Hacktok

HackTok is an AI-driven compliance system that flags geo-regulatory risks before deployment. With RAG, real-time checks, and audit-ready reports, it turns blind spots into traceable compliance clarity

Comment 2

Inspiration

As apps scale globally, every new feature risks falling into complex regional regulations like GDPR or data localisation laws. Teams often lack visibility into whether a feature is compliant until after launch. We wanted to turn compliance from an afterthought into a proactive, automated check built right into the development lifecycle.

What it does

HackTok is a Compliance Analysis System designed to quickly determine if an application’s features align with relevant geo-regulatory requirements. Using Retrieval-Augmented Generation (RAG), the system fetches laws and policies from a MongoDB knowledge base and analyses them with Anthropic’s Claude LLM for compliance reasoning.

How we built it

We combined a Next.js frontend with a FastAPI backend for efficient compliance checks. A MongoDB knowledge base stores features and regulations, updated automatically via N8N workflows that scrape new regulatory data. Claude LLM performs the reasoning layer, mapping features to legal texts. The system is containerised with Docker for scalable deployment and integrated with real-time notification channels to keep teams informed.

Challenges we ran into

  • Mapping technical product features to abstract legal language was more complex than expected.
  • Balancing automation with auditability required careful structuring of compliance reports.
  • Ensuring knowledge base updates were timely and accurate while handling global regulations.

Accomplishments that we're proud of

  • Built a working prototype that automatically flags compliance risks before feature deployment.
  • Integrated real-time notifications and audit reports, making compliance transparent and traceable.
  • Created a smart knowledge base that evolves with regulatory updates without manual effort.
  • Turned compliance checks into a developer-friendly tool instead of a bottleneck.
  • Developing functionality to involve humans in the loop to validate the automated regulation validations

What we learned

We learned that compliance can be engineered into the development pipeline without slowing teams down. Regulations are constantly changing, but with the right automation and LLM reasoning, they can be tracked and applied proactively. We also saw first-hand how important explainability and traceability are in compliance tools.

What's next for Hacktok

  • Implement Web Scraping to scour the internet to identify regulations
  • Expand the knowledge base to cover more regions and industry-specific regulations.
  • Add deeper integration with CI/CD pipelines so checks happen automatically during deployment.
  • Explore partnerships with legal experts to validate reasoning outputs.
  • Scale towards enterprise-level compliance dashboards for multi-product organisations.

Built With

+ 4 more
Share this project:

Updates