EU AI Act Compliance Platform

Classify, Govern & Prove
AI Compliance

The compliance platform for Chief Risk Officers, Chief AI Officers, and compliance teams navigating the EU AI Act. System inventory, risk management, technical documentation, human oversight, conformity assessment, and regulatory intelligence โ€” delivered as SaaS, ready in minutes.

14
Compliance Phases
19
Accountability Roles
4 Tiers
Risk Classification
SaaS
Cloud Platform
The Regulatory Challenge
The EU AI Act is here. Compliance is not optional.
Regulation (EU) 2024/1689 is the world's first comprehensive legal framework for AI. It imposes binding obligations on every organisation that develops, deploys, imports, or distributes AI systems within the EU market.
โฐ

Enforcement Timeline

The clock is running. Key milestones are already past, with the most impactful obligations taking effect in 2026.

DateMilestone
Aug 1, 2024AI Act entered into force
Feb 2, 2025Prohibited practices + AI literacy obligations apply
Aug 2, 2025GPAI obligations + governance provisions apply
Aug 2, 2026High-risk AI system requirements apply (Annex III)
Aug 2, 2027High-risk AI as product safety components (Annex I)
๐Ÿ’ฐ

Penalty Structure

Non-compliance exposes organisations to fines scaled to the severity of violations.

Prohibited practicesโ‚ฌ35M / 7%
High-risk system obligationsโ‚ฌ15M / 3%
Incorrect informationโ‚ฌ7.5M / 1%

Fines are the maximum of EUR amount or % of global annual turnover. SMEs and startups subject to proportionally lower caps.

๐Ÿงฉ

The Complexity Problem

Track AI systems across multiple risk tiers. Manage different obligations for different value chain roles. Maintain documentation that auto-populates across modules. Run continuous risk management with trigger-based reviews. Prove everything to regulators. FastAIShield solves this in a single platform.

Risk Classification Engine
Four Risk Tiers. One Decision Tree.
Every AI system is classified using an Article 6 guided decision tree. FastAIShield automates classification and continuously monitors for prohibited practices.
Prohibited

Unacceptable Risk

Social scoring, manipulative AI, real-time remote biometric identification in public spaces, emotion recognition in workplace/education.

BANNED ยท ART. 5
High-Risk

Annex III + Annex I

Credit scoring, recruitment AI, medical diagnostics, critical infrastructure, law enforcement, education assessment.

FULL COMPLIANCE ยท ART. 6
Limited-Risk

Transparency Only

Chatbots, deepfake generators, emotion recognition systems (non-prohibited), biometric categorisation.

DISCLOSE AI ยท ART. 50
Minimal-Risk

No Mandatory Obligations

Spam filters, AI-enhanced video games, inventory management. Voluntary codes of conduct encouraged.

VOLUNTARY ยท ART. 95
Compliance Lifecycle
10 Phases. Full Regulatory Coverage.
FastAIShield manages the entire EU AI Act compliance lifecycle โ€” from initial system discovery through post-market monitoring and regulatory reporting.
๐Ÿ“‹ Inventory
โ†’
โš  Risk
โ†’
๐Ÿ“„ Docs
โ†’
๐Ÿ” Data
โ†’
๐Ÿ‘ Oversight
โœ“ Conformity
โ†’
๐Ÿ›ก GPAI
โ†’
๐Ÿ“ก Monitoring
โ†’
๐Ÿค Stakeholders
โ†’
๐Ÿ“Š Intelligence
Core Compliance Modules
Every Obligation. Every Article.
10 compliance modules covering every regulatory requirement from system inventory through regulatory intelligence. Each maps directly to specific EU AI Act articles.
๐Ÿ“‹

AI System Inventory & Classification

Register every AI system, classify into risk tiers using the Article 6 decision tree, detect shadow AI with automated discovery, and monitor for prohibited practices in real time.

Art. 3, 5, 6 ยท Annex I / III ยท 7 pages
โš 

Risk Management System

Continuous risk management with risk registers, mitigation planning, Fundamental Rights Impact Assessments, and a control library mapped to ISO 42001 and NIST AI RMF.

Art. 9 ยท 7 pages
๐Ÿ“„

Technical Documentation & Records

Annex IV technical documentation builder with 9 standard sections, auto-population from other phases, immutable event logging with hash chaining, and 10-year retention enforcement.

Art. 11, 12, 18, 19 ยท Annex IV ยท 8 pages
๐Ÿ”ฌ

Data Governance & Bias Management

Dataset registry with full lineage, automated bias scanning across protected characteristics, fairness metrics (statistical parity, equalized odds, calibration), and data quality scoring.

Art. 10 ยท 8 pages
๐Ÿ‘

Human Oversight & Transparency

Oversight policies per AI system with configurable review levels, transparency disclosure management for Article 50 obligations, and AI literacy tracking with 5 proficiency tiers.

Art. 13, 14, 50, 4 ยท 5 pages
โœ“

Conformity Assessment & QMS

Quality Management System framework builder covering all 13 Article 17 elements, conformity assessment workflows for Annex VI and Annex VII, EU Declaration of Conformity generator, and CE marking.

Art. 17, 43, 47-49 ยท Annex VI / VII ยท 6 pages
๐Ÿ›ก

GPAI & Security

GPAI model inventory, systemic risk assessment, red teaming, accuracy benchmarking, robustness testing, and AI-specific cybersecurity threat modelling.

Art. 15, 51-56
๐Ÿ“ก

Post-Market Monitoring

Continuous monitoring dashboards, drift detection (data, concept, performance, fairness), serious incident workflows with 15-day notification deadlines, and corrective actions.

Art. 72, 73, 20
๐Ÿค

Multi-Stakeholder

Provider, deployer, importer, and distributor compliance workflows, deployer onboarding, worker notifications, right to explanation, and role change detection.

Art. 16, 22-27
๐Ÿ“Š

Regulatory Intelligence

Standards tracking, compliance scorecard, board report generator, financial impact calculator, Shield Agent AI assistant, and integration marketplace.

Art. 113, 62, 57
10-Year
Audit Trail Retention
15-Day
Incident Response SLA
100%
Annex III Domain Coverage
Board-Ready
Compliance Reporting
Platform Architecture
One Dashboard. Complete Regulatory Visibility.
FastAIShield gives your Chief Risk Officer, Chief AI Officer, and compliance team a single pane of glass across the entire AI portfolio โ€” from risk posture to regulator-ready documentation.

Compliance Scorecard

A 0โ€“100 score across all compliance dimensions โ€” updated continuously as your team works. Know your exact regulatory exposure at any moment, not just during audits.

Real-time posture

Regulator-Ready at All Times

Technical documentation, risk assessments, and conformity declarations are always up-to-date and packaged for authority submission. No scramble when regulators come calling.

Always audit-ready

Board-Ready Reporting

Generate executive compliance reports in PDF, PPTX, or DOCX โ€” with fine exposure modelling, risk heatmaps, and remediation progress. Built for the boardroom, not the server room.

C-suite visibility

Cross-Module Auto-Population

Data captured in one module flows automatically to others. Register an AI system once โ€” risk assessments, documentation, and oversight policies reference it everywhere. No duplicate data entry.

Single source of truth
โ‚ฌ

Fine Exposure Calculator

Model your financial exposure based on current compliance gaps. See exactly what non-compliance costs โ€” by AI system, by violation category, by risk tier. Prioritise remediation by business impact.

Financial risk modelling

Deadline & Milestone Alerts

Countdown calendars for every enforcement milestone, conformity deadline, and incident notification window. Automated alerts ensure nothing slips through the cracks.

Never miss a deadline
Accountability Framework
19 Roles. Real Accountability.
Traditional admin/editor/viewer RBAC cannot capture the EU AI Act's accountability requirements. FastAIShield uses a 19-role architecture across 4 categories, where each role exists because the Act requires it.
  • โœ“Platform Roles (3) โ€” Control login, navigation, and domain management. IT layer with no inherent compliance authority
  • โœ“Compliance Roles (8) โ€” Define compliance actions with inheritance hierarchy. Leadership, Operational, and Supporting tiers
  • โœ“Personnel Designations (3) โ€” Track operational staff performing regulated activities. Per-AI-system assignments
  • โœ“Value Chain Roles (5) โ€” Provider, Deployer, Importer, Distributor, Authorized Representative โ€” activating different compliance workflows per AI system
Leadership Tier
๐Ÿ‘‘
AI Governance Owner
Art. 17(m) ยท Sign declarations ยท Approve conformity ยท Level 100
๐Ÿ“ก
Authority Liaison
Art. 21, 73 ยท Regulatory communications ยท Level 90
Operational Tier
๐Ÿ“‹
Compliance Officer
Art. 9, 11, 17, 72 ยท Risk, docs, QMS, PMM ยท Level 80
๐Ÿ‘
Human Oversight Manager
Art. 14, 26(2) ยท Oversight policies ยท Level 70
๐Ÿ”ฌ
Data Governance Lead
Art. 10 ยท Datasets, bias, quality ยท Level 70
Supporting Tier
โœŽ
Contributor / Auditor / Viewer
Scoped write ยท Full read ยท Dashboard access ยท Levels 10โ€“20
System Inventory
Find, Classify, and Monitor every AI System.
The foundation of compliance. Register, classify, and continuously monitor every AI system in the organisation โ€” including shadow AI discovered automatically.
  • โœ“Full Lifecycle Tracking โ€” Development, testing, production, retired โ€” complete status management per AI system
  • โœ“Classification Wizard โ€” Guided Article 6 decision tree walks users through risk tier assignment step-by-step
  • โœ“Prohibited Practices Scanner โ€” Automated detection of Article 5 violations: social scoring, manipulative AI, real-time biometrics
  • โœ“Shadow AI Discovery โ€” Scanning framework that discovers undocumented AI systems across your technology estate
  • โœ“Executive Dashboard โ€” Risk distribution analytics with real-time compliance status across the entire AI portfolio
๐Ÿ›กAI System Registry
โ— 12 Systems
3
High-Risk
5
Limited
4
Minimal
0
Prohibited
HIGH-RISK SYSTEMS
๐Ÿ”ถ Credit Scoring EngineAnnex III ยท Production
๐Ÿ”ถ Recruitment ScreenerAnnex III ยท Testing
๐Ÿ”ถ Diagnostic AssistantAnnex III ยท Development
COMPLIANCEScore: 78/100 ยท 2 actions required
Technical Documentation
Annex IV Docs that Build Themselves.
Technical documentation is the most labour-intensive compliance requirement. FastAIShield auto-populates documentation sections from data already captured across other compliance modules.
  • โœ“9-Section Builder โ€” Structured Annex IV documentation covering system description, design specs, data requirements, and more
  • โœ“Auto-Population โ€” Documentation sections pre-filled from inventory, risk, and data governance modules
  • โœ“Immutable Audit Trail โ€” Cryptographic hash chaining for tamper-evident event logging
  • โœ“Retention Enforcement โ€” Automated 10-year document and 6-month log retention per the Act's requirements
  • โœ“Authority Submission โ€” Package documentation for regulatory requests in structured formats
๐Ÿ“„Annex IV Technical Document
โ— Credit Scoring Engine
ยง1 System Descriptionโœ“ Approved
ยง2 Design Specificationsโœ“ Approved
ยง3 Data Requirementsโ†ป Auto-populated
ยง4 Monitoring & Operationโ—Ž In Review
ยง5 Risk Managementโ†ป Auto-populated
ยง6โ€“ยง9 Remainingโ—Œ Draft
AUDIT TRAIL42 events ยท Hash-chained ยท Tamper-evident
FastAIAgent Integration
Compliance meets Agent Execution.
FastAIShield integrates directly with FastAIAgent โ€” linking compliance records to live AI agent operations for end-to-end traceability and governance.
๐Ÿ”—

Agent Traceability

Link AI system compliance records to specific FastAIAgent agents and chains via linked_agent_id and linked_chain_id fields.

Cross-platform linking
๐Ÿ‘ค

Single Sign-On

Shared users and domains tables for unified authentication across both platforms. One identity, two products.

Shared Auth Layer
๐Ÿค–

Shield Agent

AI-powered compliance assistant deployed as a FastAIAgent agent with a comprehensive EU AI Act knowledge base. Get AI-assisted compliance guidance within the platform.

Phase 10 ยท AI Assistant
๐Ÿ‘

HITL Oversight Capture

Integrates with FastAIAgent's Human-in-the-Loop hooks to capture oversight decisions from operational AI systems in real time. Every approval, rejection, and override is logged as a compliance record.

Real-time Decision Capture
๐Ÿ“Š

Agent Compliance Tracking

Monitor compliance status of agents deployed via FastAIAgent. Track risk tier, documentation completeness, and oversight coverage for each operational agent.

Operational Compliance
High-Risk Domains
The Eight Annex III Categories.
FastAIShield's classification engine covers all eight high-risk domains defined in Annex III of the EU AI Act. If your AI system operates in any of these areas, full compliance is required.

Biometrics

Identification and categorisation of natural persons

Critical Infrastructure

Road traffic, water, gas, heating, electricity

Education

Access determination, assessment, monitoring

Employment

Recruitment, selection, evaluation, monitoring

Essential Services

Credit scoring, public assistance, emergency dispatch

Law Enforcement

Risk assessment, polygraphs, evidence evaluation

Migration & Border

Application assessment, security risk, document verification

Justice & Democracy

Legal research, case outcome interpretation

Pricing
Start Basic. Scale with Compliance.
From individual teams to enterprise-wide governance. Choose the tier that matches your AI portfolio.
Basic
โ‚ฌ9.99
forever
AI system inventory for up to 2 systems with basic risk tier classification. Get started with compliance today.
Get Started
Pro
โ‚ฌ499
per month
Full compliance suite for providers โ€” risk management, documentation, oversight, conformity assessment, and post-market monitoring.
Start Pro
Enterprise
โ‚ฌ1999
per month
Multi-tenant with value chain management, cross-org compliance sharing, regulatory intelligence dashboard, and dedicated onboarding.
Contact Sales
Part of the FastAIFoundry Ecosystem
Govern what you Build.
FastAIShield is the governance layer within the broader FastAIFoundry product family. Build agents in AIAgent. Consume them in AIWorkspace. Ground them in AIContext. Govern them with AIShield.

FastAIAgent

Build, test, deploy, and run intelligent agents with visual workflows, knowledge bases, and full lifecycle management.

Live

FastAIWorkspace

Thin-client consumption portal for business users. Run agents, view results, and manage work โ€” no technical skills required.

Live

FastAIContext

The Business Context layer. Knowledge graphs, entity resolution, and semantic understanding that makes agents organisation-aware.

Coming Soon

FastAIShield

AI Governance and Compliance. Risk assessment, audit trails, and regulatory readiness for EU AI Act and beyond.

You are here
Security, Trust & Deployment
Enterprise-grade Security. Your Choice of Deployment.
Available as a fully managed SaaS platform or self-hosted on your own infrastructure. Either way, your compliance data stays under your control with enterprise-grade security at every layer.
โ˜

Managed SaaS

Sign up and start classifying AI systems in minutes. We handle infrastructure, updates, and scaling โ€” you focus on compliance. EU-hosted

Recommended ยท Fastest time-to-compliance
๐Ÿณ

Self-Hosted

Deploy on your own infrastructure with Docker Compose. 3-container architecture โ€” frontend, API, and database. Full data sovereignty for organisations with strict data residency requirements.

Docker Compose ยท Air-gapped option
๐Ÿ”

Tamper-Evident Audit Trail

Cryptographic hash chaining ensures every compliance event is immutable and verifiable. No records can be altered retroactively.

๐Ÿ›ก

Separation of Authority

Platform access and compliance sign-off authority are independent. Being an admin never grants regulatory approval power.

๐Ÿ“–

Article Traceability

Every feature maps to specific EU AI Act articles. Your team always knows which regulation drives which requirement.

๐Ÿ”’

Data Sovereignty

EU-hosted SaaS or self-hosted on your infrastructure. Compliance data never leaves your chosen jurisdiction.

EU-Hosted
SaaS Infrastructure
FastAPI
Async Backend
React + TS
Modern Frontend
PostgreSQL
Production Database