There are two ways to make a decision with software: deterministically or probabilistically.
Deterministic: if all conditions are met, the answer is yes. If any condition is not met, the answer is no. The same inputs always produce the same output.
Probabilistic: based on the data, the answer is probably yes. Or probably no. With a confidence score.
In compliance, only one of these is acceptable.
The problem with probabilistic compliance
Large language models are probabilistic. They’re designed to predict the most likely output given an input. That’s useful for many things. Compliance decisions isn’t one of them.
When an auditor asks "is this candidate compliant?", the answer needs to be definitive. Not "87% likely to be compliant." Not "based on the available evidence, probably." Definitive.
What deterministic compliance looks like
A deterministic compliance engine evaluates candidates against a defined set of rules:
- Does the candidate have a valid DBS check? Yes or no.
- Is the TRA prohibition check clear? Yes or no.
- Has Right to Work been verified? Yes or no.
- Have references been received and reviewed? Yes or no.
If all required checks pass, the candidate is compliant. If any fail, they’re not. There’s no ambiguity.
Where AI fits
AI is excellent at executing the tasks that feed into the compliance decision: collecting documents, querying databases, extracting data, following up with candidates.
But the decision itself — compliant or not — should be made by rules, not predictions.
Caio’s architecture
Caio separates execution from decision-making by design. AI agents handle the work. Deterministic rules make the compliance determination. The result is a system that’s fast, consistent, and auditable.
Every decision can be explained. Every outcome can be traced. That’s what regulated sectors require.