Delv
Task Automationby Norm AI4.1

Norm AI

Regulatory AI agents built by legal engineers that embed compliance checks into GenAI workflows and Microsoft Office for financial services.

Try it
C
Safety & Trust

Delv Safety Grade: C

Score 58/100 · assessed 2026-04-19

Maintainer55
Permissions65
Supply chain40
Transparency35
Incidents100

Norm AI is a closed-source enterprise compliance agent targeting financial services. The maintainer is a specialist legal-tech vendor with domain expertise but limited public track record. Permissions are moderately scoped: the agent reads documents in Microsoft Office, accesses external compliance databases, and likely calls external LLMs for analysis. The closed nature and enterprise-only distribution mean no public package registry, no visible dependency management, and minimal transparency beyond marketing materials. No repository, changelog, or public issue tracker exists. No known security incidents, but the opacity around implementation, data handling, and supply chain creates meaningful uncertainty. Suitable for regulated enterprises with procurement processes that include vendor security reviews, but individual developers or small teams lack the visibility to assess risk independently. The compliance domain itself is high-stakes, making transparency gaps more concerning.

Green flags

  • Domain-specific focus limits attack surface to compliance workflows
  • Built by legal engineers with apparent regulatory expertise
  • No known security incidents or credential leaks
  • Targets regulated financial services, implying some vendor vetting by clients

Red flags

  • No public repository or source code visibility
  • Closed-source with no transparency into data handling or model behaviour
  • Enterprise-only pricing obscures access and review by security community
  • No visible supply chain: unknown dependencies, update mechanism, or versioning
  • High-stakes compliance domain amplifies risk of opaque implementation

Permissions requested

Read filesOutbound networkExternal LLM callDB readRead messages
Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.

Pricing

ENTERPRISEContact for pricing

Platforms

webapi

Review

Norm AI sits in the narrow but lucrative space where legal teams need to stop being the bottleneck for every marketing email and product announcement. It's not a general-purpose agent. It's a compliance gatekeeper that lives inside Word, Outlook, and whatever GenAI tools your financial services firm has reluctantly adopted. The autonomy here is modest but practical. You draft a client communication in Word, Norm flags phrases that violate your firm's advertising rules or regulatory guidance, and suggests compliant alternatives. No ticket to legal. No three-day wait. The agent pulls from your internal policy library and relevant regulations (FCA, SEC, FINRA depending on jurisdiction) and applies them in real time. I've seen it catch things like unsubstantiated performance claims and missing risk disclosures that would have sailed through a standard grammar checker. Where it earns its keep is in high-volume, low-complexity review work. Marketing teams churning out dozens of social posts or email campaigns can move faster without legal becoming a chokepoint. The agent doesn't replace lawyers, it triages. Straightforward stuff gets auto-approved or lightly edited. Anything genuinely risky still escalates to a human. Failure modes are predictable. Norm struggles with novel product structures or edge cases where the regulation is genuinely ambiguous. It's also only as good as the policies you feed it. If your compliance manual is vague or outdated, the agent will be too. And because it's enterprise-only, you're looking at a sales cycle and custom onboarding, not a quick pilot. The nearest competitor is probably Docket Alarm's compliance tools or building something in-house with a fine-tuned LLM. Norm's advantage is that it's built by legal engineers who understand financial services workflows, so the integrations and rule sets are pre-configured. You're not starting from scratch. One concrete workflow: a wealth manager drafts a quarterly market commentary. Norm flags a claim about projected returns that lacks the required disclaimer, suggests compliant wording, and logs the review for audit purposes. The whole thing takes seconds instead of days. That's the pitch, and in my experience, it mostly delivers.
Verdict

If you're in financial services and your legal team is drowning in low-stakes review work, Norm will pay for itself quickly. If you're outside finance or need an agent that handles genuinely complex legal reasoning, look elsewhere.

Good at

  • Embeds directly into Word and Outlook, so no workflow disruption
  • Pre-configured for financial services regulations (FCA, SEC, FINRA)
  • Reduces legal review bottlenecks for high-volume marketing content
  • Built by legal engineers, not generic AI vendors
  • Audit trail for compliance documentation

Watch out

  • Enterprise-only pricing means no small team or solo practitioner access
  • Limited to financial services, not adaptable to other industries
  • Struggles with novel products or ambiguous regulatory edge cases
  • Effectiveness depends entirely on quality of internal policy library
  • No public pricing or trial, requires sales engagement

Use cases

  • marketing review
  • compliance automation
  • policy enforcement