What is DIOS?
DIOS — the Dousatsu Intelligent Operations System — is Dousatsu's proprietary five-plane architecture for deploying AI inside regulated organisations. It is not a software product. It is a governed implementation framework: a structured way of thinking about, building, and managing AI so that regulated firms can use AI confidently without exposing themselves to regulatory, data, or reputational risk.
"If your largest client, your board, or a regulator asked you to demonstrate that your AI tools are operating under human oversight, GDPR-compliant, and auditable — how long would it take to answer? DIOS means the answer is always: immediately."
The Five Planes
DIOS organises AI governance and implementation across five distinct planes. Each plane has a specific function. Together they create a complete, auditable AI operating environment.
What it governs: Workflow registry, agent inventory, access policies, and the master governance layer.
The Control Plane answers the question: what AI is running in this business, who authorised it, and what is it allowed to do?
What it governs: n8n orchestration, API integrations, execution layer — where the work happens.
The Data Plane addresses what data enters AI systems, how it flows, and where it goes. For regulated firms, this is the plane that maps exposure points and establishes rules for what can and cannot be processed by AI tools.
What it governs: Context management, structured storage, retention schedules. The primary GDPR exposure point in any AI architecture.
Three memory tiers: Session (purged on completion) · Operational (90-day TTL on personal data) · Strategic (aggregated, non-personal, reviewed quarterly).
What it governs: Audit logging, human-in-the-loop gates, compliance mapping. The layer that makes the system auditable, defensible, and compliant.
Every production workflow carries a decision audit log. Every workflow with external write access or personal data output requires a mandatory human approval gate.
What it governs: LLM routing, model selection, prompt governance — where AI generates value.
The first four planes exist to make this plane safe. The Intelligence Plane exists to make AI worthwhile. Every production prompt is version-controlled with purpose, model, risk tier, and known failure modes.
Why architecture, not pillars
Many AI consultants organise their offer around three pillars — strategy, implementation, training. These are useful categories. They are not an architecture.
Architecture matters for regulated firms because regulators want to see structure, not intent. The SRA's AI guidance, the FCA's operational resilience expectations, and the ICO's data protection framework all point toward the same requirement: demonstrate that your AI use is governed. A pillar is a category. A plane is a functional layer with defined inputs, outputs, responsibilities, and audit points.
DIOS was built specifically for firms that need to evidence governance — not just describe it.
Four forces converging on UK regulated SMEs
AI guidance is active and professional indemnity insurers are beginning to ask questions. The 2025 UK High Court sanctions for AI-fabricated case law made the risk concrete for every law firm using generative AI.
Consumer Duty creates accountability for AI-assisted advice and communications. Under SM&CR, if an AI tool influenced a client recommendation and it went wrong, personal liability attaches to named individuals.
UK GDPR enforcement is active. The ICO's 2026 agentic AI guidance marks a shift toward regulating AI that does, not just chatbots that talk. Hallucinations generating personal data are a GDPR accuracy failure.
are beginning to price AI risk into premiums. Firms that cannot evidence governance face higher exposure at renewal.
How it works
A 90-minute structured assessment of your current AI exposure, tool landscape, and governance gaps. Maps your current state against the five planes. You leave knowing exactly where your risk is and in what order to address it.
Shadow AI inventory, five-plane diagnostic, Trust Plane build, governance documentation. At the end of 30 days you have an auditable, defensible AI operating environment.
Monthly agent inventory review, audit log reporting, compliance monitoring, quarterly architecture review, and incident response cover.
Results
A workflow automation project for a construction sector client delivered a 23% lift in quote-to-conversion rate within the first engagement period. The Intelligence Plane delivered the result. The Control, Data, and Trust Planes made it safe to deploy.
Ready to see where you stand?
The Risk & Readiness Assessment is the entry point to DIOS. Free to complete. Results in minutes.
Take the Risk Assessment