAA and UK GDPR. For NHS clients, the Reversible Token Vaulting mechanism ensures Patient Identifiable Data (PID) is never exposed to external models during administrative automation, directly satisfying NHS DTAC Clinical Safety (DCB0129) and Data Protection requirements.

Is the Reversible Token Vaulting system truly capable of full data restoration?

+
Yes. Re-hydration testing at TRL 7 confirmed 100% accuracy in restoring tokenised data when Trust-Path variables are correctly aligned. This distinguishes our approach from one-way redaction (used by competitors like Private AI and Nightfall AI), which permanently destroys data utility. Our system allows the LLM to process logical relationships and complete complex drafting tasks using tokenised placeholders — then restores the original values for the end-user via the approved internal endpoint. This preserves full AI utility for solicitor-client drafting, clinical documentation, and financial report generation.

What is the technology readiness level and current development status?

+
AI Disclosure Network™ is at TRL 7 System Prototype Demonstration in Operational Environment. The functional prototype integrates all five core architectural elements: the Redaction Proxy Gateway (FastAPI + Go), Trust-Path Logic Engine, Dual-Channel Structural Formatter, Immutable Event Ledger (alpha), and Edge-Inference Privacy Layer. Validated performance metrics include 99.2% injection mitigation, 96.4% F1-score in entity detection, sub-150ms latency, and 100% re-hydration fidelity. We are nearing TRL 8 with Kubernetes migration to Azure UK South, OpenTelemetry API harmonisation, and UKIPO patent filings underway.
Get In Touch

Request a Pilot or
Partnership Discussion

Whether you are an NHS Trust, SRA-regulated law firm, FCA-regulated financial institution, UK public sector body, or technology partner we would like to hear from you. Contact us to arrange a demonstration, discuss pilot opportunities, or explore licensing and partnership options.

Email aidisclosurenetworkuk@outlook.com
Phone +44 7440 515472
Location London, United Kingdom
Target Sectors NHS · Legal · Financial Services · Public Sector · SMEs