Every developer knows how package management works. You declare a dependency — a library, a framework, a security patch — and your system pulls the latest version automatically. When the maintainer publishes an update, every project that depends on it gets the fix. You don't read the changelog and manually rewrite your code. The infrastructure handles distribution.
Now consider how compliance works.
A regulatory body publishes a rule. It comes as a PDF — sometimes hundreds of pages. Every organization that falls under that regulation reads the PDF, interprets what it means for their systems, writes internal policies based on their interpretation, and manually implements those policies across their operations. When the regulation changes, the cycle repeats. Every organization re-reads, re-interprets, re-implements. Independently. Inconsistently.
This is the fundamental inefficiency at the center of compliance: the distance between where rules are defined and where they're enforced is bridged entirely by human interpretation.
The Interpretation Gap
Most compliance failures aren't caused by organizations ignoring rules. They're caused by organizations implementing them differently.
HIPAA says protect PHI. One organization interprets that as "don't put patient names in Slack." Another interprets it as "encrypt everything at rest." A third interprets it as "train employees annually." All three are partially right. None of them are enforcing the same thing. And when an AI chatbot generates a response containing a patient's medication history in an unencrypted channel, all three of their interpretations failed to prevent it — because the rule lived in a policy document, not in the system.
The EU AI Act requires risk management systems, technical documentation, and human oversight for high-risk AI. But what specific checks constitute "human oversight"? What qualifies as adequate "technical documentation"? Every company deploying high-risk AI in Europe will answer these questions differently. The regulation is the same. The implementations will be wildly inconsistent.
This isn't a criticism of regulators. Writing rules that apply across thousands of organizations in different industries, sizes, and technical environments is genuinely hard. Specificity creates rigidity. Generality creates ambiguity. The current approach optimizes for flexibility — publish principles, let organizations figure out implementation.
But that optimization made sense when compliance was a quarterly human process. It breaks down completely when AI systems are generating content, taking actions, and making decisions at machine speed across every surface of an organization. The interpretation gap that was tolerable at human scale becomes a systemic risk at AI scale.
What Package Management Taught Software Engineering
Software engineering solved a version of this problem decades ago.
Before package managers, developers copied code between projects manually. Libraries were shared as zip files. When a security vulnerability was discovered in a widely-used library, every project that used it had to be individually identified and patched. Some were. Many weren't. The result was a fragmented ecosystem where the same vulnerability persisted across thousands of systems for months or years after a fix was available.
Package managers — npm, pip, Maven, NuGet — changed the model fundamentally. Instead of copying code, you declare a dependency. The package manager resolves versions, handles updates, and ensures compatibility. When a maintainer publishes a security patch, every project that depends on that package can pull the update. Distribution is infrastructure, not effort.
This model has three properties that matter:
Canonical source. There's one authoritative version of each package, maintained by the people who understand it best. You don't fork OpenSSL and maintain your own version — you subscribe to the official one.
Automatic updates. When the source changes, consumers get the update through the same mechanism they used for initial installation. No re-reading changelogs and manually reimplementing.
Version control. Every change is tracked, documented, and reversible. You can see what changed between versions, when it changed, and why. You can pin to a specific version if you need stability, or follow the latest if you want to stay current.
Now imagine this model applied to compliance policies.
Policy-as-Package: What This Would Look Like
Picture a regulatory body — say, HHS for HIPAA or the European Commission for the AI Act — publishing their requirements not as a PDF, but as a subscribable policy package. The package contains enforceable rules: specific checks that can be applied to AI outputs, code, documents, and agent actions. Deterministic rules for the clear-cut requirements. AI-powered rules for the nuanced ones. All grounded in the regulatory source text for auditability.
An organization deploying AI in healthcare subscribes to the HIPAA package. Immediately, every AI output, every patient-facing document, every Slack message in their organization is evaluated against the rules in that package. When HHS updates the Privacy Rule — as they did in early 2026 with new reproductive health PHI protections — the package updates. Subscribers get the new rules automatically. No re-reading the Federal Register. No three-month internal project to update policies. The infrastructure handles it.
This isn't limited to government regulators. The model works for any entity that defines rules others need to follow:
Industry standards bodies publish packages for their frameworks. ISO 42001 for AI management systems. NIST AI RMF for risk management. PCI-DSS for payment security. Subscribe to the package, enforce the standard. When the standard evolves, your enforcement evolves with it.
Large enterprises publish packages for their vendor requirements. Instead of sending a 200-question security questionnaire and hoping vendors interpret it correctly, they publish a policy package that says "here are our requirements as enforceable rules." Vendors subscribe, enforce the rules on their systems, and produce compliance evidence automatically. The enterprise gets consistent enforcement across their entire vendor ecosystem instead of 50 different interpretations of the same questionnaire.
Consulting firms and compliance experts publish curated packages for specific verticals or use cases. A healthcare compliance consultancy publishes a package that combines HIPAA, FDA AI guidance, and state-level requirements into a single enforceable set — the same expertise they'd deliver through a $200K engagement, distributed as subscribable infrastructure.
Peer organizations share packages with each other. A consortium of healthcare AI companies agrees on shared governance standards and publishes a package that all members enforce. Consistency across the consortium becomes automatic rather than aspirational.
The Network Effects Nobody Talks About
The interesting dynamics emerge when you think about what happens at scale.
When an enterprise publishes their vendor requirements as a subscribable policy package, their vendors don't just comply — they become advocates for the system. A vendor that subscribes to five enterprise customers' policy packages gets more value from the infrastructure than a vendor with one subscription. The enforcement engine becomes more valuable as more policy providers publish to it.
When a regulatory body publishes an official package, every organization in their jurisdiction has a reason to subscribe. That creates a distribution channel that didn't exist before — regulators can see adoption rates, identify which rules generate the most violations, and understand where the interpretation gaps are. The feedback loop between rule-makers and rule-followers, which today operates through annual audits and enforcement actions, becomes continuous.
When community-contributed packages emerge — free, open, maintained by practitioners — the barrier to baseline governance drops to near zero. A startup that can't afford a compliance consultant can subscribe to a community-maintained HIPAA package and immediately enforce basic protections. It's not as thorough as a custom implementation, but it's infinitely better than nothing.
This is the same dynamic that made open-source software dominant. Free packages drive adoption. Adoption creates a platform. The platform attracts premium publishers. Premium publishers attract enterprise customers. Enterprise customers fund the ecosystem.
Why This Doesn't Exist Yet
The obvious question: if this model is so compelling, why hasn't someone built it?
A few reasons.
Compliance has been a human process. Until very recently, "enforcing a policy" meant a person reading a document and checking things manually. You can't distribute a human process as a package. The prerequisite for policy-as-package is policy-as-code — rules that can be evaluated programmatically against content and actions. That capability is only now becoming viable as AI evaluation engines mature.
Regulators aren't software publishers. Government agencies publish rules through the Federal Register, not through package repositories. The institutional muscle memory, technical infrastructure, and distribution mechanisms for publishing enforceable code simply don't exist in regulatory bodies. This will change — NIST's new AI Agent Standards Initiative is explicitly exploring how to distribute agent governance standards — but it will take time.
Compliance vendors sell services, not infrastructure. The existing compliance industry makes money from consulting engagements, manual audits, and platform subscriptions where the value is human expertise. A model where policies distribute automatically reduces the need for manual interpretation — which is what most compliance spending pays for. Incumbents aren't incentivized to build this.
Trust is hard to bootstrap. An organization won't enforce policies from a source they don't trust. A community-maintained package might have errors. An unofficial regulatory interpretation might be wrong. The trust layer — verified publishers, official sources, version history, audit trails — is as important as the technical layer. It takes time to build.
But the forces pushing toward this model are stronger than the forces resisting it. AI is generating content faster than humans can review it. Regulations are multiplying and evolving more frequently. Enterprises are demanding governance evidence from every vendor. And the interpretation gap — the distance between where rules are written and where they're enforced — is becoming the primary source of compliance risk.
What Changes When Policies Become Subscribable
The shift from policies-as-documents to policies-as-packages changes the dynamics of compliance in ways that go beyond efficiency.
Compliance becomes continuous, not periodic. Today, organizations prove compliance at audit time — assembling evidence, often retroactively, for a point-in-time assessment. When policies are enforced programmatically, compliance is continuous. Every evaluation is evidence. Every violation is a logged event with a resolution trail. The audit becomes a report, not a project.
Interpretation becomes transparent. When a regulatory body publishes an enforceable rule, their interpretation of the regulation is explicit. Organizations can see exactly what the rule checks, how it evaluates content, and what triggers a violation. Ambiguity decreases because the implementation is inspectable. Disagreements become concrete — "this rule flags X, but we believe Y is the correct interpretation" — rather than abstract.
Updates propagate instantly. When a regulation changes, the package updates. Every subscriber gets the new rules. The lag between regulatory change and organizational compliance — which today can be months or years — collapses to hours. The reproductive health PHI protections that took effect in 2026 could have been enforced across every subscriber the day the rule was published, not six months later after every organization completed their internal update cycle.
Small organizations get enterprise-grade governance. Today, robust compliance programs require significant investment — consultants, dedicated staff, expensive platforms. Subscribable policy packages make baseline governance accessible to organizations that can't afford custom implementations. A five-person AI startup can enforce the same HIPAA rules as a hospital system. The playing field levels.
Governance becomes a network, not a silo. When an enterprise shares its policy package with vendors, and those vendors share their packages with their partners, governance cascades through the supply chain. Compliance stops being something each organization figures out in isolation and becomes a connected network where rules flow from source to enforcement automatically.
The technology for this exists today. Policy-as-code engines can evaluate content against rules programmatically. AI can handle the nuanced rules that pattern matching can't. Knowledge-grounded evaluation can check content against organizational context. The building blocks are in place.
What's missing is the distribution layer — the infrastructure that connects policy makers to policy enforcers the way package managers connect library maintainers to developers. The NIST AI Agent Standards Initiative is the clearest signal yet that standards bodies are thinking about distribution, not just definition. The question isn't whether compliance policies will ship like software. It's who builds the registry.
