Scorecard/Archia

Archia

Data gathering in process

Compliance-ready MCP execution layer and runtime for building and deploying AI agents at enterprise scale with security-first architecture.

HQUS
Est2025
Size1-10
EU AI ActLimited Risk
archia.io
Score
23.3 / 100
Evidence
2 items

Early-stage safety posture - basic practices exist but significant gaps remain.

Weaknesses:Governance Maturity, Technical Safety, Risk Assessment, Regulatory Readiness, External Engagement
Focus Areas
ai infrastructureagent deploymententerprise aisecurity

Security Assessment

Security-relevant indicators for vendor evaluation

Security Posture
23
TS-01dim: 30
Red Teaming & Pre-deployment Testing
Adversarial testing before deployment
TS-05dim: 30
Robustness & Adversarial Resilience
Resistance to adversarial attacks
RA-01dim: 15
Sector-Specific Risk Assessment
Risk analysis for deployment context
RA-03dim: 15
Dual-Use & Misuse Risk
Dangerous capability awareness
RA-07dim: 15
Incident History & Track Record
Past incidents and response quality
EE-04dim: 15
Vulnerability Disclosure Program
Bug bounty or CVE reporting process
Incident History
Archia incident records sourced from AIAAIC Repository and public reporting.
Integration: AIAAIC, OECD AI Incidents Monitor
Third-Party Audits
External audit reports, SOC 2 attestations, and ISO certifications verified where published.
Sources: Company filings, registry lookups
CVE & Disclosures
Known vulnerabilities and security advisories from NVD, GitHub Security Advisories, and vendor pages.
Sources: NVD, GHSA, vendor disclosure pages

Dimension Breakdown

GM
Governance Maturitymedium
Published policies, corporate structure, safety mandate, whistleblowing, executive commitment.
25
1 evidence items
GM-01
TS
Technical Safetymedium
Benchmarks, adversarial robustness, fine-tuning safety, watermarking, model cards, research output.
30
1 evidence items
TS-04
RA
Risk Assessmentlow
Dangerous capability evaluations, thresholds, external testing, bug bounty, halt conditions.
15
RR
Regulatory Readinesslow
ISO 42001, EU AI Act compliance, GPAI obligations, international commitments, incident reporting.
25
EE
External Engagementmedium
Survey participation, research support, transparency, behavior specs, open-source contributions.
15

Social Impact & Safety Profile

Emerging

Archia builds AI infrastructure for agent deployment. While safe deployment is relevant to social impact, no specific social impact policies, measurable commitments, or assessments have been published. The company is in early stages with limited public documentation.

agent deploymentinfrastructure safety
Why it matters for safety

Governance is the bridge between safety intentions and safety outcomes. Without tooling, governance is manual paperwork. With tooling, governance becomes systematic and enforceable.

Civilizational Risk Awareness

1/3

Practical governance orientation. The work contributes to safety infrastructure but is motivated by regulatory compliance rather than catastrophic risk prevention.

Responsible Scaling Policy

None

No RSP. As a governance tooling company, the equivalent is governance of how the tooling itself evolves and whether it remains aligned with safety outcomes rather than just compliance box-ticking.

Mission Drift Protection

1/3
  • Governance-focused mission
  • Halcyon portfolio alignment
  • No PBC status
  • No structural governance mechanisms
  • Compliance tooling market could pull toward box-ticking over genuine safety

Vulnerability Disclosure

None

No CVD programme. Relevant vulnerabilities: governance tooling that gives false confidence about compliance status, or that fails to capture material risks.

Safety Reporting

- None

No structured safety reporting. Early stage.

Dual-Use Risk

Not applicable - this company does not develop dual-use AI systems.

Need a detailed report for Archia?

Subscribe to express interest in indicator-level evidence, peer benchmarking, and regulatory gap analysis - or reach out to request a full company overview brief.