Countdown / TRAIGA AG complaint portal opens / Sept 1, 2026 / — days remain / Get TRAIGA-ready
What We Do

Decision intelligence for energy.

We help technology, software, equipment, and services companies make the high-stakes commercial decisions of selling into oil and gas — and make them defensible. Two arms, one discipline: the go-to-market intelligence that turns a strong product into a won deal, and the AI decision governance that keeps an AI-influenced decision defensible in front of a regulator, board, or plaintiff. We lead with the go-to-market work. It is what most of our clients hire us for.

Better decisions: go-to-market intelligence · Defensible decisions: AI governance (DIG®)

/ The core practice

Go-to-Market Intelligence

For more than a decade we have run the research and strategy behind selling complex products into energy. This is the work behind our case studies.

Buyer-behavior research

How operators evaluate and buy, who they listen to, where they form opinions. See how oil & gas companies buy.

Market-entry strategy

Where a newcomer wins first in a crowded vertical: submarkets, partners, the wedge.

Product launch & positioning

Message House, seller enablement, and the demand-generation-vs-harvesting call that decides whether SEO is even the right lever.

Verticalization

Making a horizontal value story land with energy buyers: same structure, energy-true proof.

Route-to-market validation

Fast, survey-driven reads on which segment is actually ready to buy.

The outcome we sell

You stop guessing how your buyer buys, and start selling to how they actually do.

See all of our work
/ The promise

We ship the binder. Not the memo.

BigLaw publishes interpretations. We produce the operational artifacts that invoke safe harbors and survive an audit.

BigLaw firms publish interpretations of TRAIGA, the EU AI Act, and Section 1557. We build the shippable artifacts — AI system inventories, NIST AI RMF mapping documents, intent packets, cure playbooks, technical files, vendor questionnaires — that invoke safe harbors, satisfy documentation requirements, and hold up under audit.

Every engagement is delivered through the Digital Information Governance® (DIG®) framework — the four-pillar meta-framework we built to translate TRAIGA, the EU AI Act, NIST AI RMF, and ISO 42001 into a single operational binder.

Approximately 70% of the obligations across all four 2026 regimes overlap. Built correctly, a single governance binder satisfies all four — with Texas-specific appendices for state cover, EU Annex IV appendices for cross-border exposure, and NIST-structured controls for the federal civil rights overlay.

We do not sell SaaS. We do not write law firm alerts. We ship the operational artifacts — the shippable proof you can defend.

/01 Tier 1 / Texas operators

Texas Ready by September.

$35,000 4–6 weeks Fixed scope 7 written deliverables

For Texas operators with no material EU or federal-funded exposure who need to be demonstrably TRAIGA-compliant before September 1, 2026.

The Texas Responsible AI Governance Act (HB 149) took effect January 1, 2026. The Texas Attorney General's online complaint portal — the enforcement trigger — goes live September 1, 2026.

From that day forward, any organization deploying AI in Texas is a potential Rule 552.105 target unless it can demonstrate substantial compliance with NIST AI RMF and produce the artifacts the safe harbor expects.

This program delivers those artifacts in 4–6 weeks.

Start with the 5-Day Assessment
/ What you get

Seven shippable artifacts.

  • AI System Inventory — complete register covering every model, embedded vendor tool, and shadow-IT LLM use, tagged by decision context, risk tier, and TRAIGA prohibited-use exposure.
  • NIST AI RMF Substantial-Compliance Mapping — the single document that invokes the TRAIGA Sec. 552.105 rebuttable presumption of reasonable care.
  • Intent Documentation Packets — written purpose statements, design decision logs, and training-data documentation for the Sec. 552.056(c) "intent to discriminate" defense.
  • Red-Team & Adversarial Testing Protocol — scheduled testing cadence, test cases targeting the seven TRAIGA prohibited uses, signed-off results.
  • Cure Playbook (Sec. 552.104) — a 60-day cure runbook with notification, drafting, and remediation steps.
  • Workforce AI Use Policy & Training Log — satisfies EU AI Act Article 4 while you're at it.
  • Executive Debrief — half-day session with your leadership team.
/02 Tier 2 / Cross-border exposure

Cross-Border Governance Binder.

$75,000 8–12 weeks Fixed scope 9 DIG® components

For operators with any EU customer, joint-venture asset, or AI-generated output consumed in the European Union — including Texas operators who assumed "we have no EU office" was a defense.

The EU AI Act's Article 2(1)(c) pulls in any third-country provider or deployer "where the output produced by the AI system is used in the Union." That is a broader reach than most US operators realize. Annex III high-risk obligations become fully applicable August 2, 2026.

/ What you get — all nine DIG® components
  • AI System Inventory & Register (cross-framework tagged)
  • NIST-Structured Control Core
  • EU AI Act Annex IV Technical File
  • FRIA + DPIA Package
  • Post-Market Monitoring Plan
  • Vendor Due Diligence Kit
  • Serious Incident Reporting SOP (15-day window)
  • CE Marking + EU Database Registration Pack
  • Texas + Federal Civil Rights Appendices

One binder, four frameworks — TRAIGA + EU AI Act + NIST AI RMF + ISO 42001 — with the appendices to prove it.

/03 Tier 3 / Ongoing

Governance-as-a-Service.

$5,000 / month Monthly retainer For Tier 1 / Tier 2 graduates

A monthly retainer that maintains your binder as AI, regulation, and your workflows evolve.

/ Retainer scope
  • Drift monitoring across the Decision Registry
  • Regulatory watch (TRAIGA, EU AI Act, NIST, ISO updates)
  • Annual re-certification support
  • Incident response standby (15-day EU SOP)
  • Council / sandbox advocacy where applicable
  • Quarterly executive readouts
Talk to Us
/ Begin every engagement here

Every binder build starts with a 5-day assessment.

Whether you end up in Tier 1, Tier 2, or Tier 3, we start the same way: a written gap report, a punch list mapped to your regulatory posture, and an honest recommendation.

Request the 5-Day Assessment
$5,000 · 5 working days · Fixed scope

/05 Engagement questions

Picking the right tier.

Pulled from real conversations with Tier-1 EPCs, supermajor operators, and PE-backed leadership teams over the last six weeks.

Q01 We already have an AI department. Why would we need this?
Most enterprise AI departments are tool-deployment functions: licensing Copilot, evaluating chatbots, running pilots. They're rarely governance functions. A senior engineer at a Tier-1 EPC told us recently: their company has a formal AI department, the sanctioned tool is Copilot, and his daily AI use is Claude on his work laptop. The AI department is real; the governance gap is also real. ModalPoint sits in the gap.
Q02 How is this different from a Big Four AI risk consultant?
Three differences. (1) We don't sell PowerPoint — every engagement ships an operational binder a regulator can open. (2) Our framework (DIG™) is a registered standard with three provisional patents, not a proprietary methodology that walks out the door when the consultant leaves. (3) We've sat in the operator seat for 26 years. The wedge is operational, not academic.
Q03 What if we're using Microsoft Copilot — isn't that the AI policy?
A license is not a policy. Copilot governs that one tool's behavior; it doesn't govern the AI exposure inside your operations — vendor outputs (Cority, Plant 4D), retrieved-context decisions, AI-assisted contracts, AI-influenced procurement, AI-affected disclosures. EU AI Act Article 14 doesn't ask which AI tool you bought; it asks who authorized the decision. Copilot can't answer that.
Q04 Can we do the 5-day Assessment first and decide on tier later?
That's how every engagement starts. The Assessment produces a written gap report and a recommended tier (1, 2, or 3) based on what we actually find — not a guess. About 60% of operators we assess move to Tier 1; the rest split between Tier 2 (cross-border exposure) and "not yet" (we'll tell you if you're not ready).
Q05 What if our AI exposure is mostly through vendors (Cority, Plant 4D, etc.) not direct?
Vendor-mediated AI is the largest exposure category for energy operators today — and the hardest one to inventory because it lives inside contracts and product updates rather than internal builds. The Assessment maps your vendor-AI footprint alongside your direct AI use. Vendor Due Diligence Kits are part of the Tier 1 deliverable set for exactly this reason.
Reviewed by Matthew Bertram, President, ModalPoint · Certified AI Auditor (CAIA). Last reviewed July 2026.

/ Who you're engaging with

A Houston-based AI decision governance practice.

ModalPoint · Houston, TX · Operating in US + EU · Response within one business day · A division of EWR Digital

/ Credentials & affiliations

DIG® USPTO Serial No. 99559923 (application pending) — registered framework
NIST Cyber AI Profile + Zero Trust Communities of Interest
Texas HB 149 / TRAIGA active candidate, Texas AI Council
Goldman 10KSB graduate, April 2026 cohort
TAMU Corps of Cadets alumnus · Eagle Scout
IAPP AIGP candidate, Q3 2026 sit
OTC 26 Moderator, Ericsson AI panel · May 4, NRG Center
Case Tamboran Resources (NYSE/ASX: TBN) · energy proof case
AMA 2026 Crystal Awards Finalist — AI category
© 2026 ModalPoint · A division of EWR Digital · All rights reserved. Contact · EWR Digital · Houston, TX