You are accountable for decisions you often cannot fully control — made with information you have to chase, in a process that was never designed to be defensible.
“Accountability without a record is not accountability. It is exposure — and it belongs to whoever approved last.”
EAB puts the compliance supervisor at the centre of the governance chain — not as a final sign-off on documents assembled by others, but as the actor who initiates screening, runs the Art. 5 prohibited practice review, and approves the classification result. Every action you take in EAB is attributed to your role, timestamped, and sealed into an immutable record.
When you initiate a screening session, the technical profile is already in the system — completed by the AI system owner before you see it. You review it against the obligation profile for the system’s risk classification. If you need to override a screening result or bypass a governance gate, you can — but the override is logged with your identity and the justification you provided. There are no silent exceptions.
Your approval is the gate between the technical world and the obligation world. When you approve a screening result, the obligation set activates automatically — derived from the classification, not entered by hand. You do not chase obligation status across spreadsheets. EAB shows you what is complete, what is in progress, and what is open — per system, across the organisation.
No chasing. No assembly. Every action produces a record that survives any audit.
Every screening session begins with the Art. 5 review. You assess each prohibition category against the documented system profile — not from memory, but from the structured registration and technical data already in EAB. The review result is sealed before classification begins.
EAB analyzes the system against Annex I and III criteria and derives the risk classification. You review the result, the applicable articles, and the obligation derivation. You approve — or you override, with justification. Either way, the decision is yours and it is recorded.
You have bypass authority over every governance gate. You can override a classification result, claim an Art. 5 exemption, or advance a system despite an open obligation. Every bypass is logged with your identity, the timestamp, and the justification. Nothing is hidden — and the override log is visible to auditors in the read-only workspace.
After screening, you see the full obligation set — article by article, status by status. You can identify which obligations are open, which have evidence attached, and which are blocked. You do not manage this in a spreadsheet — EAB derives it from the governance record.
You can generate per-system compliance records and organisation-wide reports at any time — derived from the governance record, not compiled from separate documents. The report reflects what was actually done, not what was prepared for the report.
When a legal change triggers re-screening, you see which systems are affected and what changed. You manage the re-screening queue, initiate sessions for affected systems, and the new records anchor to the updated legal source — while the original records remain intact.
From initiation to sealed record — every step attributed, every output frozen.
You open the AI system that has been flagged as ready for screening. The technical profile — completed by the AI system owner — is in front of you. You review it, confirm it is complete, and initiate the screening session. From this point, the technical profile is locked.
The Art. 5 review panel opens. You assess each of the seven prohibition categories against the documented system. You assign a state — clear, concern, exemption claimed, or prohibited. If you claim an exemption, you provide the justification. The review is sealed before classification begins.
EAB derives the risk classification from the system profile against Annex I and III criteria. You review the result, the applicable articles, and the obligation derivation. You approve — or you override with justification. Approval seals the screening record. The obligation set activates.
You see the full obligation set for the system — status per article, evidence attached, open gaps. As the team completes obligations and attaches evidence, you review completion and approve. When all obligations are closed, you can generate the compliance record for the system — and hand it to the auditor who will already have read-only access.
When every approval is attributed and every override is logged, the compliance record defends itself — regardless of who asks or when.
EU-hosted · Anchored to CELEX 32024R1689
Tell us about your organization and what you’re looking to address. We’ll follow up with the relevant information.
