RegCore.AIRegCore.AI
European UnionAI governanceHigh-risk regime live August 2, 2026
EU AI Act

Regulation (EU) 2024/1689

Risk-tiered obligations, Article 15 accuracy/robustness/cybersecurity, Annex IV technical file, GPAI model rules.

Depth of coverage

What we know in this framework.

The specific clauses, articles, appendices and supervisory expectations we work against — anchored to primary source and maintained as the regime evolves.

01Article 9 risk management
02Article 10 data governance
03Article 15 accuracy
04Annex IV technical file
05GPAI obligations
How we cover it

How the firm carries EU AI Act into client work.

EU AI Act is read against the services below. Each one draws on the same compliance intelligence layer — indexed to primary source, versioned alongside the regulator, and carried into the engagement.

AI GovernanceSenior advisory on the governance an AI-era regulator will actually examine — policies, roles, risk tiering, validation cadence.
  • Auditable AI inventory indexed to primary-source obligations
  • Governance charter, RACI, and human sign-off gates that survive examination
  • Model and agent cards indexed to regulator clauses
Open the service →Data GovernanceLineage, provenance, consent and quality — the substrate every AI control eventually leans on.
  • End-to-end lineage for training, fine-tuning and retrieval corpora
  • Consent and purpose ledgers aligned to PIPEDA, Law 25, GDPR
  • Data-quality controls indexed to model risk and NIST AI RMF Measure
Open the service →AI-Enabled Compliance ImplementationThe engagement arm where digital compliance officers sit inside your workflow, drafting under human sign-off.
  • Digital compliance officers scoped to your programme
  • Evidence captured at the point of work, not reconstructed after
  • Control library indexed to the obligations your supervisor reads
Open the service →
Related playbooks

Playbooks that ship against EU AI Act.

Each playbook walks from discovery through artifact — phases, controls, evidence. Agents assist the mechanical steps; specialists own the sign-off.

EU AI Act · Assessment

EU AI Act High-Risk System Playbook

Classify use cases against Annex III, build the Article 9 risk management system, and compile the Annex IV technical file your conformity assessment will depend on.

Read the playbook →Cross-framework · Controls

Agentic AI Governance Playbook

Multi-step autonomous agents, tool-calling chains, and the oversight these systems demand. Agent cards, action budgets, kill switches.

Read the playbook →Cross-framework · Documentation

RAG Assurance Playbook

Retrieval-augmented generation has its own attack surface — source provenance, index drift, poisoning risk. Control it.

Read the playbook →Cross-framework · Vendor

Foundation Model Due Diligence Playbook

Bringing a GPAI, Claude, GPT, Gemini, Llama or sovereign model into scope — the diligence a regulated deployer is now expected to perform.

Read the playbook →Cross-framework · Monitoring

Continuous Control Monitoring Playbook

Drift, performance, outcome and complaint monitoring in one pipeline — outputs a supervisor can act on.

Read the playbook →

Map your posture against EU AI Act.

Bring us your current documentation, controls and inventory. We will map them clause by clause against EU AI Act — and against every other regime your portfolio touches — and produce the evidence artifact your supervisor will read.

Speak with a partnerBack to all frameworks →