EU AI Act Compliance
Satisfy EU AI Act requirements in your workflows.
The EU AI Act (Regulation (EU) 2024/1689) is the world's first comprehensive AI regulation. Ketryx helps teams meet the risk-based obligations without replacing the tools they already use.
30 minutes · No commitment · Tailored to your regulatory requirements
.png)
EFFECTIVE 2 AUG 2026 · ANNEX I PRODUCTS BY 2 AUG 2027
The world's first comprehensive AI regulation
Classify by risk. Prove conformity
High-risk systems require conformity assessments, technical documentation, and EU database registration. CE marking follows the AI Act or the applicable sectoral regulation.
Be continuously compliant
Risk assessments, post-market monitoring, and documentation are ongoing obligations across the full AI lifecycle, not a pre-launch checklist.
Oversight built in, not bolted on
High-risk systems must be built to support human oversight, minimize bias (Article 10), and support traceability for Article 11/12 documentation and logging.
The Problem
Siloed governance doesn’t survive the EU AI Act
The regulation imposes compliance obligations across the entire AI supply chain: providers, deployers, importers, and distributors.
- Risk classifications must be traced to mitigations and test results
- Training data, model decisions, and outputs must be documented and auditable
- Human oversight and technical documentation built in from day one
How Ketryx
can help
Ketryx makes EU AI Act compliance part of the development workflow, not a separate workstream, integrating risk management, traceability, and technical documentation into the tools your teams already use.
This page covers high-risk AI system obligations (Title III). GPAI model obligations (Title VIII) are not covered.
This page covers high-risk AI system obligations (Title III). GPAI model obligations (Title VIII) are not covered.
Technical Documentation & Traceability
Automated documentation and end-to-end traceability for EU AI Act Article 11
Article 11 requires documentation on system design, methodology, risk management, and performance. Ketryx generates version-locked documents from live project data and builds a real-time traceability matrix across connected systems.
Explore Documentation →
Auto-generated system descriptions, risk files, and traceability reports retained for EU AI Act retention periods
Real-time traceability matrix showing coverage gaps, requirements without tests, and risks without controls
Cross-system traceability: Jira, GitHub, Azure DevOps, TestRail, and more
Risk Management
AI risk management aligned with Article 9
Article 9 requires a risk management system across the AI lifecycle. Ketryx connects identification to mitigation, verification, and monitoring.
Explore Risk Management →
Identification, assessment, mitigation, and residual risk documentation workflows
AI-assisted hazard identification from requirements, design, and code changes
Risk controls linked to implementation evidence and verification results
Quality Management
Quality management system for Article 17
Article 17 requires a QMS covering development, data management, risk management, change control, and post-market monitoring. Ketryx enforces it with engineering controls in your existing workflows.
Explore Enforcement →
.png)
Multi-group approvals with role-based access enforcement
Cross-system SOP enforcement, blocking non-compliant releases
Change request and CAPA workflows with traceability and audit trails
Deployer Obligations
Independent obligations for deployers under Article 26
Article 26 obliges deployers to: designate competent human oversight personnel, ensure input data quality where they control inputs, monitor the system during use, conduct fundamental rights impact assessments (required for public bodies and certain private entities under Article 27), and retain automatically generated logs for at least six months. On a serious incident, deployers must immediately notify both the provider and the market surveillance authority.
Explore Enforcement →
Approval workflows for human oversight personnel with input data quality controls
Audit-ready documentation to demonstrate compliance with Article 26's six-month log retention requirement
Documented incident reporting workflows with fundamental rights impact assessment evidence (Article 27)
Ketryx Assistant
An AI assistant that works inside your project, not around it
The Ketryx Assistant generates compliant artifacts, analyzes traceability, and answers QMS questions using your actual project data, including your requirements, risks, tests, and design history, instead of generic training sets. Originally built for FDA-regulated work, these capabilities apply directly to EU AI Act high-risk AI system obligations under Title III.
Explore AI Assistant →
AI-powered change impact analysis across requirements, code, and test layers
Automated gap detection in traceability and technical documentation coverage
Human-in-the-loop workflows ensuring quality and audit defensibility for every AI-generated output
Secure SDLC
Continuous monitoring and incident reporting
Providers must establish post-market monitoring and report serious incidents within Article 73 timeframes.
Explore SBOM →
.png)
Continuous vulnerability monitoring with automatic advisories
SBOM generation from Git repositories in CycloneDX and SPDX formats
Article 73 incident reporting workflows with evidence trails
How Aignostics is Accelerating AI Development with Ketryx
Aignostics is a global artificial intelligence (AI) company that turns complex multi-modal pathology data into transformative insights. With an expanding portfolio of AI-powered pathology products, Aignostics needed a streamlined, integrated solution to support their regulated software development processes and ISO 13485 certification. By transitioning to Ketryx, Aignostics was able to cut their release time down to three months while staying compliant.
Read the case study
.svg)