Regulatory Evidence

Traceable EU AI Act compliance measurement.

Provectio helps law firms, AI companies, and compliance teams measure documentation against the regulation, identify what is missing, and produce source-linked evidence for audit, legal, and compliance review. Provectio measures. It does not advise.

Start compliance measurement View case studies

2 August 2026 EU AI Act enforcement date for high-risk obligations

EUR 35,000,000 Maximum administrative fine per violation

What We Have Already Measured

Provectio has already measured the EU AI Act as a working evidence layer: obligations, addressees, instruction gaps, tensions, and penalty-linked structure. This is the foundation beneath the client-specific assessments.

632 addressable units measured across 113 articles

1,063 addressee obligations mapped

35 instruction gaps identified

38 force deltas detected

2,203 structural tensions catalogued

100% pipeline pass rate (632/632)

What The Evidence Looks Like

Each provision can be assessed as more or less operational, compulsory, declarative, and role-specific. That helps show not only what the law says, but how strongly and how concretely it binds.

Operational force

0.33

Compulsory force

0.85

Declarative force

0.75

Positional force

0.92

Article 25(1)(a), Responsibilities along the AI value chain. Every finding carries a SHA-256 integrity hash.

See the evidence

Free sample

A single clause analysed through the full pipeline: classification, obligation strength, compliance orientation, and integrity hash. Inspect the output before purchasing.

Free download. No registration required.

Download sample →

Case studies

Three systems, three risk categories, three different findings. HR tech, credit scoring, and GPAI, each with real numbers from the Provectio index.

View case studies →

Product walkthrough

Inspect the output format before engaging: classification logic, documentation gap structure, and the evidential form of a Provectio finding.

Request walkthrough →

Core Compliance Measurement Offers

Start with a classification, then move to documentation measurement and full gap analysis as needed. Available directly or through legal advisory partners.

Classification

EUR 2,500

48 hours

Risk tier determination and applicable article list, filtered by Annex III category and addressee role. Process ID and integrity hash included.

Technical File

EUR 15,000

1 week

Annex IV coverage across 22 sections. Force-gap measurement per requirement. Instruction-gap findings with penalty links.

Comprehensive

EUR 35,000

2 weeks

Full article-by-article gap analysis. Penalty exposure per finding. Compliance orientation with force deltas.

Beyond the EU AI Act: Regulatory Compliance Measurement

Provectio is entering the market through the EU AI Act. The same measurement logic can later extend into adjacent regulatory corpora where the evidence burden justifies the depth.

EU AI Act US Contract Law Danish Contract Law EU Contract Law UK Contract Law

Next: GDPR, DORA, MiFID II, and medical device regulation.

Frequently asked questions

What is a conformity assessment under the EU AI Act?

A conformity assessment is the process by which an AI system provider demonstrates that their system meets the requirements of the EU AI Act before placing it on the market. For high-risk systems, this includes technical documentation (Annex IV), risk management, and quality management. Provectio measures documentation against these requirements.

When does the EU AI Act take effect?

The EU AI Act entered into force on 1 August 2024. Prohibited practices applied from 2 February 2025. GPAI obligations from 2 August 2025. High-risk system obligations apply from 2 August 2026.

What are the penalties for non-compliance?

Penalties range from EUR 7,500,000 (1% of turnover) for incorrect information, to EUR 15,000,000 (3%) for most obligations, to EUR 35,000,000 (7%) for prohibited practices. The higher of the fixed amount or turnover percentage applies.

What is Annex III of the EU AI Act?

Annex III lists the categories of high-risk AI systems. These include AI used in recruitment, credit scoring, law enforcement, border management, critical infrastructure, education, and medical devices. Systems in these categories must complete a conformity assessment before 2 August 2026.

What does Provectio measure?

Provectio measures documentation against regulatory requirements. It identifies where your documentation meets the regulation, where it falls short, and by how much. Every finding carries a cryptographic integrity hash. Provectio measures. It does not advise.

Do I need a notified body for the EU AI Act?

Most high-risk AI systems can use internal conformity assessment (Annex VI) without a notified body. Notified body involvement is required only for certain biometric identification systems and where the provider chooses the quality management route (Annex VII). Provectio's measurement applies regardless of the assessment route.

For law firms

Your lawyers interpret. Our system measures. Together you give clients something neither can produce alone: a classification with a forensic receipt, delivered in 48 hours, that your legal advice builds on.

Partner with Provectio

Methodology published and independently citable. Every finding is designed to be traceable to source and process.

Defensive publication DOI: 10.5281/zenodo.19497502

Author Keith Shepherd (ORCID)

Method Regulatory evidence measurement

Press and research

For media enquiries, speaking requests, and academic citations, contact press@provectio.legal.

Defensive publication DOI: 10.5281/zenodo.19497502

Author Keith Shepherd (ORCID)