Metis  /  The AI-native company operating system

Connect your company.
Generate an AI org chart.
Run the company.

Generate a full AI org chart for your company, assign tool permissions by tier, and run real work through governed agent teams. Your human board keeps the reserved approvals.

See the architecture
Private beta opens Q3 2026·Humans hold every Tier 4 and 5 approval
trymetisai.com / my-company / org-chart
OrgRolesPermissionsAudit log
The founder's problem

You don't need another chatbot.
You need a company.

Most "AI for work" tools give you a brilliant intern. Metis gives you an org. A CEO agent, a CFO agent, departments with specialists, and a human-governed board that keeps the keys.

01 / Persona soup
Ten chatbots ≠ a company.
Without mission, decision rights, tool scope and escalation rules, an "AI CFO" is just a prompt. Metis makes every role a contract.
02 / Permission chaos
One agent, one tool, one accident.
Agents with unscoped tool access are liability generators. Metis ties permissions to roles via a five-tier model with human gates on money, identity and code-signing.
03 / No separation of powers
Propose, approve, execute — same agent?
That's how shocks happen. Metis enforces a Proposer → Reviewer → Approver → Executor → Auditor pattern on every high-impact action.
Architecture

A three-layer company — designed on purpose.

Human legal layer at the top — because Delaware directors must be natural persons. An AI governance council in the middle. An AI executive team below that spawns specialist agents on demand.

Layer 1

Human legal layer

The part that exists for signatures, liability, compliance, fundraising and reserved decisions. Humans keep the keys.

mono · natural persons only
RoleFounder & co-founders
RoleHuman board of directors
ReservedFundraising, equity, payroll
ReservedHiring & firing humans
ReservedLegal settlements above threshold
ReservedMajor product launches
ReservedSecurity incident disclosure
CounselAuditors · accountants · outside counsel
Layer 2

AI governance council

Your "board of AI agents." Not the legal board. The brains around the company — review proposals, challenge assumptions, score risk, issue decisions or recommendations.

never executes · only governs
ChairAI Board Chair
MemberStrategy Director
MemberCapital Allocation Director
MemberRisk & Audit Director
MemberEthics / Public Benefit
MemberSecurity Oversight Director
MemberCompensation & People Governance
ArtifactsAgendas, votes, board packets, dissents
Layer 3

AI executive team & departments

The operating leadership, with the authority to act. Spawns specialist agents on demand — Research, Engineering, Product, Commercial, Security, Finance, People, Policy.

executes · within tier caps
ExecAI CEO
ExecPresident / COO
ExecChief of Staff
ExecCTO · CSO · CPO
ExecCCO · CFO · GC · CISO
ExecCPeopleO · Head of Comms
DeptsResearch · Product · Eng · Commercial · Sec · Marketing · Finance · People · Policy
SpecialistsSpawn on demand, per task contract
The contract

Every role is a contract, not a persona.

The secret isn't the org chart. It's that each agent has a strict mission, typed inputs and outputs, scoped tools, explicit decision rights, escalation rules and KPIs. That's the difference between a cool demo and a real company OS.

A role card defines what an agent may and must not do.

This is the seven-field contract every agent in Metis gets generated with. Role cards are versioned, diffable, and subject to review by the governance council before they take effect.

  • Mission — one line. If it takes a paragraph, split the role.
  • Inputs & outputs — typed artifacts, not free-form prompts.
  • Decision rights — exactly what it may decide alone.
  • Tool scope — which MCP servers, APIs, and skills it may touch.
  • Escalation rules — when it must hand off to a human or higher agent.
  • KPIs — how good work is measured, week by week.
F
AI CFO
role.finance.cfo · v8 · approved by council · 2d ago
TIER 4
Mission
Keep the company solvent, predictable, and honest about its numbers.
Inputs
bank.readwarehouse.financehris.payrollstripe.read
Outputs
forecast.monthlybudget.v<n>close.reportcash.memo
May decide
spend ≤ $5kdraft budgetsreallocate within dept
Must not
move moneyissue equitychange payroll
Escalates
tax · financing · audit → Human Board · Risk & Audit
KPIs
Forecast MAPE < 6% · close time < 4 days · zero cash incidents · memos accepted ≥ 90%
Permissions

Five tiers. Tied to the role, not to the model.

Swapping the underlying model never upgrades an agent's authority. Tiers are enforced at the tool layer, audited on every call, and can be tightened per workspace, per region, or per deal.

TIER 01open

Read-only

Look, don't touch. Build context without side-effects.

  • Docs & wiki
  • Analytics & dashboards
  • CRM reads
  • Codebase reads
  • Support history
TIER 02draft

Drafting

Produce artifacts. Nothing ships without a reviewer.

  • Emails & proposals
  • Tickets & PRDs
  • Contracts · JDs
  • Roadmaps
  • Board memos
TIER 03ops

Operational writes

Move work forward inside tools agents already use.

  • Create Jira tickets
  • Update CRM
  • Publish internal docs
  • Open pull requests
  • Schedule meetings
TIER 04controlled

Controlled transactions

Actions with customer-visible or production impact.

  • Deploys · config changes
  • Customer messaging
  • Contract redlines
  • Invoice approval
  • User account actions
TIER 05human-gated

Human-gated only

Actions no agent may take alone. Ever.

  • Money movement
  • Payroll & equity
  • Legal filings
  • Employment termination
  • Model release overrides
Separation of powers

The five-role pattern behind every high-impact action.

No single agent may propose, approve and execute the same decision. This one rule eliminates a shocking amount of the chaos people expect from agentic systems.

Role · Proposer

Proposes

Writes the action as a typed artifact — never as free-form intent.

agent: Sales Lead
action: discount(+10%)
reason: deal#482 · renewal
Role · Reviewer

Challenges

A different agent — or department — must find the weakest assumption.

reviewer: RevOps
flag: pricing floor (T4)
suggest: bundle add-on
Role · Approver

Approves

Higher agent or human, based on tier. Decision and reasoning logged.

approver: CCO
verdict: approved
cap: ≤ 12% · 1 deal
Role · Executor

Executes

A separate agent carries it out, scoped strictly to that artifact.

executor: Deal Desk
write: crm · update
notify: customer, CSM
Role · Auditor

Audits

Immutable log. Weekly review packet for the governance council.

auditor: Risk
exception rate: 0.3%
drift: none
Ship first

Don't launch with 100 agents.
Launch the Core 12.

One company brain, one org chart, one permission system, one audit log, one meeting cadence, one approval layer. Each of these twelve can spawn specialist child agents the moment you need them.

Governance
AI Board Chair

Runs meetings, agendas, votes, board packets, dissents.

T2 · governs only
Executive
AI CEO

Owns company goals, tradeoffs, final recommendations.

T4 · exec
Executive
Chief of Staff

OKRs, cross-functional alignment, exec briefings.

T3 · ops
Executive
AI CTO

Engineering, platform, infrastructure, reliability.

T4 · exec
Executive
Chief Science Officer

Research quality, evals, alignment, red-team cadence.

T3 · ops
Executive
Chief Product Officer

Product strategy, roadmap, user experience.

T3 · ops
Executive
CISO / Safeguards Lead

Security posture, abuse monitoring, trust & safety.

T4 · exec
Executive
AI CFO

Planning, budget, reporting, cash controls.

T4 · exec
Executive
General Counsel

Contracts, privacy, compliance, policy posture.

T4 · exec
Executive
Sales Lead

Pipeline, proposals, deal desk, forecasting.

T3 · ops
Executive
Marketing Lead

Positioning, launch, brand, lifecycle.

T3 · ops
Executive
People / Ops Lead

Recruiting, onboarding, performance health.

T3 · ops
Governance & trust

Separate the legal company from the AI company.

Delaware directors must be natural persons. Metis is built around that fact — humans keep reserved approvals, while AI runs the operating layer with a governance council that challenges it.

Every agent decision is a signed artifact. Every Tier 4 action has a reviewer. Every Tier 5 action has a human signature. Your audit log is a single source of truth for investors, auditors, regulators and your own future team.

  • Founder-configurable reserved approvals — fundraising, bank movement, equity, hiring & firing, incident disclosure.
  • Dual-control on Tier 4 actions — proposer and approver must be distinct roles.
  • Every council vote logged with dissents, dissenters and reasoning.
  • BYO models and keys — Anthropic, OpenAI, Bedrock, or private endpoints.
  • Never trained on your company's data. Contractually.
Control surface
  • HostingMetis Cloud · VPC · Self-hosted
  • Regionsus-east, us-west, eu-west, ap-southeast
  • IdentitySAML SSO · SCIM · RBAC
  • ApprovalsSlack · Email · App · Hardware key
  • ModelsBYO provider · per-role
  • Audit logImmutable · 13 months · SIEM export
  • PolicyPer-role contracts · versioned · diffable
  • TrainingNever on your data
FAQ

What founders ask us first.

Still curious? Once you're on the waitlist we'll send you the architecture deck, the full role-card schema, and a sample audit log from a test company.

Is the AI actually on my legal board?
No. Delaware-style corporations require natural-person directors, so the AI governance council is an advisory and governance layer around your human legal board, not the statutory board itself. The human board always holds reserved approvals.
Do I have to run my whole company through Metis from day one?
No. Start with the Core 12 and one department. Most founders begin with finance + commercial + product, then spawn specialist agents as they need them. You can add or retire roles at any time.
How are tool permissions actually enforced?
Permissions live at the tool / MCP layer, not in the prompt. Every call is checked against the role card's scope and tier. Swapping the underlying LLM never upgrades an agent's authority, and every call is logged.
What happens when an agent breaks the rules?
It can't — a call outside scope is rejected at the tool layer before it executes. Policy violations and edge cases surface in the audit log and are reviewed by the Risk & Audit director, which can revoke permissions or force a role-card revision.
Which models can I use?
Anthropic, OpenAI, Google, AWS Bedrock, Azure OpenAI, and private open-source endpoints via vLLM or TGI. Mix per role — cheap model for classification, stronger model for reasoning, private model for sensitive finance tasks.
When can I actually try it?
Private beta begins Q3 2026. Waitlist order is not strictly first-come — we prioritize cohorts by stage and fit so we can pair each early customer with a solutions engineer. Pricing is a platform fee plus per-agent metering.
Join the waitlist

Your company, organized around AI — not bolted onto it.

Waitlist members get early access to the private beta, the architecture deck, the role-card schema, and a sample audit log. Be one of the first founders in.

Private beta starts Q3 2026. Waitlist order is prioritized by stage and fit.