Company
Built in Canada.
Made to be checked.
Mandate Systems Inc. builds the control plane between organizations and their AI providers: policy enforced in-line, every decision on a record whose legal jurisdiction your counsel can evaluate.
What we're building
The product is the governance layer
Mandate is the control and accountability layer around how AI gets used in your organization: policy enforcement on every request and a tamper-evident record of what happened. Your team keeps the AI tools it already uses.
-
The enforcement step
A policy is a document. Mandate is the enforcement step between your users and their AI tools, with a record that exists whether or not anyone remembered to log it.
-
Evidence for auditors
Tamper-evident audit records that answer what auditors, privacy officers, and counsel ask: what was decided, by what rule, when, and for whom.
Canadian
Legal jurisdiction over your records and the control plane, on Canadian-owned infrastructure. A named jurisdiction, not a region label.
1
Audit event per mediated AI request, hash-chained for tamper evidence.
0
Customer records Mandate uses to train models. An architectural constraint; content you forward runs under your own provider’s terms, which you control with your key.
Why we built this
The gap between a policy on paper and proof it was enforced.
Mandate started with a pattern its founder kept seeing across organizations: a written AI usage policy, a genuine desire to enforce it, and no mechanism that gave counsel a clear view of which legal regimes can compel access to the audit record.
Enterprise governance vendors describe their data residency as a region (“ca-central-1,” “eu-west-3,” and so on). Counsel asks a different question: which corporate entity controls that infrastructure, and which legal regimes can compel them to produce the data? Region and legal jurisdiction are not the same property. The CJEU drew that same line in Schrems II: the regime that governs a vendor and the region its data sits in are separate questions, and several jurisdictions assert reach over the data their home-country companies hold. That gap (vendor jurisdiction as a knowable, evaluable property) is what Mandate was built to close.
The product exists to answer the question a CISO, a privacy officer, or an engineering lead runs into: how do we enforce AI policy at the point of use and produce evidence that stands up under scrutiny, on infrastructure whose legal jurisdiction we chose rather than inherited?
Mandate isn’t a movement against any particular country or vendor. It’s a product for organizations that want the jurisdictional posture of their AI governance to be a deliberate, documented choice. Mandate is hosted in Canada under Canadian law.
Mandate is built by Mark Petersen: twenty years shipping .NET systems and leading engineering teams, University of Waterloo computer science. If you email, he’s the one who answers.
Mark Petersen · Founder, Mandate Systems Inc.
Where we operate
Canadian-hosted today. Open to organizations anywhere.
Sovereignty is a choice: which jurisdiction governs your AI traffic and who holds the record. Canada is where that choice runs today.
-
Hosted in Canada under Canadian law
Today’s product runs on Canadian-owned infrastructure under a named legal jurisdiction. For Canadian organizations, the default fit.
-
Discovery welcome from any jurisdiction
Wherever you operate, including the United States, the first conversation is about fit. We don’t turn an organization away for its address.
-
Customer-run deployment for qualified engagements
If your records must never leave your own environment, a customer-run deployment (your own cloud tenancy, on-premises, or air-gapped) can be scoped for a qualified engagement, with the same offline evidence path. We won’t pre-announce regions we haven’t committed to.
The lines we hold
Commitments we build to.
Documented decisions that shape the architecture. Firm, not roadmap items.
-
Your traffic is never training data
Mandate observes AI traffic to enforce policy and produce audit records. It never trains models on that traffic.
-
The governance is the product
Strip out the policy enforcement and the audit trail and you’re left with plain request routing. What you pay for is the governance around it.
-
Deployed at the network layer
Coverage is IT-deployed at the API gateway and forward proxy, not an agent pushed to every employee’s device. Nothing for end users to install.