Sphere wins 2026 Global Recognition Award
Sphere Partners
Comply AI
EU AI ActSystem classificationAnnex IIIGPAI obligationsAudit trail

Classify AI systems and generate compliance evidence in one guided flow.

Comply AI helps teams classify AI systems against EU AI Act risk categories, generate conformity checklists, and maintain a living compliance record across the organisation.

Comply AI Classification Wizard
Report ready
Intake
Article 5
Annex Mapping
Checklist
System purposeParsed
Decision domainEmployment
Affected populationApplicants
Data typePersonal
High-riskAnnex III mapping found. Conformity obligations and documentation gaps generated.
Classification rationaleReady
Article 10 data governanceMapped
Annex IV documentationDrafted
Human oversightFlagged
Gap analysisRanked
30 minGuided classification walkthrough
4 stepsIntake through checklist generation
PDFDownloadable compliance report
€35M / 7%Maximum fine for prohibited practices under Article 99
12 days → 30 minManual documentation effort vs wizard-assisted classification
EU AI Act + NIST + ISOMulti-framework mapping from one system record
Living registryClassification, owner, evidence, and audit trail in one place
Why this matters now

The compliance window is closing.

Every AI system needs to be identified, classified, documented, and monitored. For high-risk systems, teams also need conformity evidence, human oversight, record-keeping, and a defensible gap analysis.

01

Classification is unclear

Teams need to know whether a system is prohibited, high-risk, limited risk, or subject to GPAI obligations.

Learn more →
02

Documentation is manual

Legal and compliance teams spend days turning scattered system details into reviewable evidence.

Learn more →
03

Records go stale

AI systems change over time. Purpose, data, model, and deployment updates can shift compliance obligations.

Learn more →
04

Leadership needs proof

Audit committees and regulators need structured evidence, not scattered notes and disconnected spreadsheets.

Learn more →
The wizard, walked through

Four steps from system description to compliance checklist.

The goal is to turn the first pass of AI compliance work into a guided flow that legal, compliance, and system owners can review together.

Step 1

System intake

Describe the AI system in plain language. Comply AI extracts the relevant attributes: data type, decision domain, affected users, and deployment context.

No legal jargon required at intake.
Step 2

Article 5 screening

Screen against prohibited practices such as social scoring, certain biometric use cases, and other unacceptable-risk categories.

Stops and explains prohibited use cases.
Step 3

Annex I + Annex III mapping

Map product-safety legislation and standalone high-risk categories, then cite the relevant overlap where applicable.

Returns risk level with cited subsections.
Step 4

Conformity checklist

Generate obligations for risk management, data governance, documentation, record-keeping, transparency, oversight, robustness, and cybersecurity.

Downloadable report for review.
Product walkthrough

From intake to audit-ready evidence.

Comply AI gives legal, compliance, and system owners a guided way to classify AI systems, understand obligations, document gaps, and maintain proof over time.

System intake and extracted attributes

Capture the intended purpose, affected users, data types, system owner, deployment context, and decision domain in one structured record.

Risk classification with cited rationale

Show the risk level, supporting EU AI Act references, Article 5 screening result, Annex mapping, and plain-language explanation.

Conformity checklist and gap analysis

Turn classification into a prioritized action plan covering obligations, open gaps, evidence needs, owners, and next steps.

Living registry and audit trail

Maintain a searchable record of every AI system, classification status, owner, last review date, documentation package, and audit history.

Regulator-ready package

Generate the evidence legal teams would otherwise assemble by hand.

Every report gives legal and compliance teams a structured first draft: classification rationale, obligations, gaps, owners, and evidence trail.

What the report contains

Comply AI produces the structural sections a national supervisory authority, Notified Body, audit committee, or legal team would expect to review.

  • System identification and intended purpose
  • Risk classification rationale with cited articles
  • Data governance assessment under Article 10
  • Technical documentation outline mapped to Annex IV
  • Human oversight and record-keeping requirements

What happens next

The report is not the finish line. It gives teams a prioritized action plan for closing compliance gaps and maintaining records as the system changes.

  • Accuracy, robustness, and cybersecurity obligations
  • Post-market monitoring plan
  • Gap analysis with priority ranking
  • PDF export for internal or external review
  • Legal team review and sign-off workflow
SystemRiskStatus
Hiring assistantHighGaps open
Customer chatbotLimitedDisclosure ready
Invoice classifierLowLogged
Internal copilotGPAIMapped
Classification is the start

Maintain a living compliance record for every AI system.

A one-time wizard run is useful. A living registry is what keeps compliance work current as systems, data, purpose, and regulations change.

System registry

Every AI system, risk classification, owner, and conformity status in one searchable register.

Change tracking

When purpose, data, or deployment context changes, the system can be reclassified and the record updated.

Audit trail

Every classification, assessment, report, and version is timestamped and exportable.

Multi-regulation mapping

Map the same system against EU AI Act, NIST AI RMF, and ISO 42001 from one record.

Who runs the wizard

Different leaders need different proof.

Comply AI gives each stakeholder a clear path from system review to documentation, evidence, and oversight.

Data Protection Officer

"Which of our AI systems are high-risk?"

Classify multiple systems in one sitting and generate a board-ready summary of obligations and gaps.

Output: AI system inventory and classification summary.
Chief Compliance Officer

"Our audit committee meets in three weeks."

Generate conformity packages, gap analyses, remediation plans, and owner assignments before the meeting.

Output: compliance package and remediation plan.
General Counsel

"We need evidence of due diligence."

Maintain timestamped, signed, archived wizard runs that create a defensible record of AI system review.

Output: signed audit trail and exportable reports.
Choose your starting point

Start with one AI system, then scale into a full registry.

Start with one system, review the classification package, and expand into a managed compliance record when the workflow is ready.

Fastest

Live wizard walkthrough

Run one live AI system through classification, checklist generation, and gap analysis with a Comply AI specialist.

30 minutesOne system
Book walkthrough
Most useful

AI system inventory review

Classify a portfolio of AI systems and identify which systems need high-risk documentation or remediation.

Portfolio viewBoard summary
Start inventory
Platform

SphereIQ Comply AI rollout

Implement the living registry, audit trail, multi-framework mapping, and ongoing governance workflow.

Platform rolloutOngoing compliance
Discuss rollout

Sphere in Numbers

We understand that actions speak louder than words and numbers but here are some key facts about us.

Get the Right Talent now

0

Years of Excellence

0+

Projects Delivered

0

Countries

Globally diverse, community-focused

0+

Clients

top 20 average 8+ years

Run the wizard on your AI system.

In 30 minutes, a Comply AI specialist will walk one of your live AI systems through the full classification, conformity checklist, and gap analysis.

What can we help you with?

Comply AI, explained plainly.

No. The wizard produces a structured classification and a documented obligation map. Your legal team reviews and signs off — Comply AI gives them a first draft instead of a blank page.
EU AI Act (Regulation 2024/1689) end-to-end, with NIST AI RMF and ISO 42001 mapping available. GPAI obligations under Articles 51 through 56 are covered for in-scope models.
Yes. Comply AI runs a separate GPAI track covering the obligations introduced in Articles 51 through 56, including systemic-risk model classification and technical documentation requirements where applicable.
Yes. The wizard can be used retroactively to classify deployed systems, generate documentation, and create a record of review.
Traditional GRC platforms cover broad compliance programs. Comply AI is purpose-built to classify AI systems, map AI-specific obligations, generate conformity documentation, and maintain AI system records.

Latest from Our Software & Product Blog