Reference Architecture

7-layer architecture for enterprise AI agents. Governance as cross-cutting layer through all layers.

Discuss Architecture
Architecture stack diagram showing Agents, Governance, and Infrastructure layers

Overview

The Gosign Reference Architecture describes the technical structure for enterprise AI agents. It consists of seven layers, with the Governance layer spanning all others as a cross-cutting concern.

Reference Architecture: 7 layers with Governance as cross-cutting layer – LLM APIs, Decision Layer, Agent Runtime, Integration Layer, Enterprise Systems

Layers in Detail

1. Presentation Layer

The interface between system and user. No business logic, no decisions -- only display and input. Chat UI (web-based, PWA-capable), Dashboard (status overview for agents, workflows, escalations), Auditor Portal (read-only access for auditors), REST API (machine-readable interface).

2. Orchestration Layer

Coordinates data flow between agents, systems, and users. n8n or Camunda (open-source workflow engine), API Gateway (unified entry point with rate limiting, authentication, logging), Workflow Engine (state-based workflows with escalation, retry, timeout), Queue (asynchronous processing for batch operations).

3. Agent Layer

Specialized AI agents performing professional tasks. Document Agents read, understand, and process documents with genuine language comprehension. Workflow Agents orchestrate processes across systems. Knowledge Agents deliver context-based answers from enterprise knowledge with source citation and rule version.

4. Decision Layer

The central governance component. Rules Engine: Professional rule sets, versioned and traceable. Confidence Routing: Automatic assessment of decision certainty. Human-in-the-Loop: Architecturally enforced human review for defined decision types. Audit Trail: Complete, immutable documentation of every decision.

5. Model Layer

The LLM layer. Interchangeable, model-agnostic, decoupled from business logic. Supported: Claude (Anthropic), ChatGPT (OpenAI), Gemini (Google), Llama (Meta), Mistral, DeepSeek, gpt-oss. An agent can use multiple models. The Model Layer is interchangeable -- new models integrate without changing layers above.

6. Integration Layer

Connection to existing enterprise systems. Supported: SAP FI/CO, SAP S/4HANA, SAP SuccessFactors, Workday, DATEV, SharePoint, Microsoft Teams (via Microsoft Graph), and others via REST/SOAP interfaces. Agent logic is decoupled from the target system.

7. Infrastructure Layer

The deployment foundation. Azure (EU), GCP (EU), Self-Hosted, or Hybrid. All layers above remain identical -- regardless of deployment model.

Decision Layer -- Decision Flow

┌──────────┐    ┌──────────────┐    ┌────────────────┐
│  Input   │───>│  AI Agent    │───>│ Decision Layer │
│(document,│    │  analyzes,   │    │                │
│ query)   │    │  understands,│    │  Check rules   │
└──────────┘    │  evaluates   │    │  Assess conf.  │
                └──────────────┘    │  Route decision│
                                    └───────┬────────┘
                                            │
                              ┌─────────────┴──────────────┐
                              │                            │
                     ┌────────▼────────┐        ┌──────────▼──────────┐
                     │ Autonomous      │        │ Human-in-the-Loop   │
                     │ High confidence │        │ Bias risk           │
                     │ Low risk        │        │ Low confidence      │
                     │ No constraint   │        │ Constraint active   │
                     └────────┬────────┘        └──────────┬──────────┘
                              │                            │
                     ┌────────▼────────────────▼────────┐
                     │         Audit Trail              │
                     │  Input · Model · Rule ·          │
                     │  Assessment · Result ·           │
                     │  Timestamp                       │
                     └──────────────────────────────────┘
                              │
                     ┌────────▼────────┐
                     │  Target System  │
                     │  SAP · DATEV ·  │
                     │  SuccessFactors │
                     └─────────────────┘

Design Principles

Model-agnostic: No vendor lock-in to a single LLM. Models are interchangeable.

Infrastructure-agnostic: Same architecture on Azure, GCP, Self-Hosted, or Hybrid.

System-agnostic: Agent logic is decoupled from target system. Posting logic separated from export.

Governance by Design: Audit trail, RBAC, Decision Layer, and Human-in-the-Loop are architectural components -- not optional features.

Cert-Ready by Design: Controls are first-class data objects with automatic evidence generation.

Ownership: The client owns the complete source code, all prompts, and all rule sets. After 12--18 months, the client operates the agents independently.

Frequently Asked Questions about the Architecture

Why a custom architecture instead of standard LLM APIs?

Standard LLM APIs provide language understanding but no governance, no audit trail, no tenant isolation, no role concept. The Gosign architecture is the layer between LLM and enterprise system that adds exactly that.

Is the architecture model-agnostic?

Yes. The Model Layer is interchangeable. Currently supported: Claude, ChatGPT, Gemini, Llama, Mistral, DeepSeek, gpt-oss. New models are integrated without changing the layers above.

Can the architecture run on-premises?

Yes. The Infrastructure Layer supports Azure, GCP, Self-Hosted, or Hybrid. The layers above remain identical -- regardless of deployment model.

Discuss Architecture in Detail

We will show you how the 7-layer architecture works for your use case.

Book a Meeting