Blog.
Practical writing on regulated content + AI from the TeamSync team. Categories below.
Categories.
| Category | Recent topics |
|---|---|
| Permissions-aware AI | What "AI doesn't leak" actually means in production |
| Audit defensibility | Merkle ledgers in plain language; how Worm-vs-audit-trail under SEC 17a-4(f)(2) plays out |
| Vertical workflows | TMF inspection-readiness, MoC modernisation, batch records, FOIA cycle |
| Regulator watch | DORA, EU AI Act, NARA M-23-07, FDA Security Rule NPRM |
| Customer outcomes | Anonymised wins; named where customers approve |
| Engineering deep dives | platform architecture, agentic AI bounded autonomy, crypto-shred mechanics |
| Industry data | State of Document Tooling annual + ad-hoc surveys |
Featured posts.
(Listed dynamically on the production page; the following are perennials.)
- "What 'permissions-aware AI' must mean to your CISO" — explains the per-event-evidence framing.
- "The Merkle audit ledger, explained for the audit committee" — translates cryptography to attestation.
- "Crypto-shred for GDPR Article 17 — what 'erase from backup' really requires" — engineering plain-language.
- "How DORA's third-party register actually works, in 2025 practice" — operator's view.
- "When to coexist with iManage / Veeva / Procore — and when to extend with TeamSync" — coexistence patterns.
Subscribe.
Email list available. Privacy-respecting; opt-out per email.