Why Archilu
The sovereign context layer for regulated EU institutions
Archilu is an enterprise architecture repository built for regulated finance in Europe. It gives you one governed model of your information system — and keeps it where you control it. This page explains what makes Archilu different, stated as our own principles, and is honest about what the platform is and is not.
Sovereign by design
Archilu is hosted in the European Union or deployed on-premise, so the platform and your architecture data run within infrastructure you control. You decide where the data lives; it stays within the European legal framework.
The regulatory context layer
One governed model of your capabilities, applications, data, third parties and dependencies — the single source your DORA, NIS2, CSSF and EU AI Act work draws evidence from, instead of scattered spreadsheets.
Unlimited users
The licensing model includes unlimited users, so business, IT, risk and compliance teams can all work from the same model — no per-seat barrier to a shared view. See /pricing for the detail.
Multilingual, natively
Native French and English, with German and Luxembourgish available — built for institutions that operate across European languages and jurisdictions.
From a repository to a context layer
One governed model, reused everywhere evidence is expected.
Most regulatory work in finance asks the same underlying question: what do you have, how does it connect, and who depends on what? Archilu answers it once. You build a governed model of your capabilities, applications, data, third parties and dependencies — and keep it current — so it becomes the shared context your teams reuse.
When operational-resilience work under DORA, security work under NIS2, supervision by the CSSF, or risk-mapping for the EU AI Act needs an up-to-date picture of the information system, it draws from the same model rather than starting from scratch. That is what we mean by a regulatory context layer: a single, governed source of architecture truth that your compliance and risk activities can lean on.
Sovereignty you can verify
EU hosting or on-premise — data residency you control.
Archilu is operated from Luxembourg with EU hosting, or it can be deployed on-premise so the platform runs entirely within infrastructure you control. In either model, your architecture data stays under your control and within the European legal framework.
For the full detail of our security and data-protection posture — including an honest statement of the certifications we do and do not currently hold — see security & compliance.
What Archilu is — and is not
Honest framing, so you know exactly what you are buying.
Archilu is an enterprise architecture repository and a documentation and evidence aid. It helps you build, govern and keep current the model of capabilities, applications, data, third parties and dependencies that regulatory frameworks expect you to be able to produce and evidence.
Archilu is not a compliance certification, a control library, or legal, regulatory or compliance advice, and it does not, on its own, make any organisation compliant. The obligations that apply depend on your specific entity, sector and scope, which you should confirm with qualified legal and compliance advice. We describe a certification as held only once it has actually been obtained.
See where you stand, then see Archilu
Start with a free read on your current maturity, book a tailored demo, or review our security posture in detail.