EU AI Act
The EU AI Act came into full effect in August 2026. GOVERN has built-in support for the key compliance obligations across all risk tiers.
Risk tier mapping
GOVERN uses the EU AI Act risk classification framework as its default inventory taxonomy:
| GOVERN tier | EU AI Act category | Examples |
|---|---|---|
| Prohibited | Prohibited AI practices (Article 5) | Social scoring, real-time biometric surveillance |
| High-Risk | High-risk AI systems (Annex III) | Recruitment, credit scoring, law enforcement |
| Limited-Risk | Transparency obligations (Article 50) | Chatbots, deepfake generators |
| Minimal-Risk | No specific obligations | Spam filters, AI-powered games |
Article coverage in GOVERN
| Article | Requirement | GOVERN coverage |
|---|---|---|
| Article 9 | Risk management system | Continuous assessment + remediation workflows |
| Article 10 | Data governance | Data lineage tracking (via SDK metadata) |
| Article 12 | Record-keeping | Immutable audit trail, 7-year retention |
| Article 13 | Transparency | Disclosure enforcement via policy |
| Article 14 | Human oversight | Alert routing + remediation approval workflows |
| Article 17 | Quality management | Policy versioning + compliance reporting |
Generating an Article 12 record
Go to Compliance → EU AI Act Report. Select the system and date range. GOVERN generates a structured report containing all assessment records, policy versions, violation log, and remediation history formatted for Article 12 submission.
Continuous compliance monitoring
GOVERN’s EU AI Act policy template automatically applies the appropriate scorer set for your system’s risk tier. It updates automatically when new guidance is issued.