AI Act Readiness — Standard

The EU AI Act is already enforceable.

Article 5 prohibitions, Article 4 literacy, and the general-purpose AI obligations have been in force since 2025. The high-risk tranche enters force on 2 August 2026 — about twelve weeks from today. Ansvar's fixed-scope readiness engagement gets you board-ready in six weeks.

See pricing

Why act now

The AI Act is already enforceable. You have weeks, not months.

Three tranches of the Regulation are already in force. The fourth — the one most enterprise teams associate with the AI Act — enters force on 2 August 2026.

Already in force

Feb 2025Article 5 prohibited practices in force
Feb 2025Article 4 AI literacy in force
Aug 2025General-purpose AI obligations in force

Ahead

Aug 2026High-risk system obligations (Articles 9–15, 26)
Aug 2027High-risk under Annex I extended scope

How it runs

A 4–6 week engagement, fixed scope, fixed price

Five stages from signed SOW to board-ready readout. About 18–22 hours of Ansvar senior-consultant time. About 6–8 hours of your own staff time.

Week 0–1

We agree exactly what you're paying for

You complete a structured scoping form. We send back a fixed-price Statement of Work that names every system, every member state, and every out-of-scope item before any work begins.

Customer-completes scoping form (Schedule B of the SOW)
Up to 10 AI systems and EU + 1 member state included
Out-of-scope items named upfront — FRIA, Annex IV, conformity assessment

What you get

Six board-ready deliverables, owned by you

Each deliverable is grounded in the actual legislation through the Ansvar gateway — no LLM-generated citations, no silent fallbacks. Senior-reviewer QA on every artefact.

AI System Register.xlsx

Every AI system in scope, with metadata aligned to Annex VIII fields where applicable

Risk Classification Report.pdf

Per-system classification against Articles 5, 6 + Annex III, 50, and 51, with citations to the underlying provisions

Gap Analysis Report.pdf

Per-obligation gaps for each high-risk and GPAI system, against the obligations applicable to your role

AI Literacy Quick Check.pdf

Article 4 readiness snapshot — already in force since 2025-02-02

Executive Summary.pdf

One-page board-ready summary of findings and priorities

Roadmap.xlsx

Prioritised remediation actions with effort estimates and ownership suggestions

What this looks like in practice

One AI system, traced from inventory to roadmap

A fictional example, run through the same five stages a real engagement uses. Every Article number and CELEX identifier is real; only the company and system are invented.

Inventory

Week 1–2

Acme Nordic AB is a private operator providing HR services under contract to Swedish kommuner and regioner — which places it inside Art. 27(1)(a)'s 'private operator providing public services' scope and is the legal basis for the FRIA obligation that surfaces in stage 03. It uses HR-Screen v2.1 to score job applicants before a recruiter reviews them. The system enters the inventory as one of seven AI systems Acme runs across HR, support, and quality control.

SystemRoleModalityVendorDeployed

Acme HR-Screen v2.1Deployertext/scoringScreenCo2024-03

Classify

Week 2–3

Four tests run against this system: Article 5 prohibited, Article 6 + Annex III high-risk, Article 50 transparency, Article 51 GPAI. HR-Screen returns HIGH-RISK on the second test.

VERDICTHIGH-RISK(deployer of an Annex III system)

CITATIONS

Article 6(2)32024R1689 §2:6EUR-Lex
Annex III §4(a)32024R1689 Annex IIIEUR-Lex
Recital 5732024R1689 §1:57EUR-Lex

NOT TRIGGERED

Article 5 (not a prohibited practice)
Article 51 (not a general-purpose AI model)

Gap analysis

Week 3–4

For each high-risk system, Article 26 walks the obligations applicable to your role as deployer. Four gaps surface for HR-Screen.

ObligationStatusEvidence

Art. 26(2) human-oversight rolesPARTIALrole defined, no procedure
Art. 26(9) DPIA before useMISSINGno DPIA on file
Art. 26(7) worker informationMISSINGworkers not informed
Art. 27 FRIA requiredREQUIREDprivate operator providing public services per Art. 27(1)(a); not yet performed

Roadmap

Week 5

Each gap becomes a roadmap row. Effort estimates are first-pass; ownership is suggested, not imposed.

ActionOwnerEffortDue-by

Run DPIA (Art. 35 GDPR + AI Act Art. 26(9))DPO2 wkbefore 2 Aug 2026
Brief works councilHR Dir + DPO1 wkbefore next reapproval
Commission FRIA (Art. 27)Ansvar3 wkbefore 2 Aug 2026
Document oversight procedureHR Ops Lead1 wkbefore 2 Aug 2026

Readout

Week 5–6

Single-page board view. CISO, DPO, and system owners walk the findings live. The full deliverable set is owned by Acme.

AI Act Readiness — Acme · Executive Summary

Systems in scope:7

HIGH-RISK:1 (HR-Screen v2.1)

Limited-risk:2 (Triage Bot, Doc-Search)

Minimal-risk:4

Critical actions before 2 Aug 2026:

DPIA + FRIA on HR-Screen

Article 50 transparency disclosure on Triage Bot

Article 4 literacy programme entity-wide

Roadmap items:14 (8 critical, 6 supporting)

Authority guidance unresolved:0

Case-law gaps flagged:2 (recital 57 application, Art. 26 procedure)

Pricing

Fixed scope, fixed price — €4,950

One Statement of Work, one invoice, one readout workshop. Add-ons priced upfront so the readout is a conversation about your roadmap — not about your bill.

AI Act Readiness — Standard

€4,950one engagement · 4–6 weeks

Board-ready AI Act readiness for up to 10 AI systems across EU + 1 member state.

In scope

Six board-ready deliverables, owned by you
Per-system AI Act classification (Articles 5, 6 + Annex III, 50, 51)
Obligations gap analysis, role-aware (provider, deployer, GPAI)
Senior-reviewer QA on every deliverable
90-day errata window if authority guidance shifts a classification

Not in scope

Article 27 FRIA
Annex IV technical documentation
Conformity assessment
11th+ AI system
Additional jurisdictions

30 minutes · no obligation · we say no if we're not a fit

Within-scope extensions · priced upfront, quoted at SOW signing

Additional AI system+€350 per system above 10
Additional member state+€600 (Sweden or Germany at this product stage)

Next engagements · sequenced after Standard, separately quoted

Article 27 FRIA

€3,500first system · 2–3 weeks
€2,500each additional, same customer / 12 months

Fundamental-rights impact assessment for a high-risk AI system before first deployment. Required of deployers under Article 27 in public-sector, banking, insurance, migration, and employment / HR contexts.

Annex IV technical documentation

€4,000per system

Technical-documentation build to conformity-assessment standard. Required of a provider before placing a high-risk AI system on the EU market.

Why this deliverable stands up

Grounded in the actual legislation, not generated

The Ansvar gateway retrieves the text of EU regulations directly from the EU Publications Office, with verifiable CELEX-level citation. The model does not invent articles or paragraph numbers. Senior-reviewer QA confirms every citation before the deliverable ships.

Citation grounding

Every cited article is retrieved through the gateway and verified against the EUR-Lex source URL. No silent fallback to model recall.

Multi-MCP enrichment

Five mandatory passes per citation-producing finding: AI Act primary regime, horizontal regimes (GDPR, NIS2, CSRD, sectoral), sector-regulator routing by NACE code, case-law validation, authority guidance.

Refusal discipline

When the corpus does not return a high-confidence answer, the deliverable says so. Unresolved items surface to your roadmap as known unknowns, not fabricated certainties.

Senior-reviewer QA

Every deliverable is signed off by a senior reviewer who did not run the engagement. Banned-words and citation-integrity checks run before the artefact leaves Ansvar.

The high-risk tranche enters force on 2 August 2026.

You have about twelve weeks. The Ansvar AI Act Readiness — Standard engagement gets you board-ready in six. Tell us which entities, which systems, and which member state. We come back with a scope and a fixed price within two working days. If we're not the right fit, we say so on the discovery call and recommend who is.