When an AI agent modifies code inside a regulated product — an insulin pump's firmware, a diagnostic algorithm's weighting — it doesn't know what it's touching. The design history file, the risk analysis, the open corrective action: none of it is in the agent's context unless a human extracts it first. That gap is becoming a bottleneck. Ketryx, a Cambridge, Massachusetts-based compliance platform, launched a beta of its Model Context Protocol (MCP) server on March 31, 2026 that it says closes it — letting AI agents query live compliance records directly as part of their workflow Newsfile press release.
Compliance context is becoming machine-readable infrastructure for regulated AI. In medical devices, pharma, and aerospace, product teams must document every design decision, test result, and risk analysis in traceable records before a product can ship. That documentation burden — consuming 50 to 80 percent of enterprise product development time per Ketryx's figures — has always been a human bottleneck Ketryx Series B blog. The argument inside Ketryx, laid out publicly by founder Erez Kaminski in a July 2024 STAT article: as AI agents move from auxiliary tasks into the actual development loop, that documentation burden compounds faster than human teams can service it. The core problem, in Kaminski's framing, is not the FDA's regulations — it's that compliance record-keeping runs on 20th-century processes while AI is entering medical devices at an unprecedented rate STAT.
MCP — the Model Context Protocol — is Anthropic's open-source standard released in late 2024, which has grown to over 10,000 servers in the ecosystem as of early 2026 Improvado. Ketryx is building a compliance-specific MCP server: it speaks MCP to AI agents and connects to the toolchain those agents already use. The server mediates between the AI model's request for compliance context and the actual state of the product record — a translation job that previously required a human to locate the right document, extract the relevant section, and paste it into the context window. Ketryx's bet is that the transport layer is solved by the ecosystem, and the differentiator is the design history files, risk analyses, and corrective action records sitting underneath the server.
The competitive picture is sparse and worth naming honestly. Veeva Systems — a public company dominant in life sciences content management, multi-billion-dollar market cap — announced Veeva AI Agents in October 2025 with a full R&D and quality rollout across clinical, regulatory, and quality functions in 2026 Veeva. MasterControl launched an AI-powered SOP Analyzer in January 2026 MDO. Both are going after the same problem: making regulated development legible to AI systems. Neither has publicly committed to the MCP transport layer or built Ketryx's specific requirements-to-code traceability graph. The uncomfortable honest version: no credible player has yet demonstrated end-to-end audit trail from design decision to agent action in a Class III device workflow under live FDA review. Whether Ketryx's beta is the first to get there — or simply the first to claim it — is the open question.
Bill Hawkins, former CEO of Medtronic, put personal capital into Ketryx's September 2025 Series B alongside Transformation Capital's $39 million investment, bringing total funding to over $55 million MedTech Dive / Ketryx press release. That is useful signal. Hawkins has sat inside the regulatory environments Ketryx is selling into, and he chose to invest his own money rather than lend his name from a distance. It does not mean the problem is solved — it means a credible operator thinks the problem is real and Ketryx's approach is plausible. That is a meaningful distinction from a press-release endorsement.
Ketryx integrates with Jira, GitHub, TestRail, JAMA, and other development tools that medical device teams already use Ketryx website. The MCP server doesn't replace the toolchain — it sits alongside it and translates between the compliance record and the agent's context. For an AI agent working on a firmware update, the practical effect — if the beta holds under real audit conditions — is that it could check whether the change triggers a new risk analysis, flag any open corrective actions, and surface the relevant DHF entry without a human in the loop.
Ketryx says four of the world's top five medical device manufacturers use the platform, shipping product releases every one to two weeks. In 2024, its first full year on the market, products built on Ketryx infrastructure accounted for 2 percent of all FDA submissions for AI/ML-enabled devices — Ketryx's figure, not independently verified against FDA records. Products built on the platform touch more than 25 million patients annually, per the company's own numbers Ketryx Series B blog.
The test is not the beta announcement. The test is what an FDA investigator asks the first time an agent using Ketryx's MCP server changes a design parameter in a Class III device: show me what changed, why, and who authorized it. If the team running Ketryx can answer that question from the compliance graph — completely, without a human reaching into a file cabinet — the infrastructure is real. If they can't, it's a wrapper.
