60 minutes. No charge. No sales pitch.
One fixed-scope engagement, whatever your starting point. You receive a written status report covering three layers: whether your AI policy and oversight rules hold up in practice, where your organisation stands against EU AI Act obligations, and your gaps ranked by severity — with a sequenced action plan your management can execute. No prerequisites. Works whether you have a full compliance team or no written policy at all.
60 minutes. No charge. No sales pitch.
For organisations building responsible AI use from the ground up. Most clients start here.
For deployers of high-risk systems under Annex III: credit scoring, candidate screening, insurance underwriting, education assessment, public services, biometrics.
If a FRIA we deliver fails Article 27 content requirements, we revise it at no charge.
Not sure which path fits? That is what the status call answers.
Enterprise procurement questionnaires, board risk committees, and insurance underwriters ask for AI governance evidence now — independent of any Brussels timeline. The dates below define when regulators act. Your market decides much earlier.
February 2, 2025 — In force
Social scoring, real-time biometric surveillance in public spaces, subliminal manipulation, exploitation of vulnerabilities. No grace period — these were banned from day one of application.
August 2, 2025 — In force
Providers of foundation models and large language models must publish technical documentation and meet copyright transparency requirements. Systemic-risk models face additional obligations: adversarial testing, incident reporting, cybersecurity measures.
August 2, 2026 — Binding
AI systems that interact with people must identify themselves as AI. AI-generated content must carry machine-readable disclosure. Deepfakes must be labeled. Emotion recognition and biometric categorisation systems must notify the people they process. Exception under the Omnibus: digital watermarking of AI-generated content (Article 50(2)) is extended to December 2, 2026.
December 2, 2027 — European Parliament voted June 16, 2026
Applies to: credit scoring · CV screening · insurance underwriting · education assessment · public services · biometric identification · law enforcement · migration · justice administration.
Deployer obligations include: Fundamental Rights Impact Assessment (Article 27), risk management system, technical documentation, human oversight measures, accuracy and robustness requirements, post-market monitoring, and incident reporting.
(The European Parliament voted June 16, 2026 to shift this deadline to December 2, 2027 (423 for, 57 against). Council formal adoption and Official Journal publication are expected before August 2, 2026. Until OJ publication the amendment is not yet in force.)
The EU AI Act requires systematic AI systems analysis to meet all requirements. For this, you need more than checkbox audits that collapse under regulatory investigation.
We deliver scored severity, weighted likelihood, cumulative impact, and documented mitigation adequacy.
Dorothee Georg — LinkedInOne hour. You leave with your governance maturity picture, your three most critical gaps, and a clear first step. No sales pitch.
60 minutes. No charge. No sales pitch.
This website sets no cookies, runs no trackers, and loads no analytics. We collect your data only when you hand it to us, and we tell you exactly what happens to it. If we treat your data this way before you are a client, you know how we will treat your compliance file when you are one.
Read our privacy notice →