12 min read
Enterprise Guide
17 Jun 2026
Last Updated on
Key Takeaways
The EU AI Act is the world's first comprehensive AI regulation and applies to any provider, deployer, importer, or distributor whose AI system reaches the EU market, regardless of where the company is headquartered.
High-risk AI systems carry the heaviest obligations across risk management, data governance, transparency, accuracy, cybersecurity, quality management, and post-market monitoring.
Articles 9, 10, 13, 15, 17, and 72 carry the operational weight of compliance for most enterprise AI deployments, and each requires continuous evidence rather than point-in-time documentation.
Penalties reach the higher of EUR 35 million or 7 percent of global annual turnover for prohibited practices, and the higher of EUR 15 million or 3 percent for breaches of high-risk obligations.
Agentic AI raises the operational difficulty of every article because agents act autonomously, persist across sessions, hold identities, and compose into multi-agent systems that no point-in-time audit can capture.
Disseqt is the Assurance Layer for Enterprise AI, EU-native, Irish-founded, and built for the operational evidence the EU AI Act expects regulators to receive.
What the EU AI Act is and who it applies to
The EU AI Act is the European Union's binding regulation on artificial intelligence. It establishes a risk-tiered framework that prohibits a small number of unacceptable practices, imposes substantial obligations on high-risk AI systems, sets transparency rules for general-purpose AI and certain limited-risk applications, and exempts minimal-risk uses from most requirements. The full text is available at the EU AI Act official portal.
The Act applies to four actor categories. Providers develop AI systems and place them on the market under their own name. Deployers put AI systems into use under their authority, typically inside their own operations. Importers bring AI systems into the EU on behalf of a non-EU provider. Distributors make AI systems available on the EU market without changing their properties. Most enterprises building or buying agentic AI carry obligations as both providers and deployers, often simultaneously.
Geographic reach is extraterritorial. The Act applies to non-EU companies whose AI systems are placed on the EU market, used by deployers established in the EU, or produce outputs intended to be used in the EU. A US-headquartered bank running an AI underwriting agent that serves European customers is in scope. A model provider in another jurisdiction selling API access to EU deployers is in scope. The legal trigger is the system's reach, not the company's address.
Compliance is phased. Prohibited practices became enforceable from February 2025. Obligations on general-purpose AI models took effect from August 2025. The bulk of obligations on high-risk AI systems become enforceable from August 2026, with certain provisions extending to August 2027 for systems embedded in regulated products. Enterprise programmes targeting the August 2026 milestone need their risk management, data governance, and post-market monitoring evidence operational well before that date.
High-risk AI systems and Annex III categories
The Act classifies AI systems used in eight Annex III domains as high-risk, in addition to AI systems acting as safety components of regulated products. The high-risk categories are the ones most enterprise AI programmes need to track.
Biometrics. Remote biometric identification systems and biometric categorisation systems based on sensitive attributes.
Critical infrastructure. AI used in the management and operation of road traffic, water, gas, heating, electricity, and critical digital infrastructure.
Education and vocational training. AI used for admissions, assessment, evaluation of learning outcomes, and detection of prohibited behaviour during testing.
Employment, workers management, and self-employment. AI used in recruitment, candidate filtering, performance evaluation, task allocation, and termination decisions.
Access to essential private and public services. AI used in credit scoring, insurance pricing and risk assessment, public benefits eligibility, and emergency call triage.
Law enforcement. AI used in profiling, risk assessment of individuals, evidence evaluation, and crime analytics.
Migration, asylum, and border control management. AI used in risk assessment, visa and asylum application evaluation, and identification of natural persons.
Administration of justice and democratic processes. AI used to assist judicial decision-making and AI used to influence elections or voting behaviour.
Financial services AI sits squarely in the access-to-essential-services category through credit and insurance use cases, which is why the FCA, ECB, and national competent authorities are aligning supervisory expectations to the Act's high-risk regime.
Why agentic AI raises the stakes
Agentic AI systems do not behave like the static models the EU AI Act's drafters had primarily in view. They act autonomously, persist across sessions, hold their own identities, and compose into multi-agent systems that delegate dynamically. Every article of the Act becomes operationally harder when the unit of governance is a continuous behavioural envelope rather than a discrete model evaluation.
Risk management cannot rely on a launch-day assessment when the agent's effective behaviour drifts week to week. Data governance has to account for retrieval pipelines, tool calls, and dynamic context assembly. Transparency obligations have to describe a system whose outputs depend on which sub-agent handled which sub-task. Post-market monitoring is no longer a periodic survey; it is a continuous record of every consequential action.
This is the operational gap AI agent governance is built to close, and it is the architectural reason Disseqt approaches EU AI Act compliance through the AI Assurance Lifecycle rather than through static documentation.
Article-by-article requirements
The articles below carry the operational weight of EU AI Act compliance for most enterprise providers and deployers of high-risk AI systems. Each treatment covers what the article requires, what it means for agentic AI in practice, and how Disseqt delivers compliance against it.
Article 9: Risk Management System
Article 9 requires providers of high-risk AI systems to establish, implement, document, and maintain a risk management system across the entire lifecycle of the system. The system must identify and analyse known and foreseeable risks, estimate and evaluate risks that emerge in intended use and in reasonably foreseeable misuse, evaluate risks identified through post-market monitoring, and adopt risk management measures that reduce residual risk to acceptable levels.
For agentic AI, this means the risk register cannot be a launch-time artefact. Risks shift as agents encounter new prompts, new data, new tool calls, and new compositions with other agents. The risk management system must consume signals from runtime monitoring, vulnerability discovery, and post-deployment incident analysis, and feed those signals back into testing and policy enforcement on a continuous basis.
Disseqt delivers Article 9 compliance through all three pillars of the AI Assurance Lifecycle. Test & Detect supplies the pre-production risk identification layer through 65 validators and 84 jailbreak techniques drawn from a live vulnerability database. Protect & Enforce supplies runtime risk control through policy enforcement, drift detection, and agentic monitoring. Prove & Comply maintains the documented risk management record, with every identified risk, mitigation, residual risk decision, and review timestamped and attributable.
Article 10: Data and Data Governance
Article 10 requires that training, validation, and testing data sets used in high-risk AI systems meet quality criteria appropriate to the intended purpose of the system. Data sets must be relevant, sufficiently representative, free of errors and complete to the best extent possible, and must reflect the geographical, behavioural, and functional setting of the intended deployment. Bias must be examined and addressed. Statistical properties, gaps, and shortcomings must be identified.
For agentic AI, data governance extends beyond training data. Retrieval-augmented systems pull from live knowledge sources whose quality and bias profile change over time. Tool outputs feed back into agent context. Synthetic data and self-generated traces become part of the operational data surface. Article 10 obligations apply across this expanded data perimeter, not only to the data used to fine-tune a base model.
Disseqt delivers Article 10 compliance through Test & Detect and Prove & Comply. The platform's validator families include dedicated bias, fairness, and representativeness checks that run against test sets and against live traffic. Data lineage and provenance are captured in the evidence layer, so the data sources, transformations, and quality checks behind every deployed system are reconstructable for an auditor. ML-based validation runs at sub-50ms latency with 99 percent less water and 98 percent less CO2 per validation than LLM-as-judge approaches, which makes continuous bias testing economically viable at enterprise scale.
Article 13: Transparency and Provision of Information to Deployers
Article 13 requires that high-risk AI systems be designed and developed so deployers can interpret system output and use it appropriately. Providers must supply instructions for use that include the provider's identity, the system's intended purpose, the level of accuracy and any known limitations, the human oversight measures required, the expected lifetime, and the maintenance and care arrangements needed to preserve compliance.
For agentic AI, transparency cannot stop at a static instructions document. Deployers need to understand which sub-agent or tool was invoked for a given output, what context was assembled, what policies applied, and what confidence the system attached to the response. Explainability of agent decisions becomes a Article 13 deliverable, not an optional engineering enhancement.
Disseqt delivers Article 13 compliance through Protect & Enforce and Prove & Comply. The platform produces explainability evidence for every consequential agent action, including the tool calls, policy evaluations, and confidence signals behind each output. Compliance dashboards expose the operational metrics and known limitations a deployer needs to use the system appropriately, and the evidence layer generates the structured instructions-for-use artefacts the Act expects providers to deliver to deployers.
Article 15: Accuracy, Robustness, and Cybersecurity
Article 15 requires high-risk AI systems to achieve appropriate levels of accuracy, robustness, and cybersecurity, and to perform consistently in those respects throughout their lifecycle. Accuracy metrics must be declared in the instructions for use. Systems must be resilient against errors, faults, inconsistencies, and against attempts by unauthorised third parties to alter use, outputs, or performance by exploiting vulnerabilities.
For agentic AI, the attack surface is wider than for static models. Prompt injection, jailbreaks, tool-call exploitation, indirect injection through retrieved content, and multi-turn manipulation all sit inside the Article 15 obligation. Accuracy and robustness have to be measured under adversarial conditions, not only under benign benchmark distributions.
Disseqt delivers Article 15 compliance primarily through Test & Detect and Protect & Enforce. The 84 jailbreak techniques run continuously against deployed systems, with single-turn and multi-turn adversarial patterns drawn from a live vulnerability feed. Cybersecurity-specific validators test for prompt injection, data exfiltration, credential exposure, and tool-call abuse. Runtime enforcement blocks adversarial inputs at the inference layer and produces the cybersecurity incident record the Act expects.
Article 17: Quality Management System
Article 17 requires providers of high-risk AI systems to put a documented quality management system in place. The system must cover the regulatory compliance strategy, design and development controls, examination and testing procedures, data management procedures, the risk management system under Article 9, the post-market monitoring system under Article 72, procedures for incident reporting, communication with competent authorities, record-keeping, and resource management.
For agentic AI, the quality management system has to integrate engineering, security, compliance, and operations workflows that have historically lived in separate parts of the enterprise. Model development, agent deployment, policy authoring, validator configuration, incident response, and evidence retention all become artefacts inside a single QMS scope.
Disseqt delivers Article 17 compliance through Prove & Comply, with the operational backbone supplied by the other two pillars. The platform produces the documented procedures, audit trails, and evidence records a QMS auditor expects to see. Compliance dashboards expose the live state of every control area, and the framework mapping layer aligns QMS evidence with EU AI Act, NIST AI Risk Management Framework, ISO/IEC 42001, and sector-specific regulator expectations in financial services and healthcare. The NIST AI Risk Management Framework sits inside the framework mapping layer for organisations that operate across EU and US regulatory perimeters.
Article 72: Post-Market Monitoring by Providers
Article 72 requires providers of high-risk AI systems to establish and document a post-market monitoring system proportionate to the nature of the AI system and its risks. The system must actively and systematically collect, document, and analyse relevant data on the performance of the AI system throughout its lifetime, to enable evaluation of continuous compliance with the Act and to inform corrective actions.
For agentic AI, post-market monitoring is not a periodic survey. Agents drift. Tool ecosystems change. Adversarial techniques evolve. Continuous compliance evaluation requires telemetry at the inference layer, behavioural baselines per agent and per task, and a feedback path into the risk management system and the quality management system.
Disseqt delivers Article 72 compliance through Protect & Enforce and Prove & Comply. Agentic monitoring runs continuously across every deployed agent, tracking performance, drift, policy violations, and adversarial encounters. The vulnerability database feeds new attack signatures into the live monitoring layer. Compliance dashboards expose the post-market monitoring record in a form a competent authority can review, and the incident reporting workflow produces the structured notifications the Act requires when serious incidents occur.
Mapping the EU AI Act to the AI Assurance Lifecycle
Disseqt's three pillars deliver coverage across the operational articles of the EU AI Act. The mapping below summarises the primary pillar against each article and the supporting pillars that produce supplementary evidence.
EU AI Act article | Primary pillar | Supporting pillars |
|---|---|---|
Article 9: Risk Management System | Test & Detect | Protect & Enforce, Prove & Comply |
Article 10: Data and Data Governance | Test & Detect | Prove & Comply |
Article 13: Transparency and Information to Deployers | Protect & Enforce | Prove & Comply |
Article 15: Accuracy, Robustness, Cybersecurity | Test & Detect | Protect & Enforce |
Article 17: Quality Management System | Prove & Comply | Test & Detect, Protect & Enforce |
Article 72: Post-Market Monitoring | Protect & Enforce | Prove & Comply |
The integration view matters more than any single article. EU AI Act compliance is a continuous operating state, not a project. The AI Assurance Lifecycle sequences pre-production testing, runtime enforcement, and audit-ready evidence into a single operating standard, which is what Disseqt calls Continuous AI Governance.
Common implementation failure modes
Most enterprise EU AI Act programmes underway today will not pass a serious supervisory review. Three failure modes recur.
The first is documentation-only compliance. Policies, model cards, and risk registers sit in document repositories with no runtime connection to the systems they describe. The Act requires evidence of operational control, not a paper trail. This is what Disseqt calls PowerPoint Governance, and it is the default failure mode for organisations that ran their early AI governance work out of legal and compliance functions without engineering ownership.
The second is theatre at the agent layer. Guardrails are advertised but not enforced. Validators run on a sample of traffic but not on production. Monitoring dashboards exist but no policy is wired to them. Article 9 risk management and Article 72 post-market monitoring both require continuous operational substance, not a demo. This is what Disseqt calls Agentic Theatre, and it surfaces fastest under adversarial testing.
The third is regulator-fit gaps. Evidence exists but cannot be reconstructed for a specific decision at a specific moment. Article 13 transparency, Article 15 cybersecurity incident records, and Article 17 quality management auditability all require the kind of structured, attributable, time-stamped evidence that ad-hoc logging cannot produce. The remedy is purpose-built evidence infrastructure, which is the Prove & Comply pillar.
Disseqt's positioning as the EU-native AI Assurance Layer
Disseqt is Irish-founded, Dublin-headquartered, and EU-resident. The platform was designed against EU AI Act obligations from the start, not retrofitted from a US compliance framework. For enterprise risk teams scoping EU AI Act readiness, the difference shows up in the artefacts the platform produces and in the regulator-facing posture it supports.
EU AI Act compliance is operational, not paper-only, and EU-native vendors carry less translation risk between US-style attestation models and the evidence regime EU supervisors expect. Disseqt is purpose-built for the agentic systems that are now the dominant deployment pattern in financial services, healthcare, and operations functions across the EU, UK, and Ireland. That posture is what makes the Assurance Layer for Enterprise AI the right operating choice for enterprises with EU customers, EU operations, or EU supervisory exposure.
Frequently asked questions
When does the EU AI Act come into force?
The EU AI Act entered into force on 1 August 2024, with obligations phased in over several years. Prohibitions on unacceptable-risk practices became enforceable on 2 February 2025. Obligations on general-purpose AI models took effect on 2 August 2025. The bulk of obligations on high-risk AI systems become enforceable on 2 August 2026, and obligations on high-risk systems embedded in products already covered by EU harmonisation legislation extend to 2 August 2027.
Does the EU AI Act apply to my company if we're not based in the EU?
Yes, if the AI system is placed on the EU market, if it is used by deployers established in the EU, or if its outputs are intended to be used in the EU. The legal trigger is reach, not headquarters. A US-headquartered provider whose AI agent serves European customers, a model provider selling API access to EU deployers, and any non-EU importer or distributor of an AI system on the EU market all fall within scope.
What are the penalties for non-compliance with the EU AI Act?
Penalties depend on the obligation breached. The most severe penalties apply to prohibited practices, which carry fines of up to EUR 35 million or 7 percent of total worldwide annual turnover, whichever is higher. Breaches of obligations on high-risk AI systems carry fines of up to EUR 15 million or 3 percent of global turnover. Provision of incorrect, incomplete, or misleading information to authorities carries fines of up to EUR 7.5 million or 1 percent of turnover. Lower thresholds apply to small and medium enterprises.
How is the EU AI Act enforced?
Enforcement runs through national competent authorities designated by each member state, coordinated through the European AI Office at the Commission. Market surveillance authorities oversee high-risk AI systems, and notified bodies handle conformity assessment for certain categories. Sector-specific supervisors retain authority within their existing perimeters, so financial services AI sits under the FCA, ECB, and national equivalents alongside the AI Act regime.
What does post-market monitoring mean for AI systems?
Post-market monitoring under Article 72 is the continuous collection, documentation, and analysis of data on the performance of a high-risk AI system after it is placed on the market or put into service. It is the operational evidence layer that demonstrates continuous compliance, surfaces incidents and drift, and feeds back into the risk management system. For agentic AI, post-market monitoring is a runtime telemetry obligation, not a periodic survey.
Do I need to register my AI system under the EU AI Act?
Providers of high-risk AI systems listed in Annex III, with certain exceptions, must register the system in the EU database for high-risk AI systems before it is placed on the market or put into service. Deployers that are public authorities or bodies acting on their behalf also have registration obligations. The database is maintained by the Commission and accessible to competent authorities.
How does Disseqt help with EU AI Act compliance?
Disseqt is the Assurance Layer for Enterprise AI. The platform delivers article-by-article compliance against Articles 9, 10, 13, 15, 17, and 72 through the three pillars of the AI Assurance Lifecycle: Test & Detect for pre-production risk discovery and bias testing, Protect & Enforce for runtime policy enforcement and post-market monitoring, and Prove & Comply for documented quality management and audit-ready evidence. The platform is EU-native, Irish-founded, and purpose-built for the agentic AI deployments at the centre of enterprise compliance scope.
Bottom line
The EU AI Act has moved enterprise AI from policy discretion to operational obligation. The articles that carry the weight, Article 9 risk management, Article 10 data governance, Article 13 transparency, Article 15 accuracy and cybersecurity, Article 17 quality management, and Article 72 post-market monitoring, all require continuous operational evidence rather than static documentation. Agentic AI deployments make every one of those articles harder. The Assurance Layer is how enterprises produce the evidence regulators expect, on the systems they actually run, in the timeframe the Act sets.
