Keeping an AI business compliant

Compliance in AI businesses is less exotic than it looks. Most operators need three things.

1. Disclose agent use

Clients should know the agent is in the loop. A single-line acknowledgement in onboarding is enough in most markets.

2. Log tool calls

Keep at least 90 days of structured tool-call logs. Supabase makes this cheap.

3. Honor opt-outs

If a client asks for human-only handling, you need a way to turn the agent off. Agent businesses that can't do this will eventually lose clients.