AI governance tools that prove compliance.

Every tool maps to a specific article of the EU AI Act and produces structured evidence your legal team can hand to a regulator. Open source. Apache 2.0. Zero telemetry.

Explore tools →See the workflow GitHub

bashpip install license-compliance-checker riskforge rag-benchmarking

evidence.flowlive

INAI systemmodel + data + config

01Art. 53License Compliance Checker

02Art. 9RiskForge CLI

03Art. 15RAG-Bench

· · · 11 more · · ·

OUTEvidence chainper-article artefacts

Find your obligation

Obligation. Date. Fine. Artefact. Tool.

Pick a use case and jurisdiction. Cards reorder by relevance. Every fine band carries its Article reference; every tool below ships under Apache 2.0.

I'm deployingin

Art. 5

Enforced

Prohibited AI practices

Date: 2025-02-02

Fine: Up to €35M or 7% global turnover
(Art. 99(3))

Artefact: Per-prohibition Red/Amber/Clear verdict (SARIF)
Tool: LitmusAI · v1.0.0

Screen now →

This screens against Art. 5 prohibitions. NOT legal advice or conformity assessment.

Art. 9

Upcoming

Risk management system

Date: 2026-08-02

Fine: Up to €15M or 3% global turnover
(Art. 99(4))

Artefact: Annex IV-aligned Risk Management File (JSON / PDF)
Tool: RiskForge · v0.1.4

Generate now →

This produces Art. 9 evidence. NOT a notified-body conformity assessment.

Art. 15

Upcoming

Accuracy, robustness, cybersecurity

Date: 2026-08-02

Fine: Up to €15M or 3% global turnover
(Art. 99(4))

Artefact: Retrieval accuracy & robustness report
Tool: RAG Benchmarking · v1.0.0-rc1

Benchmark now →

This benchmarks Art. 15 accuracy + robustness for RAG systems. Cybersecurity coverage is partial; pair with a runtime AI security control.

Art. 53

Enforced

GPAI provider obligations

Date: 2025-08-02

Fine: Up to €15M or 3% global turnover
(Art. 101(1) — Commission-imposed)

Artefact: OSS + model licence report (JSON)
Tool: License Compliance Checker · v1.1.0

Generate now →

This produces Art. 53 documentation evidence. NOT an AI Office submission of record.

Art. 53License Compliance Checker
Art. 15RAG-Bench
Art. 9RiskForge CLI
Art. 5LitmusAI
Art. 10TraceForge
Art. 13TransparencyDeck
Art. 11, 12Agentic Document Analyser
Art. 72VigilanceDash
Art. 4OrgLiterate
Art. 14, 17Sigil
Art. 53License Compliance Checker
Art. 15RAG-Bench
Art. 9RiskForge CLI
Art. 5LitmusAI
Art. 10TraceForge
Art. 13TransparencyDeck
Art. 11, 12Agentic Document Analyser
Art. 72VigilanceDash
Art. 4OrgLiterate
Art. 14, 17Sigil

The Regulatory Forcing Function

The deadlines have already started.

One regulation. Staged application dates. Each tool ships evidence against a specific article — so you can prove compliance, not just claim it.

€35M

Max fine · Article 5

3 months

Until high-risk deadline

Imminent

EU member states · one regulation

EU AI Act · Application Dates

Four dates. One regulation. Staged enforcement.

Feb 2025

Prohibited Practices + AI Literacy

Articles 4 & 5

Enforced

Eight AI practices are illegal. Deployers must evidence staff AI literacy proportionate to role and risk. Fines up to €35M.

Aug 2025

GPAI Transparency

Article 53

Enforced

GPAI providers must publish technical documentation, training-data summaries, and copyright compliance policies.

Aug 2026

High-Risk AI Systems

Articles 6+

Imminent

Risk management, data governance, accuracy, transparency, human oversight — all required for high-risk AI.

Aug 2027

Full Applicability

Annex I sectoral

Upcoming

AI embedded in medical devices, machinery, and vehicles — sector-specific application extends.

Feb 2025

Prohibited Practices + AI Literacy

Articles 4 & 5

Eight AI practices are illegal. Deployers must evidence staff AI literacy proportionate to role and risk. Fines up to €35M.

Aug 2025

GPAI Transparency

Article 53

GPAI providers must publish technical documentation, training-data summaries, and copyright compliance policies.

Aug 2026

High-Risk AI Systems

Articles 6+

Risk management, data governance, accuracy, transparency, human oversight — all required for high-risk AI.

Aug 2027

Full Applicability

Annex I sectoral

AI embedded in medical devices, machinery, and vehicles — sector-specific application extends.

How the tools chain

Every article has a tool. Every tool leaves evidence.

The EU AI Act doesn't ask for one report. It asks for traceable evidence across a dozen articles. We're building one tool per article — each one ships an artefact your conformity process can read.

#ToolArticleOutput artefactStatus

01
01License Compliance Checker
Art. 53OSS + model licence report (JSON)Live
02
02RAG Benchmarking
Art. 15Retrieval accuracy & robustness report (JSON / Markdown)Release Candidate
03
03RiskForge
Art. 9Risk Management File (JSON / PDF)Live
04
04LitmusAI
Art. 5Prohibited-practices verdict (SARIF)Live
05
05TraceForge
Art. 10Dataset governance reportQ2 2026
06
06TransparencyDeck
Art. 13Deployer-facing transparency documentQ3 2026
07
07Agentic Document Analyser
Art. 11, 12Technical file + logging extractAlpha
08
08RMFMapper
NIST AI RMF ↔ EU AI ActCross-map matrixQ4 2026
09
09ISOEvidence
ISO 42001Management-system gap report2027
10
10VigilanceDash
Art. 72Post-market monitoring feedQ4 2026
11
11OrgLiterate
Art. 4AI-literacy training records2027
12
12ConformityBot
Art. 43Conformity-assessment aggregation2027
13
13Sigil
Art. 14, 17Runtime oversight + QMS evidenceQ1 2027
14
14HealthAI-Comply
MDR + EU AI Act + FDAClinical-AI evidence bundle2028

3 tools live today — License Compliance Checker, RiskForge, LitmusAI. Install any of them in under 60 seconds. The rest of the chain ships through 2026–2027, with HealthAI-Comply in 2028.

Ship Compliance Evidence Today

Four flagship tools. One evidence chain.

Each tool maps to a specific obligation and produces structured evidence the next tool consumes. Free. Apache 2.0. Zero telemetry.

Article 53

License Compliance Checker

Framework-agnostic license compliance harness for AI systems and software dependencies.

GPAI Compliance

Flagship

bashpip install license-compliance-checker

Docs GitHub

Article 9

RiskForge

EU AI Act Article 9 Risk Management System builder — 30 minutes to a signed, audit-trailed Risk Management File.

Risk Management

Flagship

bashpip install riskforge

Docs GitHub

Article 15

RAG Benchmarking

Framework-agnostic evaluation harness for RAG and agentic AI systems.

Accuracy Requirements

Flagship

bashpip install rag-benchmarking

Docs GitHub

Article 5

LitmusAI

Free, deterministic CLI screener for the eight prohibited AI practices in EU AI Act Article 5.

Prohibited Practices

Flagship

bashpip install litmus-screener

Docs GitHub

Early-access partners

Pilots underway with regulated-enterprise teams in financial services, healthcare, and public sector. Partner names announced post-pilot, with consent. We don't list logos before they clear our authenticity gate.

In Development

Sigil — Runtime governance for AI agents.

The runtime layer of our compound moat: real-time policy enforcement, tamper-evident audit logs, and continuous compliance reporting against EU AI Act Articles 14 & 17. Early access available now.

Articles 14, 17Runtime GovernanceNIST AI RMF · ISO 42001

Request Early Access

Sister practice · AI Exponent LLC

Need a human in the loop? Ask Ajay.

The tools are the product. Judgement — programme design, regulatory sequencing, the board conversation — lives on the other side of the LLC. When a CLI isn't the answer, AskAjay.ai is.

Visit AskAjay.ai →When to use which →