Shipping AI in Regulated Industries: A LATAM Playbook
Shipping AI in regulated industries across LATAM without getting shut down. A playbook for LGPD, human oversight, audit trails, and PL 2338 risk tiers.
Shipping AI in regulated industries comes down to one discipline. You have to prove, after the fact, exactly how any consequential decision was made. In a regulated LATAM vertical the enforcer has a name, a statutory deadline, and a fine, so the build changes before you write the first line of product code.
This is a build playbook, not another argument that regulation is a moat. Avante Ventures is a venture studio building AI-native companies in Brazil and Latin America, and its ventures ship inside verticals where a regulator or a court can order a product offline in an afternoon. The moves that keep that from happening are concrete. Classify the use case by risk, keep a human on every consequential decision, log every model input and output, and design for data-subject rights from the schema up.
What regulated actually changes in the build
Regulation does not decide whether you ship AI. It decides what you must be able to prove once you have. In an unregulated app a bad output is a bug you patch on Friday. In a regulated vertical the same output is a liability with a named enforcer, the ANPD, waiting on the other end of it.
Four things change the moment the vertical is regulated.
- Explainability. You must state, in plain language, the criteria and the procedure behind any automated decision. Brazil's LGPD Article 20 gives the data subject the right to request review of a decision made solely by automated processing, and the controller has to supply clear information about the criteria used.
- Human accountability. A consequential decision needs a named human who can override the model and answer for the outcome. That is the line between a copilot that recommends and a system that decides alone.
- Audit trails. Every input, output, prompt version, and human action has to be logged and reconstructable months later. A regulator does not accept the answer that the model said so.
- Data handling. Personal data used to train or prompt the model falls under LGPD. Legal basis, retention limits, and data-subject rights are build constraints from day one, not features you bolt on before launch.
LGPD administrative sanctions reach a simple fine of up to 2% of a company's revenue in Brazil in the prior fiscal year, capped at R$50 million per infraction, applied by the ANPD. That is the cost of not being able to explain an output.
— LGPD Article 52, enforced by the ANPD
Ship AI in a regulated vertical in six steps
Here is the sequence an operator can start this week. Each step ties to a specific Brazilian legal hook, not a generic best practice from a vendor deck.
- Classify the use case by risk before you write product code. Brazil's AI bill PL 2338/2023 uses an EU-AI-Act-style risk tiering. Article 14 treats systems in recruitment, education, credit granting, and public services as high risk. If your feature lands there, build for the high-risk regime now, not after the audit.
- Keep a human in the loop on any consequential decision. The model drafts, scores, or recommends. A qualified human confirms or overrides before the decision reaches the person, and that action is logged as a first-class event.
- Log every model input and output. Prompt, model version, input data, output, confidence, the reviewer, and the final decision, all timestamped and queryable. This is the record you hand a regulator.
- Design for data-subject rights from the schema up. Access, correction, deletion, and automated-decision review belong in the data model before launch. Retrofitting them onto a live product is where teams burn quarters.
- Constrain the model with guardrails. Input validation, output filters, refusal on out-of-scope prompts, and a review queue for low-confidence or high-stakes outputs. The model works inside a fence, not in the open field.
- Run an algorithmic impact assessment and keep it current. PL 2338 obligates high-risk operators to assess, document, and monitor continuously. Tie the assessment to each model version and treat it as a living document.
If you build one control first, put a named human on every consequential decision and log the override. It is the cheapest thing to ship and the first thing a regulator asks to see.
Human oversight and the audit trail
Human oversight and the audit trail are the two mechanics that separate a defensible regulated AI product from a lawsuit. Oversight means a named human sees the model's recommendation and the inputs behind it, can override it, and has that override recorded. The audit trail means any past decision can be reconstructed later. Which model version, which prompt, which data, which human signed off.
This is what PL 2338 formalizes. High-risk operators have to maintain governance structures, run conformity and algorithmic impact assessments, and monitor systems continuously, with the ANPD set to coordinate the national AI governance system under the bill.
The failure this prevents is the one that ends ventures. A team ships an opaque model that makes a consequential call. A court or the ANPD asks it to explain a single output. It cannot. No record, no human accountable, no explanation. The oversight and audit build is exactly what lets you answer that question with a document instead of a shrug.
Designing for LGPD and PL 2338 risk tiers
LGPD is enforced today. PL 2338 is coming. Build for both now and you are not caught out when the AI bill passes.
LGPD governs personal data, and the ANPD is the enforcer. Article 20 gives the automated-decision-review right. Article 52 sets the sanctions, up to 2% of Brazilian revenue capped at R$50 million per infraction. These are live obligations, not future ones.
PL 2338/2023 is the AI-specific bill. The Senate approved it on December 10, 2024. It then moved to the Chamber of Deputies, where a special commission of 33 members was created on April 4, 2025, with Deputy Aguinaldo Ribeiro as rapporteur. As of mid-2025 it was awaiting the rapporteur's opinion under a priority regime, with public hearings underway. Verify the current status at publish time, because the bill is in active movement.
The practical consequence is simple. Map your feature to a risk tier, then build the controls that tier demands. A credit-scoring assistant is high risk and needs an impact assessment, human review, and a full audit trail. An internal document-drafting copilot that touches no personal data and makes no consequential decision is low risk and can ship lean. Spending high-risk effort on a low-risk feature is its own kind of failure.
AI use among Brazilian industrial companies with 100 or more employees rose from 16.9% in 2022 to 41.9% in 2024. As adoption scales into decisions that affect people, the ANPD's enforcement surface scales with it.
— IBGE, 2024
How compliance work becomes a moat and a dataset
The compliance build is not pure cost. Done right, it becomes the same proprietary asset that powers the copilot to data to fund flywheel. Every logged decision, every human override, every reviewed output is labeled data about how experts actually make calls in this vertical. A generalist competitor scraping public data cannot reproduce it. See how the copilot to data to fund flywheel turns that usage into capital.
The loop runs the same way under regulation. The copilot generates decisions and human corrections. Those corrections are proprietary training and evaluation data. That data sharpens the model and builds a domain-specific evaluation set no competitor holds, which is the real point of how domain evals become the moat. The evals and the audit-ready record become the defensibility, and the traction supports the raise.
Regulatory scar tissue compounds in the same direction. Domain operators with 10+ years of Brazilian-market scar tissue know which controls a regulator actually checks, not just what the statute says. That is the difference between a product that passes an audit and one that improvises during one, and it is an edge a generalist cannot cross by reading the law.
Failure modes: automating a decision you must defend
The headline failure mode is automating a consequential decision the venture cannot defend. A team ships an opaque model that approves, denies, prices, or scores a person, with no human accountable and no audit trail, then cannot explain a single output to a regulator or a court. That is not a bug. It is the event that gets the product ordered offline and the fine issued.
The rest of the failures are quieter and just as expensive.
- Retrofitting LGPD rights after launch. Access, deletion, and automated-decision review get pushed to a later sprint. Then a data-subject request or an ANPD inquiry arrives and there is no flow to serve it.
- Measuring the wrong thing. The team optimizes model accuracy on a generic benchmark and never builds the domain eval that reflects how a regulator judges a decision. Accuracy is not defensibility.
- Vendor and model dependency. A single closed model with no logging of prompts and versions means an upstream change silently alters decisions, and there is no record of the old behavior.
- Over-automation for its own sake. Removing the human from a decision to save cost, in a vertical where the human is precisely what makes the decision defensible.
- Treating the model as the moat, which is the AI wrapper trap. The model is rentable by anyone. The moat is the proprietary decision data, the domain evals, and the audit-ready workflow the compliance build creates.
How Avante builds in judicial and insurance domains
Avante Ventures is a venture studio building AI-native companies in Brazil and Latin America, and the portfolio shows this playbook running in regulated verticals, described by domain. In judicial-asset valuation, an AI-native platform scores and values judicial credits, a domain where every consequential call has to withstand legal scrutiny and the documented record is the product. In insurance risk scoring, an async pricing and risk API operates where regulators, actuarial standards, and data-protection law all bear on a single output.
In both, the constraint is identical. The model recommends, a qualified human is accountable, every decision is logged, and the regulatory knowledge of 10+ years of Brazilian-market scar tissue is the part a generalist cannot copy. That is regulatory complexity turned into an edge, paired with a Silicon Valley playbook and first-ticket capital assembled on day one. Avante launches 3-4 ventures per year through its six-stage system of Research, Partner, Build, Traction, Revenue, Compound, deploying $500K-1.5M per venture, so the compliance and data plumbing gets solved once and reused. That routes roughly $300K-500K of effective capital per venture into product rather than overhead. Read the thesis at /why-avante.
The lesson holds across every regulated build. The teams that lose are the ones that automate the decision and hope no one asks. The teams that win can hand over the record, name the human who signed off, and explain the output. In a regulated vertical, being able to answer that question is the product.
Frequently asked questions
- What changes when shipping AI in regulated industries?
- Shipping AI in regulated industries changes what you must be able to prove, not whether you can ship. You need explainability, a named human accountable for any consequential decision, an audit trail of every model input and output, and LGPD-compliant data handling from day one. The build carries these constraints before the first line of product code.
- Does LGPD apply to AI features in Brazil?
- Yes. LGPD governs any AI feature that processes personal data in Brazil, and the ANPD enforces it. Article 20 gives people the right to request review of a decision made solely by automated processing, and Article 52 sets fines of up to 2% of Brazilian revenue, capped at R$50 million per infraction.
- How does PL 2338/2023 affect shipping AI in regulated industries?
- PL 2338/2023 is Brazil's AI bill, approved by the Senate in December 2024 and now in the Chamber of Deputies. It uses an EU-AI-Act-style risk tiering that prohibits excessive-risk systems and imposes impact assessments, human oversight, and continuous monitoring on high-risk systems such as credit, recruitment, education, and public services. Verify the current status at publish time, since the bill is in active movement.
- How do you keep a human in the loop on an AI decision?
- Have the model recommend or score, then require a named, qualified human to confirm or override before the decision affects a person, and log that action as a first-class event. This is the single control a regulator checks first and the cheapest one to build. It is also what turns an opaque automated call into a defensible one.
- How does compliance work become a competitive moat?
- Every logged decision and human override is proprietary, labeled data about how experts make calls in a regulated vertical, which powers the copilot to data to fund flywheel. A generalist scraping public data cannot reproduce it. The domain evals and audit-ready record it produces become defensibility no off-the-shelf model holds.
Want more? Get one essay per week on venture building, AI-native businesses, and the Brazil opportunity.
Browse the Library →