EU · Regulation 2024/1689 · Compliance instrument

Map, document, and track your
EU AI Act obligations.

The EU AI Act is the longest regulation Europe has ever written. AIComply is the toolkit that makes it readable and trackable — system by system, article by article — so the work, and the evidence, are yours.

EU-sovereign hostingGDPR-nativePowered by European AI
DeployerCV-Screener · Hiring · Annex III §4
Art. 9 · Risk management
Identify, analyse, mitigate.
Annex III domain confirmed
Residual risk score recorded
Post-market monitoring plan draftedOPEN →
Art. 9(8) periodic review scheduledOPEN →
Founding membersFirst 100 Founding Members get 30% off for life plus quarterly regulator roundtables.73 / 100 SPOTS OPEN
Become a Founding Member
Why a dedicated instrument

Most compliance tools weren't built for the EU AI Act.

Generic GRC platforms don't understand AI risk tiers, Annex III domains, or Article-specific obligations. We built for the regulation, not around it.

Without AIComply

We use twenty SaaS tools. Which ones are AI?

With AIComply

The system register with guided classification shows exactly which tools trigger EU AI Act obligations — with article references.

Without AIComply

We read four hundred pages of regulation and still don't know what to do.

With AIComply

Aria analyses your systems against Annex III and Article 5, proposes classifications, and drafts the matching obligations.

Without AIComply

Compliance is a one-time project we did in a spreadsheet.

With AIComply

Automated review schedules, evidence expiry alerts, and a living compliance calendar that never lets the file go cold.

Art. 9 · Art. 6(3)

Classification that follows the law.

A branching decision tree that mirrors the Act's exact classification logic: prohibited practices, Annex III domains, Article 6(3) exceptions, role determination. Every decision documented with its article reference, every wizard step backed by Aria.

  • Every branch lands on a specific article or recital.
  • Aria proposes the classification; you confirm and sign.
  • Re-classification is a diff, not a reset.
ART. 9
Prohibited practice?NoArt. 5
Annex III domain?YesAnnex III
Art. 6(3) exception?NoArt. 6(3)
ClassificationHIGH RISK
Smart obligation mapping

The right obligations, auto-mapped.

The engine reads your classification and materialises the exact obligations that apply — by role, risk tier and Annex III domain. A workbench, not a checklist: drag tasks between To-do, In Progress, In Review, and Complete, with the deadline chip derived from the article, never guessed.

  • Role-aware — deployer vs. provider vs. importer vs. distributor.
  • Conditional logic for biometrics, workplace AI, GPAI on top.
  • One click to open the form that closes the obligation.
OBLIGATIONS · KANBAN
To do
In progress
Done
Annex IV · FRIA · DoC

Documentation, verifiable.

Annex IV technical docs, Fundamental Rights Impact Assessments and EU Declarations of Conformity assemble themselves from your live data. Every page is timestamped and hash-sealed; every dossier carries a public verify URL a regulator or buyer can check without an account.

  • Smart forms with Aria suggestions; evidence at item level.
  • Provider ↔ deployer Art. 13 IFU handoff in one click.
  • Regulator view: Fraunces display, marginalia article refs.
VERIFIABLE
Annex IV · Technical file
Hash-sealed · public verify URL
SHA-256 · 9f2a…c41VERIFIED
Already mandatory · Live since Feb 2025

AI literacy is not optional. Article 4 is in force.

Every company using AI professionally must ensure staff have sufficient literacy. AIComply's training module covers six role-based programmes, needs assessment, individual progress tracking, and compliance evidence generation.

Explore AI Literacy
Executive & Board
Strategic oversight, Art. 4 exposure.
Ready
AI System Operators
Day-to-day supervision, Art. 26(2).
Ready
Compliance Officers
Rules engine, evidence, dossiers.
Ready
Technical Teams
Data governance, Art. 10 + Art. 15.
Ready
HR & Procurement
Vendor risk, supplier obligations.
Ready
General Staff
Baseline literacy for any AI user.
Ready
The rhythm

Compliance isn't a project. It's a cycle.

AIComply automates the review schedule. When a review is due, you know. When evidence expires, you know.

Annual risk-management reviewsArt. 9
Risk management system review required annually.
Six-month log retention checksArt. 26(6)
Verify decision logs retained and accessible.
Oversight training reviewsArt. 26(2)
Human oversight officer training currency check.
Quarterly change assessmentsArt. 9
Material changes re-trigger classification review.
Incident reporting timersArt. 73
15-day notification countdown from detection.
Evidence expiry alertsArt. 26
Certificate and document validity tracking.
The journey

Six phases, one continuous thread.

Every system walks the same gated journey — classify, scope, build, assess, register, monitor. Each phase unlocks the next; every obligation is tied to its article.

Compliance JourneyCompletion 8%

Phase 2 of 6 · Scope & literacy

Next step
Art. 4 AI literacy — all staff dealing with AI
Unassigned · Due 02 Aug 2026
Open
Setup · Here
Overview1/2Tech Docs0/1Certificates
Phase 3 · Build & Document
Risk Assessment0/1Human Oversight0/1Data Governance0/1
Phase 4 · Conformity Assessment
FRIA0/1
Phase 5 · Register
Registration0/1
Phase 6 · Operate & Monitor
Transparency0/1Incidents0/4
A working method for tracking your obligations — completion here is not a guarantee of legal compliance. Confirm with your counsel.
Powered by Mistral · Paris

Meet Aria — regulatory intelligence that speaks Article.

Aria analyses your AI systems against the EU AI Act, suggests risk classifications, identifies evidence gaps, and drafts the matching forms. Your data never leaves the EU.

Classification guidance
Describe a system — receive an Article-referenced suggestion with evidence.
Evidence analysis
Aria predicts what documents you need and flags what is missing.
Smart form assistance
Contextual suggestions while you fill Annex IV, FRIA and oversight forms.
Aria · Dialogue
“I have a CV screening tool used in hiring. Is it high-risk?”
Yes — this falls under Annex III §4(a). Employment, workers management and access to self-employment.

You will owe the Art. 9 risk management system, Art. 10 data governance checks, Art. 14 human oversight plan, and a Fundamental Rights Impact Assessment under Art. 27(1).
ART. 9ART. 10ART. 14ART. 27
Transparent tender

One price. No surprises.

All plans include EEA data residency and GDPR-native infrastructure.

Free
€0/month
Explore the platform risk-free.
1 AI system
Risk classification wizard
Basic obligation overview
Community support
Start free
Starter
€119/month
€149/month
For early-stage teams managing their obligations.
5 AI systems
Up to 5 team members
Full risk classification
Document generation (Annex IV, FRIA, DoC)
Obligation mapping
Email support
Get started
Most popular
Growth
€279/month
€349/month
For scaling teams with multiple systems.
Everything in Starter
25 AI systems
Up to 10 team members
GDPR integration module
Human oversight protocols
Transparency notices
API & webhook access
Priority support
Exports for your records
Get started
Business
€559/month
€699/month
For organisations with complex AI portfolios.
Everything in Growth
Unlimited AI systems
Up to 20 team members
Role-based access control
Custom document templates
Custom integrations
Get started
Free resources

Start before you sign up.

New · 5 min

EU AI Act Readiness Check

15 branching questions. Score out of 100, risk classification per use case, fine-exposure estimate, and a prioritised action plan — delivered as a PDF.

Take the check
Excel · Download

EU AI Act Compliance Tracker

Six ready-to-use worksheets with pre-built templates, obligation checklists, and the full regulatory timeline. Works offline.

Download free tracker
The file stays cold for no one

Every AI system, accounted for.

The EU AI Act landed in August 2024. Prohibited practices are already banned, Article 4 literacy requirements are live, and the high-risk provisions land in December 2027 (moved from August 2026 by the 2026 Digital Omnibus). Get ahead, properly.

“A dataset you cannot describe is a dataset you cannot defend.”
The AIComply handbook · Art. 10