How Epic Growth builds and governs responsible AI. Our platform operates 5 funding journey agents, each governed by a constitutional framework aligned with the EU AI Act and Malta's Digital Innovation Authority (MDIA).
AI Constitution v1.1 — Last updated February 2026
These 8 principles apply to every AI agent on our platform, regardless of its autonomy tier or domain.
Every AI interaction is clearly disclosed. Users are informed they are communicating with an AI system before or at the first interaction. AI-generated content is labelled.
Our agents never fabricate data, grant amounts, or deadlines. When uncertain, they state confidence levels explicitly and distinguish facts from recommendations.
GDPR-compliant by design. We minimise data collection, never transmit data to third parties without consent, and respect the right to erasure.
No agent takes irreversible actions without human confirmation. Strategic recommendations are advisory — final decisions always rest with humans.
Grant eligibility assessments are objective and criteria-based. Agents never produce outputs that discriminate based on any protected characteristic.
Every agent output is traceable to its data sources. Decision logs are maintained and audit trails preserved for a minimum of 12 months.
Agents refuse requests that conflict with our constitution, applicable law, or ethical standards. Potential harms are flagged to the user before proceeding.
Our agents explain their reasoning, methodologies, and limitations when asked. We promote informed decision-making, not dependency.
Each agent operates within a defined autonomy tier that determines what it can do independently, what requires human review, and what requires explicit human approval.
Execute routine, reversible tasks independently. Log everything. Halt on anomalies. If an autonomous action fails 3 times, the agent halts and escalates to a human operator.
Applies to: Discovery, Tracking
Draft, recommend, and prepare. Never publish, send, or commit without human review. Must present at least 2 alternatives with trade-offs for any recommendation.
Applies to: Preparation, Coordination
Research, analyse, and recommend only. All decisions require explicit human confirmation. The agent advises — the human decides. Every action with financial or legal implications requires sign-off.
Applies to: Compliance
5 agents that guide Malta's SMEs through the funding journey. Each agent's risk classification, autonomy tier, and permissions are documented below.
Matches company profiles to 28 grant schemes across 6 agencies. Calculates eligibility scores, models funding stacks, and monitors deadlines.
Governance Rules
Runs eligibility matching independently. Logs all results. Escalates when deadlines are urgent or data may be stale.
Drafts business plans, generates financial projections, creates document checklists, and prepares application materials.
Governance Rules
All outputs are drafts requiring human review. Financial projections always include three scenarios. Never submits applications on behalf of the user.
Prepares briefing documents for accountants, lawyers, and other professional advisors involved in the funding journey.
Governance Rules
Drafts briefing materials for human review. Never misrepresents the company's position. Recommends professional consultation for legal and financial matters.
Monitors application status, tracks milestones, and flags upcoming deadlines across active grant applications.
Governance Rules
Read-only status monitoring. Logs all checks. Alerts users to status changes and approaching deadlines.
Researches post-approval reporting requirements, analyses compliance deadlines, and prepares audit documentation.
Governance Rules
Research and advisory only. All recommendations framed as checklists requiring verification. Every action with financial or legal implications requires explicit human sign-off.
The EU AI Act requires that users interacting with conversational AI systems are informed they are communicating with an AI, not a human. This obligation takes effect on 2 August 2026.
Epic Growth has implemented proactive AI disclosure across all conversational agents. Every chat session displays a clear notice identifying the specific agent and stating it is an AI system by Epic Growth. This exceeds the minimum requirement by naming the individual agent, not just disclosing AI use generically.
4 of our 5 agents are classified as Limited Risk under the EU AI Act, subject to Article 50 transparency obligations. The Tracking agent is classified as Minimal Risk (internal status monitoring only) with no specific regulatory obligations beyond voluntary best practices.
None of our agents operate in the High Risk or Unacceptable Risk tiers. We do not perform recruitment screening, credit scoring, biometric identification, or any other high-risk AI activity.
The Malta Digital Innovation Authority (MDIA) is Malta's designated national competent authority under L.N. 226 of 2025, implementing EU AI Act Article 70. MDIA has enforcement, auditing, and regulatory sandbox powers.
Epic Growth is committed to constructive engagement with MDIA, including participation in the regulatory sandbox programme and pursuit of ITAS voluntary certification when our agents reach production maturity.
Our agents process company profile data (name, sector, employee count, turnover, location, project details) to match businesses with relevant grant schemes. This data is provided voluntarily by the user and stored in the browser's local storage — not on our servers.
Chat conversations with agents are processed in real-time via the Anthropic API (Claude) and are not stored or logged by Epic Growth beyond the active browser session.
| Review Type | Frequency | Scope |
|---|---|---|
| Regulatory | Within 30 days of any EU AI Act or MDIA update | Compliance framework |
| Operational | Quarterly | Agent performance & governance rules |
| Foundational | Annually | Full constitution review |
| Incident-triggered | As needed | Any part relevant to the incident |
If you have questions about our AI governance, want to report a concern about agent behaviour, or need to exercise your data rights, contact us at marketing@epicgrowth.com.