Reading a Report

Start with the source, then review the findings.

Compliance Flag reports help reviewers triage potential issues. The reviewer decides what the report means and what should happen next.

What the report is

A report is an AI-assisted draft for review, generated from Anthropic's Opus model output and validated against the bundled report schema. It includes a plain-language executive summary, finding counts, one or more potential findings, source references, and a standing disclaimer. The JSON structure mirrors the HTML rendering, so the report can be read by people or imported into other tools.

The source material is preserved alongside the report. A reviewer should use that source artifact to confirm that quoted excerpts and surrounding context match what was analyzed.

Recommended review sequence

  1. Open the HTML report for a readable overview.
  2. Confirm the source type, source title, and location.
  3. Read the executive summary for the highest-level risk themes.
  4. Review severity and category counts to decide triage order.
  5. For each finding, compare the excerpt against the saved source artifact.
  6. Accept, reject, revise, escalate, or archive each finding using professional judgment.

Report fields

FieldHow to read it
executive_summaryA plain-language overview for a senior reviewer. It should not be treated as a final compliance conclusion.
summary.by_severityCounts for critical, high, medium, and low findings. Start with the highest severity present.
summary.by_categoryCounts grouped by categories such as general prohibitions, recordkeeping, or Form ADV.
findings[]One entry per potential issue, including citation, excerpt, context, explanation, and possible remediation.
ruleThe primary SEC citation and rule description used for the finding.
related_rulesAdjacent provisions a reviewer may want to consider.
content.excerptThe quoted text that should be verified against the saved source artifact.
violation.remediationDraft remediation notes for review, not instructions that should be applied automatically.

What a reviewer should not assume

  • A clean report does not prove the content is compliant.
  • A finding is not a final legal, compliance, or regulatory determination.
  • Suggested language is not legal advice and should not be pasted into production without review by qualified personnel.
  • Bundled regulatory sources are point-in-time materials and should be checked against authoritative sources for important reviews.
Previous Usage Next Rule Boundaries

Compliance Flag and Quillmark LLC are not law firms and do not provide legal, compliance, regulatory, investment, tax, accounting, or financial advice. The project, scan outputs, articles, and examples are for informational and operational use only. They should be reviewed by qualified personnel before use. Compliance Flag and Quillmark LLC do not determine that any communication meets all applicable requirements and are not affiliated with, endorsed by, or acting on behalf of the SEC or any other regulator. Regulatory and enforcement references are based on source materials and may not reflect later developments.

Compliance Flag is a Quillmark Open Source initiative. Compliance Flag is not endorsed by, sponsored by, or affiliated with OpenAI, Anthropic, or any model provider.