Full EU AI Act compliance.
One platform.
From Article 50 disclosure to Article 14 human oversight to GPAI model provenance — Eniyan covers every obligation the Act creates for operators of consumer-facing and high-risk AI systems.
Article 50 enforcement begins
days remaining
August 2, 2026
Fines up to €30M or 6% of global annual turnover (high-risk AI)
Market unprepared
78%
Have no AI inventory
83%
The Legal Obligations
Seven obligations. Every one covered.
The verbatim legislative text, exactly what it requires, and precisely how Eniyan satisfies each obligation.
“Providers shall ensure that AI systems intended to interact directly with natural persons are designed and developed in such a way that the natural persons concerned are informed that they are interacting with an AI system, unless this is obvious from the point of view of a natural person who is reasonably well-informed, observant and circumspect.”
What it requires
Every consumer-facing AI agent must inform users they are interacting with an AI system at or before the first message. The 'obvious' exception is interpreted narrowly — a chat widget is not considered self-evidently AI.
How Eniyan satisfies it
Know Your Agent issues each agent a cryptographic identity credential users can verify in one click. Trust Transparency publishes a consumer-readable verification page operators link to at first interaction — satisfying the disclosure obligation with a third-party-verified, independently hosted artifact.
“The information shall be provided to the natural persons concerned in a clear and distinguishable manner at the latest at the time of the first interaction or exposure and shall conform to the applicable accessibility requirements.”
What it requires
Disclosure must be clear, distinguishable, and presented at the moment of first interaction — not buried in a privacy policy, not surfaced only on request, and not shown after the first message is exchanged.
How Eniyan satisfies it
The Eniyan Trust seal and verification badge embed directly in the chat interface, rendered before the first exchange. The public verification page is accessible without login, designed for consumers rather than compliance teams, and meets WCAG accessibility standards.
Finance, healthcare, employment, education, critical infrastructure, and systems affecting fundamental rights.
“High-risk AI systems shall be designed and developed to ensure their operation is sufficiently transparent to enable deployers to interpret a system's output and use it appropriately. Providers shall draw up technical documentation before placing the high-risk AI system on the market.”
What it requires
Providers of high-risk AI must produce and maintain structured technical documentation covering the system's purpose, capabilities, limitations, performance metrics, training data, and risk management measures.
How Eniyan satisfies it
AI System Cards automatically generate Article 11/13-compliant technical documentation PDFs from your agent's registered identity, scope declarations, uploaded system prompt and tool manifest, AI review findings, and linked GPAI model provenance. One click from the Know Your Agent dashboard — no consultant required.
“High-risk AI systems shall be designed and developed, including with appropriate human-machine interface tools, in such a way that they can be effectively overseen by natural persons during the period in which the AI systems are used.”
What it requires
High-risk AI systems must be designed so human operators can exercise meaningful oversight — including the ability to override or interrupt the AI at any time and to ensure tasks are only assigned to systems under active human authorization.
How Eniyan satisfies it
Know Your Agent's JIT (Just-In-Time) activation enforces Article 14 at the cryptographic layer: a human operator must authorize each task window before the agent's credential becomes active. When no task window is open, the credential is technically suspended — the agent cannot act regardless of instructions. Every authorization, expiry, and revocation event is logged immutably for regulatory review.
“Providers of high-risk AI systems shall establish, implement, document and maintain a risk management system. The risk management system shall be a continuous iterative process run throughout the entire lifecycle of a high-risk AI system.”
What it requires
Providers must establish and continuously maintain a documented risk management system — identifying, estimating, evaluating, and mitigating risks throughout the AI system's lifecycle. Records must be producible for regulatory inspection.
How Eniyan satisfies it
The Risk Registry tracks risk entries across your agent fleet — populated automatically from AI review findings or added manually. Each entry records risk type, severity, description, mitigation notes, and resolution status. Exportable as a formatted Risk Registry Report PDF citing Article 9/17 — ready for national competent authority review.
“High-risk AI systems shall be designed and developed with capabilities enabling the automatic recording of events relevant to identifying risks to health, safety, or fundamental rights during operation. Deployers shall ensure human oversight and keep logs of operations.”
What it requires
Providers must build logging capability into high-risk AI systems. Deployers must retain logs of operation and make them available to national competent authorities on request.
How Eniyan satisfies it
Eniyan's tamper-evident audit log (append-only, signed) captures 50+ AI operation event types throughout every agent's lifecycle. The Compliance Audit Log Export generates a regulatory-formatted PDF or structured CSV with human-readable event descriptions, ISO 8601 timestamps, and signing key fingerprint — ready for authority submission.
“Providers of general-purpose AI models shall draw up and keep up to date the technical documentation of the model, including its training process, evaluation results, and known limitations. Providers of AI systems built on GPAI models shall ensure they can obtain the information necessary to comply.”
What it requires
Operators deploying AI agents built on General-Purpose AI models (GPT-4o, Claude, Gemini, Llama, etc.) must be able to demonstrate which GPAI model powers each system and obtain the downstream compliance documentation required by Articles 53-55.
How Eniyan satisfies it
The GPAI Model Registry links each deployed agent to its underlying model — provider, version, capability summary, known limitations, and training cutoff — drawn from Eniyan's pre-maintained registry of major GPAI models. This information flows directly into AI System Card PDFs, giving operators complete downstream provenance documentation in one export.
European Commission Code of Practice on AI Transparency — The final implementation guide is expected June 2026, six weeks before enforcement begins. Eniyan's product is designed to satisfy the obligations as written in the Act and the December 2025 draft guidance. Read the draft guidance →
Product Coverage
Which Eniyan product covers which article
Art. 50(1) — AI disclosure
Art. 50(5) — Clear, timely delivery
Art. 11/13 — Technical documentation
AI System Cards
Art. 14 — Human oversight
JIT Activation
Art. 9/17 — Risk management system
Risk Registry
Art. 12/26 — Operational logging
Audit Log Export
Art. 53–55 — GPAI provenance
GPAI Registry
Affected Sectors
Who needs to act before August 2nd
The Act applies wherever your AI agents interact with EU consumers — regardless of where your company is headquartered.
Fintech & Banking
Payment assistants, account chatbots, fraud alert agents
FCA oversight + EU AI Act create dual compliance pressure. Credit and fraud AI triggers high-risk classification — Articles 13, 14, 9/17 apply in full.
E-commerce & Retail
Shopping assistants, returns agents, customer support bots
Consumer-facing AI at scale across EU jurisdictions. Article 50(1) applies to every customer interaction. Recommendation agents may trigger high-risk classification.
SaaS Customer Experience
Intercom Fin, Zendesk AI, Freshdesk agents
Platforms exposing AI to EU end-users are in scope. Deployers bear Article 50 responsibility; platforms must provide disclosure infrastructure.
Healthcare & Wellness
Triage agents, appointment bots, symptom checkers
Patient-facing AI is high-risk under both EU AI Act and sector rules. Articles 13, 14, 9/17, and 12/26 apply — full technical documentation and human oversight required.
Legal & Professional Services
Legal AI assistants, document review agents
Professional services AI affecting fundamental rights triggers high-risk classification. Article 50 disclosure applies to all consumer interactions.
Logistics & Operations
Delivery tracking agents, supply chain assistants
Consumer-facing interactions trigger Article 50(1). Lower risk tier unless consequential routing or employment decisions are made.
The Solution
Article 50 compliant in 48 hours.
Full stack in 30 days.
No professional services. No compliance consultant. Article 50 disclosure live in under 15 minutes.
Register your agents
Declare each agent's purpose, capabilities, and restrictions using the structured Know Your Agent checklist. Upload your system prompt and tool manifest as supporting evidence.
⏱ 15 minutes per agentEniyan reviews & issues credentials
Our trust team cross-checks your declaration against the evidence. Approved agents receive a cryptographic identity credential and a public verification URL — the Article 50(1) disclosure artifact.
⏱ 1–5 business daysEmbed and disclose at first interaction
Embed the seal or verification link in your chat widget header before the first message is exchanged. Satisfies Article 50(1) and 50(5) with a third-party-verified, consumer-readable page.
⏱ 30 minutesMaintain through the lifecycle
Enable JIT for human oversight (Art. 14), log risks in the Risk Registry (Art. 9/17), and export Compliance Audit Logs on demand (Art. 12/26). Scope changes trigger automatic re-review.
⏱ OngoingThe Cost of Non-Compliance
What 6% of global revenue looks like.
A $10M ARR startup
€600K
High-risk violation — potentially company-ending
A $100M revenue company
€6M
Equivalent to ~12 months of product runway
A $2B+ enterprise
€120M+
Or capped at €30M — whichever is higher
Article 50 (limited-risk) fines: up to €15M or 3% — whichever is higher.
Eniyan starts at $0 — one free seal, no credit card.
Get your first seal — free →Common Questions
EU AI Act — answered precisely.
Official Legislative References
Article 50 — Transparency Obligations
AI disclosure obligation for consumer-facing systems. Enforceable August 2, 2026.
Article 99 — Penalties
Art. 50 violations: €15M or 3%. High-risk violations: €30M or 6%. GPAI violations: €15M or 3%.
Article 11 / 13 — Technical Documentation
Capability and limitation documentation for high-risk AI systems.
Article 14 — Human Oversight
Human oversight requirements for high-risk AI. Applies to FSI, healthcare, employment AI.
Article 9 — Risk Management System
Continuous lifecycle risk management obligation for high-risk AI providers.
Article 12 — Record-Keeping
Operational logging requirements for high-risk AI systems.
Articles 53–55 — GPAI Model Obligations
Documentation, transparency, and downstream compliance obligations for GPAI model providers and deployers.
EC Code of Practice on AI Transparency
Implementation guidance. Draft December 2025. Final expected June 2026.
KYA Add-on
The KYA Compliance Pack covers all 7 EU AI Act obligations with one-click documentation.
Live PDFs from your real agent data — AI System Cards, Risk Registry, Audit Log, GPAI Provenance, and more.
Get compliant before August 2nd.
Article 50 in 48 hours. Full stack in 30 days. One free seal to start.
Already have a plan? Go to Transparency dashboard →
Eniyan
Start shipping verifiable trust.
Today. On a free plan.
Pick one product or all three. No credit card to start. Switch or combine whenever you're ready.