The architecture behind governed agentic AI and enterprise no-code
One platform, five layers — from the no-code studio and DTAP publishing, through the governed agentic runtime, to your data and legacy systems. Here’s how every layer fits together, and where AI is governed by design rather than bolted on.
Deterministic no-code coreGoverned agentic runtimeCloud, private cloud or on-prem
One platform — five layers
Build
Full-stack app development
01
Govern
Agentic AI, governed
02
Run
Runtime & mission-critical
03
Data
Typed data & ontology
04
Connect
Integration & security
05
The whole platform, on one canvas
From the no-code studio and DTAP publishing, through the governed agentic runtime, to your end users and legacy systems — one architecture, deployable on cloud, private cloud or on-premise.
WEM No-Code Cloud Application Runtime with the Agentic Hub & Services. Open full size →
A complete application platform, in five layers
The same architecture that builds your frontend, backend and microservices also runs your automation and governs your AI. Pick a layer to see what it does.
Build — Full-stack application development
Design responsive UIs, backend logic, data models, microservices and APIs — visually, in one studio. No generated source to review; everything is a typed model.
Responsive UI
Backend Logic
Data Model
Microservices & APIs
Workflow Automation
Agentic AI Studio
Ontology Modeler
Real-time Preview
Web & Runtime Dashboards
Login & Account Mgmt
One model, top to bottom: frontend, backend, data and integrations are the same typed application — what you ship is exactly what you reviewed, with no generated code path to audit.
Govern — Agentic Hub & Services
AI agents run as governed steps inside workflows — never as free-roaming services. Every capability is typed, scoped and logged.
Why it's safe: an agent can't request out-of-scope data because the parameters don't exist. State and access live outside the model — the model proposes, the platform decides.
Run — Runtime, Edge & Orchestration
Traffic enters through a reverse proxy, load balancer and firewall; a deterministic engine then runs your applications and orchestrates agents across isolated staging and live clusters — Kubernetes-native, built for high availability.
Reverse Proxy
Load Balancing
Firewall
Runtime Engine
Workflow Engine
Agent Orchestration
Governed Agent Services
No-Code Services
Integration Services
Observability
DTAP pipelinePreviewStagingLive
Runs onKubernetesOpenShiftAzureAWSGoogle Cloud
Why it's safe: publishing is a locked pipeline and each environment is isolated with its own database — nothing reaches production unreviewed.
Data — Data & State
Typed data, an ontology concept graph, and per-session state the model can read only when a function explicitly passes it.
Database & Lists
Ontology / Concept Graph
Session Folder
Calculated Fields
Vectorised File Sources
File / Object Storage
Staging & Live DB
Data Validation
Why it's safe: conversation context is a session field the LLM cannot read on its own — it only ever sees the typed values a governed function hands it.
Connect — Integration, Security & Cross-Cutting
Open standards in and out, behind enterprise identity, encryption and network controls — with logging, backup/DR and governance spanning every layer, and validation before anything fires.
REST / Custom HTTP
SOAP / WSDL
OData
SAML 2.0 / OAuth 2.0
Identity, SSO & RBAC
Certificates & IP Allow/Deny
Logging & Monitoring
Backup & DR
Governance & Compliance
Why it's safe: a pre-execution validation layer checks business-logic preconditions before any integration call runs, and output leaves only through governed handlers.
Prefer the whole picture? Open the full WEM reference architecture — every layer, protocol and environment on one canvas.
Agentic AI is one capability of the platform. The same architecture that runs your applications is what keeps the model inside guardrails, with no bolt-on security.
One workspace for every project, application and agent.
1
A deterministic foundation, not generated code
Applications are typed models executed by a fixed engine. The same input produces the same governed path every time, so behaviour stays reviewable and repeatable.
2
Agents can't reach beyond their scope
An agent sees only the parameters you define. Out-of-scope data isn't withheld, it's unreachable, because session state and access control live in the platform rather than the prompt.
3
Every action is validated before it runs
Actions pass business-logic preconditions first. The model proposes; the platform decides whether a step is allowed to execute at all.
4
Everything is auditable
Agent actions, validation decisions and publishes are logged, and responses leave only through governed handlers. Nothing reaches a user or downstream system unchecked.
Adaptable to your cloud strategy
The same governed architecture runs wherever your data has to live — from a shared cloud you're live on in minutes to fully owned on-premise hardware.
Fastest start
Shared WEM Cloud
For teams that want to start quickly, easily and cost-effectively.
Data centres in Europe and APAC
Standard and Pro plans
All-inclusive hosting
Various storage options
Live and running in minutes
Dedicated
Any Private Cloud
For businesses running a dedicated instance in any cloud.
Private hosted application cloud
Kubernetes WEM runtime
Flexible hosting (Azure, AWS, GCP)
Priority support
High-availability options
Full control
On-Premise Hardware
For organisations that want full ownership of their resources.
On-premise network appliance
Rapid deployment
Hyper-converged (HCI) support
Kubernetes perpetual runtime
Designed for HA & scale
No-code DTAP publishing
DModelerbuild
→
TPreviewtest
→
AStagingacceptance
→
PLiveproduction
Your data, under your jurisdiction and control
Across the European Union, organisations increasingly need to control where their data resides, who can access it and which jurisdiction governs it — especially in government, finance, healthcare and other regulated sectors. WEM is built to meet these requirements at every level, so you decide where your data lives and who owns the infrastructure it runs on.
European by default
WEM Cloud · Europe
Our managed cloud runs in the European Union, with primary hosting in Amsterdam — the fastest way to go live, with your data resident in Europe.
Hosted in the EU (Amsterdam)
Fully managed by WEM
Fastest onboarding, no infrastructure to run
European data residency
Dedicated region
Dedicated European Instance
A dedicated WEM instance in the European region of your preferred hyperscaler or a European cloud provider — isolated from any shared tenancy.
European regions of Microsoft Azure or AWS
Or a European cloud provider of your choice
Single-tenant, isolated deployment
Data stays in your chosen EU region
Full sovereignty
On-Premise & Private Data Centre
For government and the most stringent enterprise requirements: WEM runs entirely on infrastructure you control — on-premise or in a data centre of your choice.
Runs on-premise or in your chosen data centre
Complete control of data, access and location
Delivered with specialist on-premise partners
Suited to government & highly regulated sectors
One governed architecture, wherever it runs. The same WEM platform, governance and audit trail apply across every option — only the location and ownership of the infrastructure change.
Build it without code. Run it without limits.
The same governed platform serves the whole organisation — from the boardroom mandate to the operator who builds the workflow.
A live application running on WEM — built without code.
For CIOs
Every app, every agent, governed end to end. WEM binds your no-code agents, automation and applications inside one enterprise foundation — so visibility, security and lifecycle control stay intact the moment AI enters the workflow.
For Heads of Operations
Live in weeks, connected to every system you already use. Operations teams design their own workflows — no developers, no backlog, no waiting — and start automating the repetitive, complex and critical work.
For IT Leaders
Full traceability, zero guesswork, from day one. No-code means the process gets built without waiting on developers to get it right; agentic AI means it runs itself, within the exact parameters your auditors require.
Built for mission-critical workloads
Enterprise operations can’t afford downtime. WEM’s architecture is engineered for uptime, stability and performance at scale — the same governed runtime whether it serves a single team or runs organisation-wide, business-critical processes.
Enterprise-Grade Security
Scoped access, validated inputs and gated outputs at every step — security enforced by the architecture, not bolted on.
Mission-Critical Stability
A hardened runtime built for continuous operation, with deterministic, predictable execution that holds up under sustained load.
High Scalability
A Kubernetes-based runtime scales horizontally on demand — from a single team to organisation-wide deployments, ready to deploy anywhere.
High Performance
A compiled, typed application model keeps response times low and throughput high under real production workloads.
Governance & Control
Every workflow, agent and action is policy-bound and auditable, giving IT full operational control from end to end.
Extreme Interconnectivity
Native REST, SOAP, OData and real-time connectivity links WEM to every system in your landscape, without brittle middleware.
Mission-critical, by definition
Sector compliance, system integrations and vertical workflows, built in from day one rather than bolted on afterwards.
GovernmentDigiD · AVG · BIO · Woo
HealthcareNEN 7513 · openEHR · AVG
Logistics & Transportsupply chain · warehouse
Financial ServicesSIVI · DORA · AML
ManufacturingSAP · MES · ERP
Real Estateportfolio · lease workflows
Built to pass security review
The controls a CISO asks for aren't add-ons — they're how the platform works. Each is distinct, and each is auditable.
Role-based access control
Granular RBAC in the Modeler and enforced again at runtime, so build-time and run-time permissions can't drift apart.
End-to-end encryption
Data encrypted in transit and at rest, with certificate-based connections and IP allow/deny lists at the edge.
Full audit trail
Every agent action, validation decision and publish is logged — the evidence trail compliance teams need by default.
Certified & compliant
ISO 27001 and ISO 9001 certified, aligned to GDPR and the Dutch government BIO baseline.
Data sovereignty
Built and hosted in the EU, deployable on private cloud or on-prem so regulated data never leaves your region.
Lifecycle management
Versioned DTAP publishing with isolated environments gives a controlled, reversible path from idea to production.
WEM reference architectureFull reference architecture · Esc to close