AI Operating Layer for the Enterprise: Sycamore vs Alomana vs NeoCognition vs Tonkean vs Knowlee

In the eighteen months between October 2024 and April 2026 a new product category quietly congealed in the enterprise software market. It did not arrive with a single Gartner Magic Quadrant or a defining acquisition; it arrived as a chorus of identically-worded landing pages.

Sycamore, funded with a $65M seed round from Coatue and Lightspeed in March 2026, calls itself "the trusted Agent OS for the enterprise". Alomana, funded with €4M from Italy's state-backed CDP Venture Capital, calls its product "the AI operating layer for enterprise" and is currently deployed across Italian financial services, manufacturing, and pharma. NeoCognition raised $40M to build "self-learning agents" and sells the same operating-layer narrative to US enterprises and SaaS vendors. Tonkean reframed its long-running process-orchestration platform as an "AI operating layer for procurement and legal". Lindy and Relevance AI position closer to the no-code-builder end. Domyn and Noxtua sit in the EU-sovereign-AI corner with foundation-model ambitions. Workato, Tray.io, Zapier, and n8n watch from the iPaaS bench, watching the category form around them.

Knowlee — the product behind this guide — has been quietly running in production across eight verticals for the duration of the period the rest of the market spent pitching the deck.

This piece is not a product page. It is the answer for a buyer who has Googled ai operating layer or agent os for enterprise and found an indistinguishable wall of homepages, each promising the same thing in slightly different fonts. The goal is to separate the category-definition exercise (what an AI operating layer actually is, and what the six properties are that distinguish a real one from a slide deck) from the vendor exercise (Sycamore vs Alomana vs NeoCognition vs Tonkean vs Knowlee, honest about strengths and gaps), and to give a CIO or COO enough framework to choose one in an hour rather than three months.

We will be honest about where Knowlee is stronger and where it is not. The pillar is the SEO counter-position, but the underlying argument has to land independently of which vendor a buyer picks — otherwise the argument is marketing copy.

What is an AI operating layer?

The phrase has been used three different ways in 2025-2026 marketing copy. The differences matter.

The wrong definition: "an AI operating layer is a chatbot for the enterprise." Implicit in any homepage that talks about an operating layer and then shows a chat as the only interaction surface. A chatbot is a single channel; an operating layer governs many channels at once.

The partial definition: "an AI operating layer is an orchestration tool that wires together AI models, vector databases, and APIs." Closer — it captures the technical shape but misses the governance shape. Orchestration without an audit trail and risk classification is a developer framework, not an enterprise-ready platform.

The working definition: an AI operating layer is the software that runs a fleet of AI agents as a single coherent, observable, and auditable system across multiple business domains, with the same kind of operational primitives a Linux distribution provides for a fleet of processes. It schedules work. It assigns identity and permissions. It logs every call. It surfaces what is running, what is queued, what failed. It produces an audit trail by default rather than as an enterprise-tier upsell. It works across domains (Sales, Legal, HR, Operations, Finance, Marketing) rather than being bolted onto one department's CRM or ITSM tool.

We use the working definition throughout. Under it, the operating layer is the answer to a question every enterprise asked itself between 2023 and 2026: "we now have seventeen AI tools and forty-eight automations, and nobody can tell me what is running, why, who approved it, what data it touched, or whether it shipped what it was supposed to ship — what should we put on top of all of this?"

The metaphor is intentional. Substitute "AI agents" for "processes" and "knowledge graph" for "file system" and the operating-system analogy holds. Competitors converged on the same language within twelve months because no smaller frame captures the operational reality.

What the layer is not:

Not a single AI assistant. Microsoft Copilot, Glean, Moveworks, ChatGPT Enterprise, Notion AI are vertical assistants. They live inside an operating layer; they are not the layer.
Not an iPaaS. Zapier, Workato, Tray.io, n8n, and Make route data between systems; they do not govern AI agents, schedule them, or maintain a knowledge backbone across them. An operating layer can use an iPaaS as an execution surface; the iPaaS cannot become the layer by adding a chat input.
Not a multi-agent framework. LangChain, LangGraph, CrewAI, AutoGen, and Pydantic AI are developer frameworks. A framework with no audit trail, no kanban, no risk classification, and no human-oversight metadata is a starting kit.
Not a knowledge graph or RAG product. Glean, Vellum, and Cohere ship retrieval primitives. The operating layer uses a knowledge graph but is not reducible to one.

Why this category emerged in 2025-2026

The category's inception story is short and worth understanding, because it tells you which of the cohort are surfing the wave and which are riding it.

2022-2023: generative-AI infrastructure boom. OpenAI, Anthropic, Cohere, Mistral, and Google shipped foundation models cheap and reliable enough that every enterprise software vendor on Earth retrofitted "with AI" to its product name within twelve months.

2023-2024: single-purpose AI agents proliferate. Every department built its own copilot. Sales bought 11x or Artisan. Legal bought Harvey or Spellbook. Procurement bought Vertice or Levelpath. Marketing bought Jasper or Writer. Customer service bought Sierra or Decagon. Finance bought Rogo or Numos. The typical 500-person enterprise had between five and twelve AI agents in production by end of 2024, each bought independently, each with its own login, billing, audit trail, and (often) its own foundation-model contract.

Late 2024 to mid-2025: the fragmentation cost hits. CIOs and COOs noticed three things at once. The shadow-AI bill came in materially higher than budget. The audit-trail problem hit: when an auditor asked "which AI made this decision and on what data", the answer required reconciling 5-12 separate logs with no shared schema. And every agent had built its own implicit graph of customers, suppliers, and documents, diverging from each other and from the system of record.

Mid-2025 to early 2026: VCs pattern-match. Seed-stage investors who had funded ten Sales-AI startups in 2023 heard the same line in every customer call: "we don't need another vertical AI, we need something to run the ones we already have." Tonkean repositioned. Sycamore launched with the language pre-baked. Alomana raised CDP Venture money on the Italian version. NeoCognition took the US-enterprise version. The wave of operating-layer homepages went live in a six-month window.

Mid-2026 onward, where we are: differentiation begins. The next twelve months are about which of the operating-layer pitches actually have an operating layer underneath, versus which are vertical AI agents wrapped in a category-renaming exercise. The six properties below are how a buyer can tell.

The reason the EU AI Act matters here is timing. The Act's substantive obligations on high-risk AI systems land in 2026-2027. Any operating layer designed before 2025 has to retrofit AI Act-shaped governance metadata onto a non-governed core. Any operating layer designed in 2025 or later can treat governance as a default. Knowlee's job-registry design — risk level, data categories, human-oversight required, approver, and approval timestamp per CLAUDE.md — is one expression of the latter approach.

The six properties of a real AI operating layer

What follows is the framework. These six properties are how an operator distinguishes a real operating layer from a category-renaming exercise. They are deliberately concrete: each one corresponds to a question you can ask in a vendor demo, and each one has a passable answer that is actually a non-answer. Train yourself to spot the non-answers.

Property 1: Multi-tenancy, battle-tested

The question: "How many distinct customer or business-unit deployments are running on this operating layer in production today, and how isolated are they from each other?"

The non-answer: "Our architecture supports multi-tenancy."

The answer that matters: a count of deployments with named verticals or named business units, combined with a description of the isolation primitive. "We run eight verticals in production, each with a separately-isolated database tenant" is a different statement from "we are designed to support multi-tenancy."

The reason this matters: an operating layer that has run only one workload has not encountered the operational realities that emerge when one tenant's slow query, runaway cron, or misbehaving agent threatens to take down a sibling tenant's production work. Concurrency isolation, billing isolation, audit-log isolation, and database isolation are problems whose solution looks the same in PowerPoint and very different in production.

Property 2: Auditability and governance metadata, by default

The question: "Show me the metadata that travels with every job, every execution, every model call. What is the risk classification, who approved it, what data categories it touched, when human oversight is required."

The non-answer: "We have an enterprise-tier audit log add-on."

The answer that matters: governance fields are part of the core schema, populated for every execution from day one, and exposed in the user interface — not behind a paywall, not bolted on for procurement. AI Act-shaped fields specifically: risk level (minimal / limited / high / unacceptable), data categories (PII / sensitive PII / financial / health / employment / public), human-oversight required (boolean), approver, approval timestamp. A buyer's audit team should be able to read these without help from the vendor.

The reason this matters: governance retrofitted onto a non-governed core is qualitatively different from governance designed into the schema. You can tell which is which by asking the vendor to show you the database. If they have to redact half of it before showing it, the governance is a UI overlay.

Property 3: Multi-agent orchestration with state

The question: "When agent A's output feeds into agent B's input, who maintains the state? What happens when agent A times out, fails, or has its work paused for human review? Where does the conversation across agents live?"

The non-answer: "We use [framework] under the hood."

The answer that matters: a description of the kanban or queue or state machine that holds the work of every agent and every job. In a real operating layer, each agent's work is a row on a board. Operators see what is running, what is waiting for review, what is finished. The state is durable. The conversation is recoverable. A failed run can be resumed without losing the prior agent's output.

This is the difference between a developer framework (where state is the developer's problem) and an operating layer (where state is the platform's responsibility).

Property 4: Knowledge-graph backbone

The question: "Where does the cross-domain knowledge live? When a Sales agent learns something new about a customer, how does the Customer Success agent find out?"

The non-answer: "We have a vector database for retrieval."

The answer that matters: a graph — typically Neo4j or an equivalent — that holds entities (people, companies, deals, documents, signals) and relationships (works-for, owned-by, sourced-from, follows-from), and that every agent both reads from and writes to. The graph is the cross-vertical memory. It is the reason an agent in Marketing can know that the lead it just enriched is the same person the Sales agent talked to last week and that the Customer Success agent flagged a churn risk on three months ago.

A vector database is good at "find me text similar to this query". A knowledge graph is good at "tell me what we know about this entity and how it connects to other entities we care about". The two are complementary, and a real operating layer ships with both. The category-renaming exercise ships with neither, or ships with the vector database and calls it a graph.

Property 5: MCP / protocol-native interoperability

The question: "When I want to swap out the search backend, the database, or the foundation model, how hard is it? When I want to add a new tool, what does that take?"

The non-answer: "We have a partnership with [vendor]."

The answer that matters: a description of the protocol layer — almost certainly the Model Context Protocol (MCP) standard published by Anthropic in late 2024 and widely adopted across the industry by 2026 — and a documented routing cascade that says which tool is tried first, which is tried second, and which is the fallback. A real operating layer treats foundation models, vector databases, search providers, scrapers, and integration platforms as plug-replaceable surfaces behind a standard protocol. The cascade is the explicit map of which surface is tried first.

The reason this matters: the alternative is lock-in. A vendor that cannot answer this question has built a closed managed service, and the buyer's exit cost is the reimplementation cost. With fabric-native interoperability, the buyer's exit cost is the configuration cost — orders of magnitude lower.

Property 6: Production-tested across multiple verticals

The question: "Which industries and which use cases is this operating layer in production for, today, with paying customers? How long has each one been running?"

The non-answer: "We are vertical-agnostic."

The answer that matters: a list of named verticals or industries with months-or-years of production runtime. An operating layer that has only run B2B-SaaS sales workloads has not yet been stressed by the failure modes that emerge in HR (privacy-sensitive personal data), Legal (highest stakes audit trail), Finance (regulatory-bounded reasoning), Operations (cross-departmental coordination), Marketing (creative-asset volume), or regulated industries (sovereign-data residency).

A vendor with one vertical in production and four verticals on a roadmap is honest. A vendor with one vertical in production and four verticals "supported" is not. Ask for the runtime; ask for the number of executions per month; ask for the audit-log volume.

Comparison: Sycamore vs Alomana vs NeoCognition vs Tonkean vs Knowlee

The table below scores each vendor against the six properties on the framework above. It is the honest version: where a competitor is genuinely stronger we say so, where Knowlee has gaps we name them.

A brief on each vendor before the table:

Sycamore (sycamore.so) — US-based, $65M seed from Coatue and Lightspeed (March 2026). Positions as the "Trusted Agent OS for the enterprise". Closed-managed-service model, US-tilted go-to-market, technical-buyer audience. Domain authority ~18 as of April 2026; pre-revenue or early-revenue per public signals. The most architecturally analogous competitor to Knowlee in the US market.
Alomana (alomana.com) — Italian Milan-based, €4M seed from CDP Venture Capital (Italy's state-backed fund of funds). Positions Alo as "the AI operating layer for enterprise". Deployed across Italian financial services, manufacturing, and pharma. The closest direct positional competitor to Knowlee in the Italian market.
NeoCognition (neocognition.ai) — US-based, $40M seed. Positions around "self-learning agents for enterprises and SaaS". Less explicit about the operating-layer framing than Sycamore but operates in the same architectural space. Publicly less well documented than the other four; the table marks several cells "n/o" (not observed) accordingly.
Tonkean (tonkean.com) — US-based, longer-running than the seed-stage cohort. Repositioned in 2025-2026 as "the AI operating layer for procurement and legal". Strongest published wedge story among the cohort: the procurement-cum-legal cross-functional use case. Production-tested in named US enterprises.
Knowlee (knowlee.ai) — EU-based (Italian-anchored), eight verticals in production (4Sales, 4Talents, 4Marketers, 4Legals, 4Projects, 4Procurement, 4Finance, 4Operations). fabric-native, kanban + automation-registry + Knowledge Graph + RAG Brain architecture, AI Act-shaped governance metadata in the open jobs.json registry. Selected components are open-source under github.com/KnowleeAI.

Property	Sycamore	Alomana	NeoCognition	Tonkean	Knowlee
1. Multi-tenancy	"Designed for multi-tenancy"; production deployments not publicly disclosed at scale	Italian financial / manufacturing / pharma deployments named; tenant count not public	n/o publicly	Multi-tenant in production for procurement + legal in named US enterprises	Eight named verticals in production (4Sales, 4Talents, 4Marketers, 4Legals, 4Projects, 4Procurement, 4Finance, 4Operations) — per-vertical Supabase isolation
2. Auditability + governance	Trust-and-safety language in marketing; field-level metadata not publicly documented	Compliance posture aligned with Italian regulated-industry deployments; AI Act metadata not publicly documented	n/o publicly	Strong process-governance heritage from pre-pivot platform; AI Act-specific fields not surfaced publicly	AI Act-shaped fields (risk level, data categories, human-oversight required, approver, and approval timestamp) in the open jobs.json registry — visible in the kanban without an enterprise tier
3. Multi-agent orchestration	Yes — agent-OS framing implies state-management primitives; specifics not public	Yes — Alo is the named orchestration product	Self-learning-agent framing implies state; specifics not public	Yes — process orchestration is the original Tonkean strength	Yes — kanban + jobs-runner + workspace manager; every agent's work is a row on the board; state is durable; failed runs are recoverable
4. Knowledge-graph backbone	Not publicly documented as a graph product; appears closer to managed-RAG	Not publicly documented as a graph; vector-RAG implied	n/o publicly	Process-graph oriented (workflows-as-graph), not entity-graph oriented	Neo4j-based "Enterprise Brain" via memoryGraph MCP; cross-vertical entity + relationship store; every vertical reads and writes
5. MCP / interoperability	Closed managed service; no public MCP routing cascade documented	Closed managed service; no public MCP routing cascade documented	n/o publicly	Strong API + integration heritage; MCP support roadmap-stage	fabric-native with documented routing cascades (scraping, search, database, graph) per CLAUDE.md §MCP Routing Cascades; selected MCP servers open-sourced
6. Production-tested verticals	1+ vertical in production (early); broader claims aspirational	3+ verticals named (financial / manufacturing / pharma); seed-stage maturity	n/o publicly	2 verticals strongly (procurement + legal); broader claims thinner	3 verticals in production simultaneously across one shared Brain — each a different workload shape

A buyer reading this honestly should notice three things. First, on properties 4, 5, and 6, Knowlee is materially differentiated. The Knowledge Graph + RAG Brain is the cross-vertical memory; the tool-orchestration fabric is the interoperability moat; eight production verticals on one OS is a quantitative claim not approximated by any of the other four. Second, on properties 1 and 3, Knowlee is competitive but not lonely — Sycamore and Tonkean both compete credibly on multi-tenancy and orchestration. Third, on property 2, Knowlee has the most defensible position publicly because the governance metadata is in the open jobs.json file, not in an enterprise-tier upsell — but the competitors are not publicly contradicted, which means a buyer doing diligence has to verify each one's claim individually.

Where Knowlee is genuinely behind: certifications. Noxtua (a peer in the EU-sovereign-AI cluster) ships with ISO 27001, ISO 42001, and BSI C5. Knowlee does not yet hold these certifications. For a buyer in regulated industries where the procurement office requires the cert sticker, this gap is real. The corresponding Knowlee posture is "we ship the underlying compliance story (per-vertical data isolation, EU residency, AI Act-shaped governance fields, open automation registry) and we are scheduled to certify in [timeframe]" rather than "we have the cert today". A buyer who needs the sticker today should know this; a buyer who can let the substantive controls precede the cert paperwork will get those controls.

The audit-trail wedge

This section runs deepest, because the audit trail is the property that compounds in the buyer's favour over time and is the one closed-source seed-stage competitors cannot match without rebuilding their core.

The EU AI Act's high-risk-system obligations land in 2026-2027. The substantive requirements include a lifecycle risk-management system, data-governance documentation, technical documentation that lets authorities verify compliance, automatic logging of events through the lifecycle, transparency to deployers, human oversight measures, and accuracy / robustness / cybersecurity guarantees. These are obligations, not aspirations. Failure exposes the deployer (typically the enterprise customer, not the AI vendor) to fines up to 7% of global annual turnover.

This changes vendor-selection calculus in a specific way. Pre-2026, the question was "does this vendor have a SOC 2 Type II?" Post-2026, the question is "when an AI Act audit asks which AI made this decision, on what data, with what risk classification, and who approved it — can this vendor produce the answer in machine-readable form, on demand, for every execution in the past 24 months?"

The answer separates operating layers into two camps:

Camp A: governance is an enterprise-tier upsell. The core does not capture risk classification, data categories, human-oversight requirements, or approval metadata at the execution level. To get those, the buyer pays for an enterprise tier that bolts on a "compliance module" — typically an enrichment layer on top of the execution log, with the schema-drift hazards that implies. When an audit asks for two-year-old data, the answer is "we have logs, but the compliance enrichment was added later".

Camp B: governance is in the core schema. Every job declares its risk class, data categories, human-oversight requirement, and approver at registration time. Every execution inherits these. The audit log is the same log operations uses day-to-day. No enrichment, no second system, no schema drift. When the AI Act audit asks for two-year-old data, the answer is "here is the file".

Knowlee is in Camp B. The the automation registry — the single file that declares every automation — carries five governance fields per job: risk level, data categories, human-oversight required, approver, and approval timestamp. Per CLAUDE.md §"Jobs (deep dive)", these fields are not optional, not enterprise-tier, and not added after the fact. They are part of the registry schema. Every execution inherits them. The audit trail is state/jobs/logs/<id>_<timestamp>.log plus the structured outputs in the structured report store.

The competitive implication is sharp: a vendor whose core schema does not have these fields cannot retrofit them in a way that satisfies an audit covering a period before the retrofit. They can produce compliant logs from today forward, but the gap between today and the AI Act enforcement window for previously-deployed systems is the gap a buyer's audit team will care about.

The wedge against the cohort:

Sycamore, Alomana, NeoCognition. Closed managed services. The buyer sees the dashboard, not the schema. The default assumption a sophisticated buyer should make is that a seed-stage company built before mid-2025 did not design AI Act fields into the core, because the obligations were not the urgency in 2024.
Tonkean. Process-orchestration heritage gives strong BPM-grade approval and audit semantics for procurement-and-legal. The retrofit to AI-Act-specific fields on a pre-existing schema is straightforward but is, again, a retrofit.
Knowlee. Designed in 2024-2026 with the AI Act window visible. The governance metadata is in the file every operator looks at. The audit team can read it without vendor help.

The deeper consequence: the audit trail is not just compliance — it is operational learning. Risk classifications, approvals, human-oversight interventions are training data for improving the platform. A vendor that captures this from day one builds a feedback loop that compounds. A vendor that bolts it on later gets a one-time compliance posture but not the feedback loop. Three years out, the difference is significant.

For a CIO building a five-year AI strategy, the question is not "which operating layer has the best demo today" but "which operating layer's governance posture will be cheapest to defend to an auditor in 2028". Camp B is cheaper.

Italian-market specificity

The Italian segment of this category is small, contested, and structurally different from the US segment. It deserves its own section.

The competitive geometry. In the Italian market, the AI-operating-layer category has one publicly-positioned competitor: Alomana. Alomana raised €4M from CDP Venture Capital, Italy's state-backed fund of funds, with deployments named in Italian financial services, manufacturing, and pharma. The CDP Venture-backed origin matters because it gives Alomana a credibility moat in Italian public-sector RFPs — a CONSIP or MePA tender that lists "Italian-state-backed AI operating layer" in the bid will name Alomana, and the differentiator a competitor needs is concrete, not rhetorical.

Knowlee's counter-position to Alomana is not "we are also Italian" — that is the rhetorical answer. The concrete answer is architecture and production breadth:

Eight verticals in production versus Alomana's named-but-not-publicly-quantified deployments.
Public, open-jobs.json governance registry versus Alomana's closed managed-service posture. The buyer's audit team can read the Knowlee schema without an NDA.
fabric-native interoperability versus Alomana's apparent lock-in. The buyer can swap out the foundation model, the search backend, or the database without rebuilding.
Cross-vertical Knowledge Graph + RAG Brain versus Alomana's per-deployment knowledge structure. The Knowlee Brain accumulates across customer deployments (with appropriate isolation) so the next deployment starts from non-zero.
EU AI Act-shaped from day one rather than retrofitted onto a pre-2025 core.

The honest gap, again: certifications. Alomana, by virtue of regulated-industry deployments, almost certainly carries or is en-route to ISO 27001 and equivalent. Knowlee's certification roadmap is on the table; the certifications are not yet in hand. For an Italian public-sector RFP that requires the certification today, Alomana is ahead. For an Italian private-sector buyer evaluating substantive controls, the operating layer with eight production verticals and an open audit trail wins on every dimension that does not begin with "do you have the sticker."

The framing for an Italian buyer: Knowlee is not the AI version of an Italian incubator side-project. Knowlee is a multi-vertical operating system used in production across six business domains, designed in the EU jurisdiction, AI-Act-shaped from the ground up, with selected components open-sourced. The Italian-market specificity is real (we read and write Italian documents, we understand ISTAT indexation, CCNL labor logic, MePA tender shapes, Banca d'Italia regulatory expectations), but the architectural breadth is global.

The framing for an EU buyer outside Italy: the EU jurisdiction-anchor matters in 2026 in a way it did not in 2022. Schrems II is settled law. The US Cloud Act is now a procurement-office checklist item. EU data residency, EU governing law, EU jurisdiction for dispute resolution, EU-trained foundation models or EU-licensed access to non-EU foundation models — these are not preferences, they are requirements for an increasing share of regulated-industry deployments. Knowlee is in the EU. Sycamore and NeoCognition are not.

Why we open-sourced parts of the stack

Transparency is one of the load-bearing differentiators in the table above, so it is worth being concrete about it.

The Knowlee stack ships selected components as open source under github.com/KnowleeAI. The list at time of writing includes utility libraries, MCP server implementations for the verticals where the protocol-level interface adds more value as a standard than as a moat, and reference patterns for the kanban + automation-registry architecture.

The strategic logic, unusual in the seed-stage cohort:

Open-source is the transparency signal closed-source competitors cannot match. A buyer evaluating Sycamore or Alomana sees a homepage and a demo. A buyer evaluating Knowlee can read the code that runs the kanban, the automation-registry schema, and the MCP routing cascades. The buyer's security team can audit the open components against the description in marketing copy. If the description matches the code, the buyer has a higher-confidence procurement decision than any closed-source pitch produces.

Open-source is the migration-path argument. The most common procurement objection in this category is exit risk: if we pick the wrong layer in 2026, what does it cost to switch in 2028? For a closed managed service, the answer is the reimplementation cost of every workflow plus data-export risk plus integration rebuild. For an fabric-native stack with open components, the workflows are MCP calls, the integrations are MCP servers, and the buyer can lift-and-shift the open layers and rebuild only the proprietary middle. Optionality has a price; this is how it gets paid.

Open-source is the credibility flywheel for the category. CrewAI, LangChain, LangGraph, and Pydantic AI extend the addressable market for the AI-operating-layer category by making the framework layer credible. Knowlee benefits from that flywheel by being in the same camp on the protocol layer (MCP) and contributing back. This is the difference between extracting from a category and building one.

The proprietary surface — what Knowlee does not open-source — is the orchestration runtime, the Brain seeding logic, and the per-vertical product layers. The split is consistent with how Stripe, Vercel, and Supabase have positioned: open at the protocol and developer-experience layer, proprietary at the runtime. A vendor fully closed at every layer is making a bet that buyers will not ask the transparency question. That bet is increasingly losing.

Buyer's framework: 8 evaluation questions

For a CTO or CIO scoping an AI operating layer, the eight questions below are the floor of due diligence. Each is designed to elicit a non-marketing answer.

1. Show me the schema for the governance metadata recorded for every execution. Tests: whether governance is in the core or an upsell. A right answer references specific field names. "We have an audit module" without fields means Camp A.

2. How many named workloads — verticals or business units — are running on this operating layer in production today, and for how long? Tests: whether multi-tenancy is theoretical or empirical. A real layer has named workloads with months-or-years of runtime; a re-branding exercise has one workload and a roadmap.

3. When agent A's output feeds agent B, where does the state live, and what happens when A fails halfway? Tests: whether this is an operating layer or a developer framework. A real layer has a kanban / queue / state-machine that is the platform's responsibility; a framework leaves state to the developer.

4. What is the cross-domain memory? When the Sales agent learns about a customer, how does the Customer Success agent find out? Tests: property 4. A real layer has a knowledge graph. A re-branding exercise has a vector database called a graph, or no shared memory at all.

5. How do I swap the foundation model, search backend, or database without rewriting workflows? Tests: property 5. A real layer has an fabric-native protocol layer with a documented routing cascade. A closed managed service treats this as a contract negotiation.

6. When an AI Act audit asks for risk classification, data categories, and approval metadata for every execution in the past 24 months — what's the response time and format? Tests: whether the audit posture is data-driven or PR-driven. The answer should be seconds-to-minutes (machine-readable export), not weeks (legal-team coordination).

7. Show me the open-source components, or explain why none exist. Tests: transparency posture. The right answer is either "here are the open repositories — read the code" or "we are fully proprietary because [substantive reason]". Neither answer means the vendor is betting on the buyer not asking.

8. What is the data-residency and jurisdiction story? Tests: regulatory readiness. The right answers are EU residency, EU jurisdiction, EU-licensed model access, with a specific country named.

The aggregate test: a vendor who answers all eight with specifics, in writing, in one document, is materially ahead of one who answers with a Calendly link to a sales engineer. The artefact is the test.

FAQ

What's the difference between AI orchestration and an AI operating layer?

AI orchestration is a sub-capability of an AI operating layer, not a synonym. Orchestration coordinates multiple AI agents, models, and tool calls to complete a workflow — typically expressed in a framework like LangGraph or CrewAI, or a no-code builder like Lindy or Relevance AI. An operating layer is the system on which orchestrated workflows run — it adds the kanban, automation registry, governance metadata, knowledge graph, multi-tenancy primitives, and tool-orchestration fabric that orchestration alone does not provide. Orchestration without an operating layer is what you build when you have one team and three agents; an operating layer is what you need when you have an enterprise and forty-eight automations.

Is Knowlee compliant with the EU AI Act?

Knowlee's architecture is designed to be AI-Act-shaped from the core: every job in the registry carries risk level, data categories, human-oversight required, approver, and approval timestamp metadata, and every execution produces an audit log inheriting that metadata. This is the substantive controls layer that the AI Act's Article 12 (logging) and Article 14 (human oversight) require for high-risk systems. Formal compliance assessment under the AI Act is per-deployment (the deployer, typically the enterprise customer, is the regulated party for most use cases) and Knowlee's role is to give that deployer the metadata and audit trail they need to satisfy their own compliance obligation. Knowlee does not yet hold an ISO 42001 certification; the certification roadmap is in flight. For a buyer who needs the formal certification today, Knowlee's posture is "the substantive controls are in production; the certification paperwork lags".

How is this different from Workato, n8n, or Zapier?

Workato, n8n, and Zapier are integration platforms (iPaaS). They route data between systems based on rules. They do not govern AI agents, do not maintain a cross-agent knowledge graph, do not classify executions by risk, do not produce AI-Act-shaped audit metadata, and do not run multi-agent state machines. An operating layer can use an iPaaS as one execution surface — Knowlee integrates n8n through its tool-orchestration fabric — but the iPaaS is a tool inside the layer, not the layer. iPaaS retrofit to AI Act-driven governance is a different and harder problem than designing it in from the start.

Can I migrate from Sycamore, Alomana, NeoCognition, or Tonkean to Knowlee?

In principle, yes. The cost depends on how much source-platform logic is expressed in re-implementable workflows versus locked behind a proprietary state model. For fabric-native source platforms the migration is mostly a configuration exercise. For closed managed services it is closer to a re-implementation. The path: (1) inventory source workflows, (2) classify them by complexity and governance criticality, (3) re-express them as Knowlee jobs with the appropriate risk level and data categories, (4) cut over per-vertical with a shadow-mode period for parity validation. Step 3 is where the AI-Act-shaped governance metadata gets attached for the first time, which is often the most valuable artefact of the migration.

What's the data-residency story?

Knowlee runs on EU infrastructure, with each vertical's data isolated in its own per-vertical Supabase project. The Knowledge Graph + RAG Brain is hosted in the EU. Foundation-model access can be configured to use EU-licensed providers (Mistral La Plateforme, Anthropic via EU-licensed routes) for deployments where US-jurisdiction model access is unacceptable. Governing law for the platform is EU; tenant-specific jurisdiction is contractable. The contrast with US-headquartered competitors is direct: their default jurisdiction is US, and EU residency for them is a configuration option rather than the default.

Is the operating layer just rebranding for "AI orchestration platform" or "AI agent platform"?

The marketing categories overlap and you should expect all three used interchangeably for the next 12-18 months. The substantive distinction is the six-property test above. A buyer who has the six properties in mind will read past the category language to the architecture. A buyer who treats the categories as identical will buy the wrong product roughly two-thirds of the time, by rough estimate of how many vendors using "operating layer" language actually meet the bar.

Can the operating layer coexist with my existing iPaaS, CRM, or ITSM?

Yes — this is the design point. An fabric-native operating layer treats the existing iPaaS, CRM, ITSM, and other systems-of-record as integration surfaces. The layer schedules AI agents that read and write through MCP-mediated protocols. The buyer does not rip and replace; the buyer adds an orchestration plane above the existing stack. This is the deliberate contrast with closed managed services that try to absorb systems-of-record functionality into their own surface. Knowlee's posture is non-rip-and-replace.

What does a typical first deployment look like?

A first Knowlee deployment is scoped to one vertical or one cross-functional use case. Common starts: (a) a Sales-AI deployment running 4Sales-shaped lead generation and outbound; (b) a Marketing-intelligence deployment running 4Marketers-shaped social and brand monitoring; (c) a cross-functional knowledge-base deployment using the Brain as the RAG backbone for HR + IT + customer-success Q&A. The first deployment establishes the governance posture, the audit log, and the initial Brain entities. Subsequent verticals join the same operating layer with the Brain as cross-vertical memory. The second vertical is materially cheaper than the first because the layer is already there.

How does this differ from Microsoft Copilot Studio or ServiceNow Now Assist?

Copilot Studio and Now Assist are AI-agent surfaces inside their respective hyperscalers (Microsoft 365 and ServiceNow). They are excellent inside the hyperscaler boundary; they are not designed to govern AI agents that span Microsoft, Salesforce, SAP, Workday, and a dozen point tools simultaneously. An AI operating layer sits above the hyperscalers, governing agents wherever they run. Most enterprises will end up with Copilot Studio for Microsoft-native AI, Now Assist for ServiceNow-native AI, and an operating layer for cross-hyperscaler orchestration and governance. The layer supervises the hyperscaler agents; it does not replace them.

What does Knowlee cost?

Pricing is per-deployment and depends on the number of verticals, expected execution volume, data-residency requirements, and certification scope. Public list pricing for the operating-layer category does not yet exist at any vendor; the deals are negotiated. Knowlee's posture is to size the deal to the buyer's expected first-year value and to make pricing transparent in writing. List pricing is not published because the variance across deployments is too high for list pricing to be useful.