r/Compliance

Its called Urim. I have posted on it here before. This is after people showed interest. You run a name through it and it checks sanctions lists, PEP databases, criminal records, 90+ regulators, and adverse media all at once. Takes like 10-15 seconds.

Good way to use it is as a checkpoint before you send anything to your main compliance tool. Screens reset every month so you just keep going. Or use it as your main once you deem it good or better than what you already using.

What it covers:

11 global sanctions lists updated every hour (OFAC, EU, UK, UN and more)

Healthcare exclusions too, OIG LEIE, SAM.gov, CMS Preclusion

AI writes up a summary of what it found so you can paste it straight into your reports

Full audit log, every screen and decision is saved and timestamped

Batch upload a CSV if you have a lot of names

Set rescreening schedules per client so nothing slips

Works for teams, role based access and everything

Warns you if you already screened someone recently so you dont waste screens

I have included screenshots on the website feel free to check it out: urimkyc.com

Pricing and how many screens you get per year:

Starter $69/mo = 12,000 screens a year

Growth $259/mo = 60,000 screens a year

Pro $999/mo = 240,000 screens a year

There are screenshots on the site of the actual dashboard if you want to see what it looks like before signing up.

urimkyc.com

Vendors, please share any self-promotional content or webinar details within this thread.

Posts made outside this designated space will be removed.

Please see our rules page: https://www.reddit.com/mod/Compliance/rules

Make sure to use direct links—URL shorteners are not allowed, and the auto moderator will remove your post if they’re used.

If the community isn't interested, your comment will simply get downvoted.

Hi folks, just wanted to see if anyone is working or have worked on a company structure where risk, compliance and IA are managed by the same manager. I saw similar situations in the past, especially in small and private organizations, but I'm interested to know how you/your managers managed to keep IA independe while providing support with risk and IA. Thoughts?

The EU AI Act's Article 4 human oversight requirements took effect August 2025. No grace period. For high-risk AI systems, the regulation doesn't just say "have a human in the loop." It says that human must be competent to understand the system, interpret outputs, and decide when not to use or override them.

Most of the compliance programs I'm seeing focus on documentation: training completion logs, policy acknowledgments, attestation forms. But when an auditor or regulator asks "show me your team can actually evaluate AI output," a completion certificate doesn't answer that question.

The gap: we're training people to USE AI (prompt engineering, tool access, efficiency gains) but not to EVALUATE it (spot hallucinations, verify sources, assess confidence, know when to override). Different skill, different evidence requirement.

I'm curious how other compliance teams are approaching the competency documentation piece. Are you building assessment into your AI training programs? Using scenario-based testing? Relying on manager attestation?

What does "audit-defensible evidence of AI judgment competency" actually look like in practice?

Vendors, please share any self-promotional content or webinar details within this thread.

Posts made outside this designated space will be removed.

Please see our rules page: https://www.reddit.com/mod/Compliance/rules

Make sure to use direct links—URL shorteners are not allowed, and the auto moderator will remove your post if they’re used.

If the community isn't interested, your comment will simply get downvoted.

Share me about your idea on starting your business as a Registered separate legal entity.