VIRTICUSRequest Assessment

Virticus Advisory

AI compliance, structured to your business

We identify how your business uses AI, assess legal risk, and provide only what is required to meet regulatory obligations.

Start Exposure Check

Our Approach

Minimum Necessary. Nothing Excessive.

We do not apply generic frameworks or unnecessary governance. Every engagement begins by identifying how AI is used and what legal exposure exists.

We then provide only the controls required to meet obligations under the General Data Protection Regulation and expectations of the Information Commissioner's Office.

Compliance Structure

Assurance

High risk

Independent validation and litigation support

Governance

Medium risk

Defined controls, registers, and oversight

Compliance

All risk levels

Foundation — required for every business

Proportionate by design

Each layer is added only when your risk level and business size require it.

Assessment

How we determine what you need

Step 1

What you use AI for

Internal useLower risk
Operational supportModerate risk
Decisions affecting peopleHigher risk

Step 2

Your business context

Micro / smallSimple implementation
MediumStructured controls
LargeFormal integration

Step 3

What you receive

Low risk

Compliance

Medium risk

Compliance + Governance

High risk

Compliance + Governance + Assurance

We adjust the depth based on your business size and complexity.

By Business Type

Structured for your size

The scope of what we do and what you receive is calibrated to your business.

01

Micro Businesses

Scope

  • Identify AI use
  • Highlight immediate risks
  • Provide simple rules

Output

  • Usage summary
  • Basic risk note
  • Short policy
  • 3–5 actions

02

Small Businesses

Scope

  • Map AI across operations
  • Assess customer impact
  • Identify gaps

Output

  • AI register
  • Risk summary
  • Short policy
  • Action plan

03

Medium Businesses

Scope

  • Structured audit
  • Review decision-making and data
  • Define controls

Output

  • System register
  • Risk register
  • Defined controls
  • Governance elements

04

Corporate

Scope

  • Support internal teams
  • Review systems and decisions
  • Provide independent analysis

Output

  • Audit reports
  • Control validation
  • Expert review
  • Litigation support

Differentiators

Focused and proportionate

Only what is required for your business, your risk, and your legal exposure.

No unnecessary frameworks

We work from your actual AI use and legal exposure — not from a pre-built template applied regardless of context.

No generic templates

Each engagement is scoped to your business. The output reflects what you need, not a standard document.

No over-engineering

Smaller businesses receive simple, actionable outputs. Complexity is added only where your risk level requires it.

Get started

Start with an Exposure Check

Answer a short set of questions about your AI use. We will identify your risk level and provide a clear picture of what is required.

Start Exposure CheckContact Virticus