Sphere Partners

AI compliance automation done in 30 minutes

Comply AI is a 4-step classification wizard covering Article 5 prohibited practices, Annex I Union harmonisation legislation, Annex III high-risk categories, and GPAI obligations under Articles 51–56. It generates the conformity checklist and downloadable compliance report your legal team would otherwise build by hand.

Request a DemoGet a Quote

The compliance window is closing

Every AI system in your organisation needs to be classified, documented, and – if it's high-risk – assessed. Comply AI does that in a single afternoon.

€35M

Maximum fine under the EU AI Act, or 7% of global turnover, whichever is higher. Article 99 sanctions kick in for high-risk AI deployed without proper documentation.

12 days

Average time a legal team or external consultant spends documenting one AI system from scratch. At €500/day, that's €6,000 per system. Most enterprises have five or more.

August 2026

Full enforcement deadline. Conformity assessments are required before a high-risk system enters service.

The wizard, walked through

Step 1 – System intake.

You describe the AI system in plain language. Comply AI extracts the relevant attributes: input data type, decision domain, affected population, deployment context. No legal jargon required at this stage.

Step 2 – Article 5 screening.

The wizard checks the system against Article 5 prohibited practices – social scoring, real-time biometric ID in public spaces, emotion recognition in workplaces and schools, and the others. If a prohibited use is detected, the wizard stops and explains why.

Step 3 – Annex I and Annex III classification.

For systems that pass Article 5, the wizard runs a two-track mapping. Annex I covers AI systems that are safety components of products already regulated under Union harmonisation legislation – medical devices, machinery, in-vitro diagnostics, toys, lifts, radio equipment, and the rest. Annex III covers the eight standalone high-risk categories – biometrics, critical infrastructure, education, employment, essential services, law enforcement, migration, justice. Risk level is returned with the exact subsection cited from both annexes where they overlap.

Step 4 – Conformity checklist generation.

The wizard generates a tailored checklist of obligations under Articles 9 through 15 – risk management, data governance, technical documentation, record-keeping, transparency, human oversight, accuracy, robustness, cybersecurity. For in-scope models, the GPAI track adds the obligations from Articles 51 through 56. Downloadable as a PDF report ready for board review or regulator submission.

A regulator-ready conformity package, generated automatically

Every report Comply AI produces contains the same structural sections a Notified Body or national supervisory authority would expect to see.

  • System identification and intended purpose with Article 11 alignment
  • Risk classification rationale with cited articles and Annex III subsections
  • Data governance assessment under Article 10
  • Technical documentation outline mapped to Annex IV
  • Human oversight provisions required by Article 14
  • Accuracy, robustness and cybersecurity measures per Article 15
  • Record-keeping configuration for Article 12 compliance
  • Post-market monitoring plan for Articles 72 and 73
  • A gap analysis flagging every obligation not yet met, with priority ranking

Download the EU AI Act Compliance Checklist

Prepare for the new reality of AI use.

Classification is the start, not the finish

A one-off wizard run doesn't keep you compliant. Comply AI maintains a living compliance record for every AI system across your organisation.

System registry

Every AI system your organisation deploys, with its risk classification, owner, and conformity status – in one searchable register.

Change tracking

When an AI system's purpose or data changes, the wizard re-runs automatically and flags whether the classification has shifted.

Audit trail

Every classification, assessment, and report – timestamped, version-controlled, and exportable. Article 12 record-keeping handled by default.

Multi-regulation mapping

The same AI system can be assessed against EU AI Act, NIST AI RMF, and ISO 42001 from one record. Useful for multinationals operating under multiple regimes.

Who runs the wizard, and why

We have 14 AI systems across the bank. Which are high-risk under Annex III?

Comply AI classifies all 14 in one sitting and produces a board-ready summary of obligations and gaps.

Data Protection Officer

Our audit committee meets in three weeks. I need documented evidence we're ready for August 2026.

The wizard generates the conformity package, the gap analysis, and the remediation plan with ownership assigned.

Chief Compliance Officer

Legal needs a defensible record showing we did due diligence on every AI system.

Every wizard run is timestamped, signed, and archived to the immutable audit log. Defensible documentation, generated continuously.

General Counsel

Sphere in Numbers

We understand that actions speak louder than words and numbers but here are some key facts about us.

Get the Right Talent now

0

Years of Excellence

0+

Projects Delivered

0

Countries

Globally diverse, community-focused

0+

Clients

top 20 average 8+ years

Run the wizard on your AI system.

In 30 minutes, a Comply AI specialist will walk one of your live AI systems through the full classification, conformity checklist, and gap analysis.

What can we help you with?

Frequently asked questions.

No. The wizard produces a structured classification and a documented obligation map. Your legal team reviews and signs off – Comply AI gives them a first draft instead of a blank page.
EU AI Act (Regulation 2024/1689) end-to-end, with NIST AI RMF and ISO 42001 mapping available. GPAI obligations under Articles 51 through 56 are covered for in-scope models.
Yes. Comply AI runs a separate GPAI track covering the obligations introduced in Articles 51 through 56 – including systemic-risk model classification under Article 51, technical documentation requirements under Article 53, and the codes of practice referenced in Article 56.
Yes. The Act applies to systems entering service after the deadline, but existing systems also need documentation if they're in scope. The wizard works retroactively.
Yes. Comply AI maintains live alignment with the current consolidated text of the Regulation and with implementing acts as they're published.
Vanta covers SOC 2, ISO 27001, and similar. It does not classify AI systems against the EU AI Act, generate Annex IV technical documentation, or maintain the conformity records the Act requires. Comply AI is purpose-built for that gap.
Yes. The PDF output is structured to match the format Notified Bodies and national supervisory authorities expect.
Comply AI is sold as an add-on to the SphereIQ platform. Reach out for a quote.

Latest from Our Software & Product Blog

How to Choose an AI Software Development Company (And What to Watch Out For)

Not all AI software development companies are equal. Learn what separates firms that truly build with AI from those that just use the word. Includes real questions to ask and red flags to avoid.

Agentic RAG vs Traditional RAG vs ChatGPT

Agentic RAG costs 3-10× more than traditional RAG and adds 2-5× latency. Here's when each approach wins in 2026 — with the numbers Progress and others leave out.

The 12 Best Enterprise RAG Platforms and Tools in 2026

Compare 12 leading enterprise RAG platforms in May 2026 — Glean, SphereIQ, Cohere, Vectara, AWS Bedrock, LangChain, LlamaIndex and more. Pricing, compliance, sovereignty trade-offs.

When to Replace Your SaaS Tools with Custom AI Software (And How to Know It's Time)

SaaS made sense a decade ago. For many businesses today, custom AI-powered software delivers better ROI, faster. Here’s how to know when to make the switch, and how to do it without disrupting your operations.