Skip to main content
Vision · Regulators

Inspections shouldn't be a black box.

A read-only view operators can share with their regulator — proving inspection-readiness before the inspector ever shows up. The identity foundation is shipped; agency workflows are coming next.

In development

Why this matters

Cannabis inspections today are theatre on both sides. The operator binders something together at midnight; the inspector arrives and digs through paper. Both want the same thing — a confident answer to "is this facility operating safely and legally?" — and neither has the tooling to get there efficiently.

The platform vision treats regulators as a first-class user, not an adversary. When the operator's compliance system and the regulator's review process share a common surface, inspections take less time, findings are clearer, and operators have a much better incentive to stay continuously inspection-ready instead of sprinting before each visit.

What's live today

The agency identity foundation shipped 2026-05-13 and is in production. Specifically:

  • Verified agency accounts. State regulatory agencies are onboarded as a top-level entity separate from operator organizations, with verified email domains, jurisdictional scoping (state, county, city), and a status lifecycle (pending verification → active → suspended/archived). Verification happens out-of-band before any access is granted.
  • Mandatory two-factor authentication. Every agency user enrols TOTP-based 2FA before they can reach any platform surface. Enforced server-side; no opt-out.
  • Magic-link member onboarding. Agency admins invite team members via magic links scoped to their verified email domains. No accidental cross-domain access.
  • Jurisdictional scoping model. Agencies are bound to specific states, counties, and cities. Operator facilities now record city and county so that future jurisdictional queries route correctly.
  • Legal-basis-tracked audit trail. Every agency action is logged with its legal basis — jurisdictional, grant, or emergency — plus the optional reference (which operator, which records request, which emergency event). Operators see exactly who queried what and when.
  • Agency self-service admin. Agency admins manage members, view their own audit log, and edit display settings without depending on Verdaxi support.
  • Platform admin separation. Verdaxi platform admins (a distinct role from operator org admins) verify and onboard agencies, manage agency lifecycle, and steward platform-wide regulatory content.

These primitives are the substrate the workflow capabilities above plug into. With identity, MFA, jurisdiction, and the audit trail already in place, the agency-facing workflows can be added without revisiting trust-and-safety design.

Where we are

The shared identity layer is in production. Agency-facing workflows — jurisdiction dashboard, operator profile, in-platform inspections, cross-operator analytics, standardized state reporting — are next.

We're talking with state-agency staff today to make sure what we ship matches how regulators actually work. If you're at a state agency, we'd love to hear what would make this useful to you. Reach out via the contact form.

What we're planning

Jurisdiction dashboard

License-keyed list of operators within an agency's verified jurisdiction — health-score roll-up, hotspots, trend lines, and one-click drill-down to any operator's compliance posture.

Operator profile (read-only)

A scoped, read-only mirror of an operator's compliance state — current checklist results, open violations, document expirations, training status, full audit log — without handing over the whole platform.

In-platform inspection workflow

Schedule an inspection, run the checklist on-site, fail items auto-issue violations, generate the inspection report PDF — auto-filed to both the agency and operator vaults.

Cross-operator analytics

Aggregated views of violation trends, common failure modes, operator-decline lists, and saved jurisdictional queries. Helps state agencies see compliance trends across their license population.

Standardized state reports

Pre-built report templates aligned to each state's reporting expectations — operator submission queue, regulator acceptance/rejection workflow, full delivery history.

Bidirectional rule updates

When a state's rules change, our regulatory-update pipeline fans them out to operators automatically. The next step is letting agencies originate those updates themselves.

SOP confidentiality model

Regulators see SOP metadata by default; opening the body requires a logged purpose statement so operators retain visibility into who read what and why.

Want to talk to us about this?

We're actively gathering input from operators, regulators, and partners. Tell us what you'd want from this part of the platform.

Start free trialBook a demo