Evidence starters you can put in a folder
Run the browser tools when you need a diagnosis. Use these files when someone asks, “Where is the record?” Register first. Then classify, assign owners, evidence the notice, and keep the training trail.
XLSX worksheet and Markdown starter register. Deployer Obligations Checklist
Article 26 evidence starter. Compliance Matrix
Role-by-article matrix. Article 50 Notice Templates
Copy-ready starter notices. AI Literacy Evidence Log
Training records starter. AI Vendor Intake Template
Procurement and supplier due diligence. FRIA Starter Worksheet
Fundamental-rights impact prep. Human Oversight Evidence Log
Reviewer intervention records. Serious Incident Register Lite
Incident intake and closure record. Shadow AI Discovery Tracker
Questionnaire and remediation tracker.
CORE COMPLIANCE 9 guides
EU AI Act Compliance Guide: Complete Roadmap for August 2026
Risk classification, obligations by role, enforcement timeline, and step-by-step preparation. The starting point for every compliance programme.
High-Risk AI Deployer Guide: Articles 26-29 Obligations
Human oversight, FRIA, monitoring, record-keeping, and incident reporting for Annex III systems. What deployers actually have to do.
Provider vs Deployer: Who Bears Which Obligation?
Side-by-side comparison of provider and deployer duties. When deployers become providers, and the grey zones in between.
EU AI Act for Non-EU Companies: Extraterritorial Reach
When third-country providers and deployers are caught. Authorised representative requirements and enforcement mechanics.
Article 4 AI Literacy: Already Enforceable Since February 2025
Practical guide to the AI literacy obligation. Training scope, who needs it, documentation requirements, and what the AI Office expects.
Article 50 Transparency & AI Content Marking Guide
Transparency obligations for AI-generated content, deepfake labelling, watermarking, and the draft Code of Practice.
GPAI & Foundation Models: Obligations and Code of Practice
General-purpose AI model obligations: transparency, copyright compliance, systemic risk classification, and the GPAI Code of Practice.
FRIA + DPIA Combo Guide: Run Both Without Duplicating Work
How to run a Fundamental Rights Impact Assessment alongside a GDPR DPIA. Unified workflow, shared evidence, single documentation set.
Shadow AI: Complete Guide to Governing Unauthorised AI Use
Identifying, assessing, and governing unauthorised AI in your organisation. Risk framework, detection methods, and policy templates.
INDUSTRY GUIDES 6 guides
EU AI Act for Financial Services
AI in lending, credit scoring, fraud detection, and insurance underwriting. Annex III classification and deployer obligations for regulated firms.
Financial Services Compliance Stack: AI Act + PSD2 + DORA + GDPR
Deep dive into the regulatory stack. How obligations layer for financial AI deployers across five concurrent regimes.
EU AI Act for Insurance: Underwriting, Claims & Pricing
AI in underwriting, claims triage, and pricing. Annex III scope, actuarial transparency, and deployer obligations for insurers.
EU AI Act for Healthcare: Clinical AI, MDR & the HAS Guide
AI in clinical decision support, diagnostics, and triage. MDR intersection, Annex III classification, and the HAS/CNIL healthcare guide.
EU AI Act for Education: Admissions, Grading & Proctoring
AI in admissions, grading, proctoring, and learning platforms. Annex III scope and deployer obligations for educational institutions.
EU AI Act for HR & Recruitment: Hiring AI Compliance
AI in hiring, screening, ranking, and workforce management. Annex III high-risk classification and Article 26(7) employee notification.
FRAMEWORK COMPARISONS 5 guides
EU AI Act vs GDPR: Overlap, Divergence & Unified Compliance
Where the AI Act and GDPR overlap, where they diverge, and how to run compliance for both without duplicating effort.
EU AI Act vs US AI Regulation: Two Approaches Compared
Horizontal EU regulation vs fragmented US state laws. Colorado, Illinois, NIST AI RMF, and what multinationals must track.
ISO 42001 / NIST AI RMF / EU AI Act: Three-Way Mapping
Control-by-control alignment of ISO 42001, NIST AI RMF 1.0, and EU AI Act requirements for integrated AI governance.
ISO 42001 vs NIST AI RMF: Head-to-Head Comparison
Scope, structure, certification, and which to adopt first. Side-by-side assessment of the two leading AI governance frameworks.
DORA / NIS2 / AI Act Incident Reporting Playbook
Incident reporting under DORA (72h), NIS2 (24h), and the EU AI Act. Unified timeline, authority mapping, and notification template.
COUNTRY ENFORCEMENT 4 guides
EU AI Act in Germany: KI-MIG, BNetzA & Works Councils
KI-MIG implementation, BNetzA as market surveillance authority, works council co-determination, and compliance for companies in Germany.
EU AI Act in Ireland: AI Office & 15 Competent Authorities
AI Office of Ireland, CBI oversight for financial services, DPC/GDPR enforcement overlap, and the AI Bill timeline.
EU AI Act in Spain: AESIA — 20+ guides & 12 Sandbox Projects
AESIA: the EU's most advanced national AI authority. English-language summary of 20+ guides and sandbox participation.
EU AI Act in France: CNIL Enforcement & Grok Precedent
CNIL enforcement posture, HAS healthcare AI guide, Grok deepfake prosecution precedent, and CSE labour law obligations.
Assess Your AI Systems Now
Use our free diagnostic tools and guides to check your EU AI Act exposure and decide your next compliance step.
Jump from reading to action
Use the guides hub to get the operational picture, then move into the tools and reference pages that help teams document decisions.
Reference pages
Featured guide paths
Choose the right EU AI Act evidence pack
Use the new evidence-pack selector to route deployer, provider, shadow AI, AI literacy, incident, and sector workstreams to the correct starter files.