“Know your risk tier before the regulator does.”
Editor's note
Describe your AI system, its intended purpose, the data it uses, and where you deploy it. The tool classifies it across the EU AI Act risk tiers, checks it against prohibited practices, lists the obligations and deadlines that apply to your role, and drafts an Annex IV technical documentation template mapped to ISO/IEC 42001.
Tagged
§ Section I
Tell the tool what the system does, how much autonomy it has, what decisions or outputs it produces, and the context it runs in. The intended purpose is what drives Annex III classification, so be concrete — "ranks job applicants for recruiters" classifies very differently from "suggests email subject lines".
Pick whether you are the provider, deployer, importer, or distributor, since obligations differ sharply by role. Add the markets where the system is placed or used, and flag if it is a general-purpose AI model, which triggers the separate Articles 51–55 track.
You get a risk-tier verdict with Article citations, an Article 5 prohibited-practice screen, an obligations table with phased deadlines, a tailored Annex IV technical-documentation template you can download, an ISO/IEC 42001 mapping, and a prioritized list of next steps.
§ Section II
Find out early whether your product is high-risk, limited-risk, or in the clear under the Act, so EU market access does not become a surprise blocker right before a launch or a funding round.
Translate a model and its intended purpose into a concrete obligations list with Article references and deadlines, so you know what to build into the roadmap rather than discovering it during an enterprise security review.
Generate a fast, Article-cited first-pass classification and an Annex IV documentation skeleton for each AI system, then refine it with your own judgment instead of starting from a blank page.
Confirm your role under the Act and the verification duties that come with it before you place a third-party system on the EU market or sign a declaration of conformity.
§ Section III
The Act takes a risk-based approach. Unacceptable-risk systems are prohibited outright under Article 5 (for example social scoring or emotion recognition in the workplace). High-risk systems fall under Annex III or Article 6 (such as CV screening, credit scoring, or biometric ID) and carry the heaviest obligations. Limited-risk systems — chatbots, deepfakes, synthetic content — owe transparency duties under Article 50. Everything else is minimal-risk with no specific obligations under the Act.
Anyone placing an AI system on the EU market or putting it into service in the EU, regardless of where the company is based. The Act assigns different duties by role: providers (Article 3(3)) carry the bulk of the obligations, deployers (Article 3(4)) have Article 26 duties, and importers and distributors verify conformity under Articles 23 and 24. A deployer that substantially modifies a high-risk system, or sells it under its own name, becomes a provider under Article 25.
The Regulation entered into force on 1 August 2024 and phases in. The Article 5 prohibitions and AI-literacy duties applied from 2 February 2025. GPAI obligations, governance, and penalties applied from 2 August 2025. The Act applies generally — including Article 50 transparency and Annex III high-risk obligations — from 2 August 2026, with high-risk systems that are safety components of regulated products (Article 6(1)) following on 2 August 2027.
No. This is an informational readiness assessment, not legal advice or a conformity assessment under Article 43. It helps you classify the system, see which obligations are in play, and start the Annex IV documentation. Borderline calls — an Article 6(3) carve-out, whether fine-tuning counts as substantial modification, or a GPAI systemic-risk threshold — need qualified counsel.
A general-purpose AI model (Article 3(63)) is trained on broad data and can be adapted to many downstream tasks, like a large language or image model. It sits on a parallel track: all GPAI providers owe Article 53 duties (technical documentation, downstream information, a copyright policy, and a training-data summary), and models presumed to carry systemic risk — above roughly 10^25 FLOPs of training compute under Article 51 — owe additional Article 55 obligations such as model evaluations and adversarial testing.
Each assessment costs 10 credits, so you can re-run it whenever the system or its scope changes. Completed reports are stored for 30 days on paid plans and 7 days on the free plan, and you can download the Annex IV template as Markdown to keep a permanent copy.