EU AI Act DORA NIS2 CRA CSRD ISO 42001

Signed compliance attestations. In 4 days, not 8 weeks.

MEOK Compliance Centre. 32-server MCP fleet. Ed25519-signed attestations your auditor, regulator, and customers verify with a single curl.

days until EU AI Act Article 50 transparency obligations land (2 Aug 2026)

Buy Pro £199/mo → Book 48h Assessment £5,000 →

Pricing

Free

£0

200 calls/day per MCP. No signed receipts.

All 32 MCPs in the catalogue
Free-tier /sign endpoint
Community support

Start free →

Pro most popular

£199/mo

1,000 calls/day per MCP. Ed25519-signed receipts.

All 32 MCPs in the catalogue
Signed Ed25519 attestations
Public verify URL per cert
Priority support
Offline verification tool

Buy Pro →

Enterprise

£1,499/mo

Multi-tenant. Co-branded receipts. On-prem option.

Everything in Pro
Co-branded attestations
Multi-tenant provisioning
On-prem deployment
Dedicated CSM

Buy Enterprise →

48h Assessment

£5,000one-time

Full audit + remediation backlog + signed certificate.

Full governance report
All in-scope frameworks
Remediation backlog with line-item owners
Signed Article 50 attestation
30-min legal review

Book 48h →

Frameworks covered (21+)

EU AI Act (Art 5, 6, 10, 11, 12, 14, 15, 26, 27, 50, 51)

DORA (5 pillars, Art 17)

NIS2 (Art 21, 23)

CRA

CSRD

GDPR + UK GDPR

HIPAA

SOC 2 (TSC)

PCI DSS 4.0

ISO/IEC 27001

ISO/IEC 42001

NIST AI RMF

UK AI Bill

OWASP Agentic AI Top 10

OWASP LLM Top 10

C2PA

NIST SSDF

SLSA

MITRE ATLAS

Care Membrane (4 dimensions)

AI-BOM

Case studies

UK Challenger Bank

Saved £165K vs Big-4 quote. 4-day Article 50 audit. FCA-ready signed attestation.

Read the case study →

UK Domiciliary Care

Signed attestation across 14 LAs. CQC inspection from anxiety to advantage. Network effect.

Read the case study →

UK HR-Tech Scaleup

From EU RFP blocker to 12% uptick in EU enterprise wins. One-line answer: "Yes, here's the signed certificate."

Read the case study →

How signed attestations work

Every Pro-tier audit emits an Ed25519-signed JSON-LD attestation:

Public key registered to your legal entity (CSOAI Ltd, UK 16939677)
Hash of the audit payload (scope, models, findings, remediation state)
Signature verifiable offline with pip install meok-attestation-verify
Anchor to a transparency log so it can't be backdated

Why Ed25519 over RSA? Smaller signatures (64 bytes), faster verification, no padding oracle history, and it's what sigstore and the major supply-chain attestation frameworks (in-toto, SLSA L3) use.

Why JSON-LD over a PDF? Because a regulator — or a procurement team in your supply chain — can verify the signature, the schema, and the revocation status in a single curl. No email chain. No "we'll get back to you."

Quick start

# Install the keystone verify tool
pip install meok-attestation-verify

# Or run a free audit
curl -X POST https://meok-attestation-api.vercel.app/sign \
  -H "Content-Type: application/json" \
  -d '{"email": "you@company.com", "framework": "eu-ai-act"}'

# Or buy Pro
https://buy.stripe.com/aFa7sNcgAdQS0ZT1Uc8k91t

Why MEOK (not Big-4, not a generic GRC tool)

Sovereign UK infrastructure. No EU dependency. No data leaves the UK.
Independent (CSOAI Ltd, 100% Nick Templeman).
Open source MCP fleet. 32 servers. Inspect the code, fork it, run it yourself.
Ed25519-signed attestations that survive 7-year retention without rotting.
£4,950 vs Big-4 £40-80K. 4 days vs 8 weeks.