EU AI Act (Regulation 1024/1689)

📜 Article-by-article expertise

Our understanding goes beyond the superficial:

Article 6: Classification rules for high-risk AI

• We know Annex III by heart (8 high-risk areas)
• We understand the exceptions and borderline cases.
• We can classify your systems correctly

Article 9: Risk management system

• We know what "risk management system" actually means.
• We can help you implement one
• We are familiar with integration with ISO 31000

Article 10: Data Governance

• Relevant, sufficiently representative, free of errors, complete
• We translate this into measurable metrics (Great Expectations)
• We document it in an audit-proof manner

Article 13: Transparency obligations

• We know what information users need
• We create model cards that are compliant
• We make black boxes transparent (SHAP)

Article 14: Human Oversight

• We design human-in-the-loop workflows
• We identify where oversight is critical
• We implement override mechanisms

Article 15: Accuracy, Robustness, Cybersecurity

• We test accuracy across subgroups
• We evaluate robustness (adversarial testing)
• We integrate with your security architecture

Article 72: Post-market monitoring

• We build monitoring systems (Alibi Detect)
• We create monitoring plans
• We document continuous compliance

Article 73: Serious Incident Reporting

• We define "serious incident" for your context
• We implement incident detection
• We prepare notifications for authorities

Integration with other regulations:

🔗 Seamless compliance integration

GDPR (General Data Protection Regulation):

• Article 22 (Automated Decision-Making) + AI Act
• Article 35 (DPIA) Integration with AI Risk Assessment
• Special categories (Art. 9) in AI training data

ISO/IEC 42001:2023 (AI Management System):

• We support ISO 42001 certification
• AI Act compliance = large part of ISO 42001
• Governance structures that fulfill both

Industry-specific regulation:

• Finance: BaFin, EBA Guidelines
• Healthcare: MDR, IVDR
• Automotive: UNECE R155/R156
• Public Sector: e-Government Standards

Standards & Frameworks

📚 Comprehensive standards portfolio

ISO/IEC standards:

• ISO/IEC 42001:2023 – AI Management System
• ISO/IEC 23894:2023 – AI Risk Management
• ISO/IEC 24029 – Assessment of Robustness
• ISO/IEC 24027 – Bias in AI Systems

IEEE Standards:

• IEEE 7000 – Ethically Aligned Design
• IEEE 7001 – Transparency in AI
• IEEE 7002 – Data Privacy Process

NIST (US, but globally relevant):

• NIST AI Risk Management Framework
• NIST AI 100-2 (Explainability)

BSI (German):

• AIC4 – AI Cloud Service Compliance Criteria
• BSI AI Testing Catalog (under development)

OECD:

• OECD AI Principles (internationally recognized)

Our approach:
We pragmatically combine these standards with AI Act requirements for comprehensive compliance.