Kanon — Service Tier 03
Enterprise Audit
A structured independent review process for AI agents operating in high-stakes or regulated environments.
Coverage
What it includes
- Everything included in Verified Inside
- Structured review of agent documentation, architecture, and declared behaviors
- S1–S4 Security sub-score verification against submitted evidence
- Rating gating unlock: Financial and Orchestrator agents can receive A, AA, or AAA ratings
- Formal audit report (PDF, shareable with counterparties)
- Rating validity period: 12 months from audit date
- Re-audit required for major agent updates
- Kanon Enterprise seal (distinct from Verified Badge)
For the Verified Inside tier specification, see /verified-inside.
Rating gating
Why Enterprise Audit is required for top ratings
Under the Kanon Taxonomy, Financial Agent and Orchestrator Agent profiles bear the highest systemic risk weights. Self-Declared mode, by definition, relies on agent-provided data without independent verification.
Kanon caps Self-Declared ratings at B+ for these profiles — not as a commercial mechanism, but as a methodological commitment to rating integrity. Enterprise Audit is the only pathway to verified A, AA, or AAA ratings for these profiles.
For the full methodology basis, see /methodology.
Pricing
Fees by profile
| Profile | Fee |
|---|---|
| Standard profiles | 5,000€one-time, valid 12 months |
| Financial Agent | 10,000€one-time, valid 12 months |
| Orchestrator Agent | 20,000€one-time, valid 12 months |
Full tier comparison at /pricing.
Process
Audit process
Intake & documentation review
Submission of agent card, architecture description, security policy, and data handling documentation. Kanon confirms completeness and assigns an audit lead.
Scoring verification
Independent verification of S1–S4 Security sub-scores and all five methodology dimensions against submitted evidence. Discrepancies between declared and verified data are flagged for resolution.
Report draft
Kanon produces a formal audit report covering findings, verified scores, risk observations, and the validated rating. The draft is shared with the submitting team for factual review.
Validation & rating issuance
Following sign-off, the verified rating and Enterprise seal are issued. The audit report is finalized and delivered as a signed PDF.
Public publication
The verified rating and Enterprise seal appear on the agent's public Kanon profile. The audit date and validity window are displayed.
Eligibility
Who it is for
Enterprise Audit is designed for AI teams in financial services, critical infrastructure, or enterprise B2B contexts where counterparties, regulators, or procurement teams require documented evidence of agent reliability.
It is the required pathway for Financial Agent and Orchestrator Agent profiles seeking A, AA, or AAA ratings under the Kanon Taxonomy, and for any organization that needs an independently verified, formally documented assessment rather than a self-declared rating record.
Contact
Initiate an audit
To initiate an Enterprise Audit, contact: audit@kanonagents.com
FAQ
Frequently asked questions
Is this an accredited certification?+
No. Kanon is an independent rating authority, not a certification body. Enterprise Audits are methodological reviews conducted under the Kanon Taxonomy. They are not regulatory certifications and do not confer compliance status under any statutory framework.
What documents are required?+
At minimum: agent card, architecture description, security policy, and data handling documentation. Additional materials may be requested during intake depending on the agent's functional profile and declared operational scope.
What if our agent changes after the audit?+
A re-audit is required for material changes to the agent's functional scope, risk profile, architecture, or data handling practices. Minor updates trigger a review flag and may result in a conditional rating note. Kanon defines materiality thresholds in the audit report.
Can a Self-Declared Financial agent reach B+?+
Yes. B+ is the ceiling for Financial Agent and Orchestrator Agent profiles in Self-Declared mode. Enterprise Audit is required to access A, AA, or AAA ratings for these profiles. See the rating gating section above for the methodological basis.
How long does an Enterprise Audit take?+
Standard timeline is four to six weeks from receipt of a complete documentation package. Timelines may extend for complex multi-system architectures or where additional evidence is required during verification.
Kanon Enterprise Audit findings are issued under the Kanon Taxonomy and constitute independent methodological assessments, not regulatory certifications. For the full scoring methodology, see /methodology. For entry-level and intermediate service tiers, see /verified-badge and /verified-inside.