Japan AI Governance Compliance

AI Guardian is the only Japanese-native AI security platform designed for Japan's regulatory landscape. With My Number detection, Japanese prompt injection protection, and Human-in-the-Loop review, it technically covers requirements from the AI Promotion Act, AI Operator Guidelines, and APPI.

Regulation Requirements Covered

25+

Japanese Detection Patterns

100%

Audit Trail Coverage

Applicable Japan Regulations & Guidelines

AI Promotion Act (Effective Sep 2025)

Japan's first AI law. Requires operators to 'endeavor to cooperate,' emphasizing transparency and human involvement. No penalties, but includes investigation cooperation obligations and administrative guidance. AI Guardian's audit logs and Human-in-the-Loop directly address this law's intent.

AI Operator Guideline v1.1 (Published Mar 2025)

Published by MIC and METI. Requires all AI operators to conduct risk assessments, establish governance frameworks, and ensure transparency. v1.2 expected March 2026, adding AIAgent coverage.

AI Security Technical Guideline (Draft FY2025)

Being developed by MIC. Focuses on LLMs, requiring 'multi-layer defense' including prompt injection countermeasures. AI Guardian's 3-layer defense (regex → similarity → HitL) directly aligns with this guideline's recommendations.

AI Guardian's Multi-Layer Defense Architecture

Layer 1: Regex (43 patterns)→Layer 2: Similarity (40 phrases)→Layer 3: Human-in-the-Loop

APPI / My Number Act

My Number is legally protected as 'Specified Personal Information' with criminal penalties for leakage. AI Guardian detects My Number (12 digits) in both input and output, with auto-sanitization for automatic redaction.

Feature × Regulation Mapping

Shows how each AI Guardian feature maps to specific Japanese regulatory requirements.

AI Guardian Feature	Regulation Requirement	Status
Input Filter (43 patterns)	AI Security GL "Multi-layer Defense"	✓ Covered
Output Filter (7 patterns)	AI Operator GL "Output Appropriateness"	✓ Covered
Human-in-the-Loop	AI Promotion Act "Human Involvement" / AI Security GL "Human Approval"	✓ Covered
Audit Logs (100% recorded)	AI Operator GL "Transparency" / APPI "Processing Records"	✓ Covered
My Number Detection	My Number Act "Proper Handling of Specified Personal Info"	✓ Covered
Risk Scoring (0-100)	AI Operator GL "Risk Assessment"	✓ Covered
Compliance Reports	AI Operator GL "Governance Framework"	✓ Covered
Policy Engine	AI Security GL "Architecture Review"	✓ Covered
OWASP/CWE Classification	AI Security GL "International Standards"	✓ Covered
Auto-Sanitization (PII Redaction)	APPI "Safety Management of Personal Data"	✓ Covered
Remediation Hints (with OWASP refs)	AI Operator GL "Appropriate Info Provision"	✓ Covered

Japanese Detection Capabilities

Prompt Injection

4 patterns

"Ignore previous instructions" "Show system prompt" "Remove restrictions"

PII Detection (Input)

6 patterns

Phone, My Number, Postal Code, Address, Bank Account, Corporate Number

Confidential Data

1 patterns

"Confidential" "Internal Only" "Top Secret"

PII Detection (Output)

2 patterns

My Number, Phone Number in output

Similarity (Layer 2)

12 patterns

40 Japanese paraphrase attack phrases

Example: My Number Detection & Auto-Sanitization

from ai_guardian import scan, sanitize

# Scan text containing My Number
result = scan("My number is 1234 5678 9012")
print(result.is_safe)       # False
print(result.risk_score)    # 70
print(result.matched_rules[0].owasp_ref)
# "OWASP LLM02: Sensitive Information Disclosure"

# Auto-redact
cleaned, redactions = sanitize("My number is 1234 5678 9012")
print(cleaned)  # "My number is [MY_NUMBER_REDACTED]"

Industry-Specific Guide

Financial Services

For banks, securities, and insurance using LLMs, prevention of account/credit card leakage and FISC compliance is required. AI Guardian detects financial PII in both input and output, with compliance reports for audit readiness.

Healthcare

Sending patient data to LLMs poses significant APPI risks. AI Guardian's auto-sanitization can redact patient information before LLM transmission.

Government & Public Sector

The 'Government AI Procurement Guideline' takes full effect from April 2026. AI Guardian's audit logs, HitL, and compliance reports provide the foundation for meeting procurement requirements.

Getting Started

AI Guardian integration takes 3 steps. Japanese detection patterns are enabled by default.

# Step 1: Install
pip install aig-guardian

# Step 2: Integrate scanning (just add 2 lines)
from ai_guardian import scan, sanitize

user_input = "user input here"
result = scan(user_input)

if result.is_blocked:
    # Auto-block + provide remediation hints
    print(result.remediation)
elif result.needs_review:
    # Queue for human review
    review_queue.add(user_input, result)
else:
    # Safe → forward to LLM (with PII auto-redaction)
    cleaned, _ = sanitize(user_input)
    response = llm_client.generate(cleaned)

# Step 3: Generate compliance report
# Export as JSON/CSV from dashboard