One governance layer for agents and people alike

The Governor is Loam's built-in governance engine. It doesn't bolt on security after the fact — it makes every query, every action, and every piece of intelligence permission-aware from the ground up.

Governance that doesn't slow you down

Most governance frameworks create friction. The Governor is invisible when everything is fine and unmovable when it matters.

Role-based access control

Define who can see what with fine-grained RBAC. Roles map to your org structure, not arbitrary permission matrices. Sales sees sales data. HR sees HR data. No leakage.

Full audit trails

Every query, every access, every action is logged with full context. Who asked, what was returned, why it was allowed. Compliance isn't a checkbox — it's a queryable record.

Policy enforcement

Define policies in plain language and Loam enforces them automatically. "Never share salary data outside HR." "Client contracts require manager approval to reference."

Approval workflows

High-impact actions surface for human review before execution. You define the thresholds. Loam handles the routing, escalation, and audit trail.

Permissions that mirror how you actually work

Forget complex permission matrices. The Governor uses your existing org structure — teams, channels, roles — as the permission model. If you're in the room, you can access the intelligence.

  • Channel membership is the permission boundary
  • Roles inherit from your identity provider
  • Policies defined in natural language, not config files
  • Changes propagate instantly, no cache invalidation

Permission resolution

Identity
Who is asking?
SSO verified
Membership
What channels and teams?
3 teams, 12 channels
Policy check
Any applicable rules?
2 policies matched
Data classification
What sensitivity level?
Internal only
Decision
Allow, restrict, or block?
Allowed
audit log
14:23:01 sarah.chen queried "Acme contract terms"
→ policy: client-contracts → role: account-lead → allowed
14:23:04 agent:renewal-bot requested "send renewal reminder"
→ policy: external-comms → action: communicate → pending approval
14:23:08 james.ko queried "team salary bands"
→ policy: hr-data → role: ic-engineer → blocked

Every decision, fully traceable

The Governor logs every permission decision with complete context. Not just "allowed" or "blocked" but why, which policy matched, and what data was involved. Your compliance team will love this.

  • Queryable audit log with full decision context
  • Agent and human actions logged identically
  • Export to SIEM, compliance tools, or custom dashboards
  • Anomaly detection on access patterns

Humans in the loop, where it matters

Not every action needs approval. But when stakes are high — external communications, data modifications, financial decisions — The Governor routes to the right person automatically.

Threshold-based routing

Define approval thresholds by action type, data sensitivity, or dollar amount. Low-risk actions flow automatically. High-risk actions pause for review.

Smart escalation

If the primary approver doesn't respond within your SLA, The Governor escalates to the next person in the chain. No action gets stuck in limbo.

Contextual approvals

Approvers see full context: what action is proposed, why, what data is involved, and what the agent's reasoning was. Informed decisions in seconds.

AI your compliance team will actually approve

Governance built into the architecture, not bolted on after.

Get Early AccessBook a Call