What does GuardianAI do?

GuardianAI analyzes technical documentation and detects compliance risks under the EU AI Act, GDPR and ISO 42001.

What documents can I scan?

PDF, DOCX and TXT files up to 25 MB: technical specifications, model cards, risk assessments, privacy policies.

Does GuardianAI replace legal advice?

No. GuardianAI is a RegTech support tool. It does not replace professional legal advice. Human review is recommended for final decisions.

TLS 1.3 + AES-256 encryption. GDPR-compliant European infrastructure. Minimal retention. Your documents are never used to train models.

Regulation (EU) 2024/1689 · In force since August 2024

EU AI Act

The world's first comprehensive regulatory framework for artificial intelligence. Applies to any company that develops, markets or uses AI systems in the European Union — regardless of where it is established.

Audit my compliance free View all articles

€35M

Maximum fine or 7% of global revenue

Risk levels defined

High-risk categories

Aug 2026

Key compliance date

The Regulation

What is the EU AI Act?

Regulation (EU) 2024/1689, known as the EU AI Act, is the world's most comprehensive regulatory framework on artificial intelligence. It was approved in March 2024 and entered into force on 1 August 2024.

Its approach is risk-based: the greater the potential risk of an AI system to people, the stricter the obligations. Minimal-risk systems have minimal obligations, while high-risk systems must comply with strict requirements for documentation, human oversight and conformity assessment.

It has extraterritorial scope: it applies to any company that places AI systems on the European market, regardless of where it is based.

Classification

The 4 risk levels

PROHIBITED

Unacceptable

Directly prohibited systems: social scoring, mass biometrics, subliminal manipulation. Applicable since February 2025.

REGULATED

High Risk

Credit, HR, education, critical infrastructure. Technical documentation, conformity assessment and mandatory registration.

TRANSPARENCY

Limited Risk

Chatbots, deepfakes, generative AI. Obligation to inform the user they are interacting with AI.

FREE

Minimal Risk

Spam filters, AI in games, productivity tools. No specific Regulation obligations.

Deadlines

Application timeline

Aug 2024

Entry into force

The Regulation is law. National supervisory authorities designated.

Feb 2025

Absolute prohibitions

Art. 5: social scoring, real-time biometrics, subliminal manipulation.

Aug 2025

GPAI Models

Chapter V: GPT, Claude, Llama and similar. Technical documentation and copyright.

Aug 2026

High-risk systems

The bulk of the Regulation. Credit, HR, education, critical infrastructure.

Aug 2027

Annex I legacy systems

Systems on the market before Aug 2026 under sectoral legislation.

View detailed deadlines guide

Annex III

High-risk categories

If your company uses or develops AI systems in any of these categories, the high-risk regime applies with all its obligations.

Human Resources

CV selection, performance management, automated dismissals

Credit & Insurance

Credit scoring, policy pricing, risk assessment

Education

Admission to institutions, automated assessment, academic personalization

Law Enforcement

Police analytics, risk assessment, deferred biometric identification

Critical Infrastructure

Energy, water, transport, industrial control systems

Essential Services

Social benefits, emergency services, migration management

View the full Annex III list

Legal requirements

Obligations for high-risk systems

Providers must comply with these requirements before placing the system on the market.

Art. 9

Risk Management

Iterative process to identify, analyze and mitigate risks throughout the entire lifecycle.

Art. 10

Data Governance

Training data management practices: quality, representativeness, bias detection.

Art. 11

Technical Documentation

Comprehensive system documentation (Annex IV) proving conformity.

Art. 12

Record-Keeping

Automatic traceability capability during system operation.

Art. 13

Transparency

The deployer must be able to understand the capabilities and limitations of the system.

Art. 14

Human Oversight

Technical measures enabling persons to supervise and stop the system.

Art. 15

Accuracy & Robustness

The system must be accurate, resilient and cyber-secure throughout its lifecycle.

Art. 49

EU Database Registration

High-risk systems must be registered before being placed on the market.

View each article in detail — what they require and what GuardianAI scans

Resources

Guides and related articles

EU AI Act Deadlines 2024-2027: The Key Dates6 min

Prohibited AI Systems: What Article 5 Says7 min

High-Risk Classification: Annex III Explained8 min

GPAI Models: Obligations for Generative AI8 min

Technical Documentation: Practical Guide (Annex IV)9 min

Conformity Assessment and CE Marking8 min

EU AI Act Fines: Up to 7% of Global Revenue7 min

EU AI Act and SMEs: A Practical Guide7 min

GuardianAI

Does your company comply with the EU AI Act?

Upload your technical documents and contracts and GuardianAI identifies your compliance gaps in minutes, automatically mapping against the Regulation's articles.

Start free View plans