This post is authored by Patrick E. Zeller. Patrick is General Counsel at JetStream Security and a legal and compliance executive with more than 25 years advising Fortune 100 companies on AI governance, privacy, cybersecurity, and compliance.   

On April 2, the FDA issued a warning letter that compliance and risk teams across every regulated industry should read. A cosmetics manufacturer had deployed an AI agent to identify and interpret its regulatory requirements under the Current Good Manufacturing Practice. The agent missed critical obligations, and no qualified human reviewed its output before the company relied on it. Purolea failed the inspection and pointed to what the AI had not told them as the explanation. 

I spent years as a federal computer crimes prosecutor and regulator. I have been in the room where those explanations are offered, and I can tell you how they land. They do not land well. The agency’s response here was exactly what I would have expected: outputs generated by AI in regulated workflows must be reviewed and approved by a qualified human representative, as required by regulation. Delegating compliance accountability to an AI system is not a recognized defense. The letter cites the specific provisions Purolea failed to meet (21 Code of Federal Regulations Parts 210 and 211) and makes clear the company’s obligation did not transfer to the tool it chose to use. 

That principle will not stay in pharmaceuticals and cosmetics. Any organization deploying AI in a regulated workflow is operating in an environment where the same logic applies. 

What failed at Purolea was not the AI’s accuracy in isolation. What failed was the governance architecture around it. Three specific gaps drove the enforcement action, and each one reflects a decision that was not made before the system went into use. 

You must document what an AI agent does to check its work 

The company had no documented inventory of what its AI agent covered. No one had formally established what the agent was and was not equipped to handle in a regulated context. That gap made it impossible to distinguish between “the agent reviewed this requirement and it was met” and “the agent never reached this requirement at all.” You cannot govern what you cannot see, and you cannot defend in an examination what you cannot document. An AI agent processing regulatory requirements without a defined scope and a clear record of its coverage is not a compliance tool. It is an unexamined risk. 

Human review is a regulatory requirement, not a best practice 

There was no documented human review process before AI outputs informed compliance decisions. The FDA’s instruction here is specific: A qualified human must review and approve AI-generated outputs before those outputs drive regulated decisions. That is not general guidance about AI oversight. It is a regulatory requirement with teeth. 

Organizations that want to use AI in regulated workflows need an approval process that satisfies that requirement, and they need it designed before deployment, not reconstructed after an inspection finding. You cannot approve what you cannot describe, and you cannot describe a process that was never written down. 

AI compliance monitoring much catch problems before regulators do 

There was no mechanism for detecting incomplete or incorrect outputs before they became compliance gaps. The agent’s failure to flag certain requirements was not caught until an inspector found it. That is the difference between a governance program and a governance assumption. Regulators do not accept assumptions. They accept evidence: logs, approvals, documented review. If your program cannot produce that evidence at the moment it is requested, it does not matter what the AI was supposed to do. 

These are not hypothetical risks. They are the exact gaps that produce warning letters, consent orders, and enforcement actions. I have seen organizations on the receiving end of all three. The pattern is consistent: the tool was trusted, the process was informal, and the documentation did not exist until someone needed to find it quickly. 

The Purolea letter is not a warning against using AI in compliance programs. It is a clarification of what using AI in compliance actually requires. The organizations that build visibility into their AI deployments, document the human review process, and verify outputs against the regulatory record before an examiner asks are the ones running a program. The ones that encounter these questions in a warning letter are the ones that treated governance as a detail to sort out later. 

AI can support compliance. It cannot own it. That is now the stated position of a major federal regulator, in writing, with a specific company named as the example. The question for every general counsel, chief compliance officer, and chief risk officer reading this is straightforward: If the FDA sent an inspector to your AI workflows tomorrow, what would they find?