EU AI Act compliance pack

Module version 2.0 · Released 15 May 2026

The EU AI Act (Regulation (EU) 2024/1689) entered into force on 1 August 2024. Different obligations land on different dates — some are already enforceable; the full high-risk-system regime applies from 2 August 2026. The QENEX Pulse EU AI Act compliance pack produces the signed, regulator-grade evidence trail you need without the manual lift.

What it covers

Full statute coverage, not a marketing skim

Article 5 (prohibited practices) — self-check on each declared AI system; halts deployment if a prohibited use is flagged.
Article 6 + Annex III (high-risk classification) — automatic risk-tier assignment (prohibited / high-risk / GPAI / limited / minimal) with reasoning attached to every record.
Articles 9–15 (high-risk obligations) — conformity log covering risk management, data governance, technical documentation, record-keeping, transparency, human oversight, and accuracy / robustness / cybersecurity.
Article 50 (transparency obligations) — ready-to-use disclosure text for interaction notices, synthetic content labelling, emotion / biometric categorisation, and deep-fake content.
Articles 51–55 (general-purpose AI) — GPAI-model obligations tagged on systems that use foundation models.
Articles 72–73 (post-market monitoring) — structured incident log with automatic 15-day serious-incident notification SLA tracking.

How it works

Declare your AI systems once; we produce the evidence forever

You declare each AI system in your stack — whether it’s a third-party API (OpenAI, Anthropic, Google), a self-hosted model, an on-prem deployment, or our own QENEX-hosted inference. For each system Pulse records the purpose, deployment context, role in the value chain, Annex III categories, and the seven Chapter III obligation evidence URLs.

From that single declaration, Pulse generates — per period, per system —:

A risk classification with reasoning, cited to the specific statute articles.
A signed conformity log enumerating each Chapter III obligation, with present-vs-missing evidence flagged.
The exact transparency-notice text you need to surface to your users under Article 50.
A post-market event log with the 15-day Article 73 deadline computed automatically for serious incidents.

Every output is signed with the QENEX Ed25519 key, time-stamped against 12 independent EU + US Qualified Trust Service Providers (RFC 3161), and anchored to the Bitcoin blockchain via OpenTimestamps. The Apache-2.0 verifier lets your auditor verify any artifact independently — no QENEX cooperation needed.

Who it’s for

Any business building, deploying, or selling AI in or into the EU

SaaS companies using third-party AI APIs in customer-facing features.
AI vendors building product on top of foundation models.
Operators of high-risk systems in the eight Annex III categories (biometrics, critical infrastructure, education, employment, essential services, law enforcement, migration, justice).
Customers whose enterprise buyers ask “what’s your AI Act position?” on every procurement form.

Pricing

Bundled in the QENEX Pulse Compliance tier — no add-on charge

The EU AI Act compliance pack is one of 67 capabilities bundled into the Compliance tier at £699/month. There is no separate per-AI-system licence and no usage cap. The full tier comparison lists every capability across Starter / Business / Compliance.

Verifiability

An auditor can verify any output without trusting QENEX

Every signed record carries: the SHA-256 of its payload; the Ed25519 signature; 12 independent RFC 3161 timestamps from EU and US Trust Service Providers (Certum SA, Belgian FPS, Estonia SK ID Solutions, Spain ACCV, GlobalSign, DFN-PKI, DigiCert, Apple, Sectigo, SSL.com, plus the QENEX TSA and freetsa); an OpenTimestamps proof anchoring the artifact to the Bitcoin blockchain; and a JSON-LD copyright attestation tying it to QENEX LTD (UK Companies House 16523814, ICO ZC051598).

The verifier is published under the Apache-2.0 licence so the verification process survives QENEX itself. Even if the company ceased to exist tomorrow, every QENEX-signed AI Act record would remain independently verifiable using only openssl, a Bitcoin full node, and the verifier’s 200 lines of Python.

Getting started

10 minutes to declare your first AI system

Existing Compliance-tier customers can declare their first AI system from the onboarding wizard at https://pulse.qenex.ai. The wizard walks you through the Article 5 self-check, Annex III categorisation, and the seven Chapter III evidence URLs. From declaration onward, every monthly compliance brief includes the EU AI Act compliance pack for that system.

Not yet a customer? See pricing or reach ceo@qenex.ai for a 30-minute walk-through.

Not legal advice. The QENEX Pulse EU AI Act compliance pack produces signed evidence that supports your AI Act compliance programme. It does not substitute for legal counsel on the classification of your specific AI systems, the application of sector-specific obligations, or the conduct of fundamental rights impact assessments. Speak to a qualified solicitor licensed in your jurisdiction for matters that require legal advice.

QENEX LTD · UK Companies House 16523814 · ICO ZC051598 · D-U-N-S 233897975 · Registered office 20-22 Wenlock Road, London N1 7GU, United Kingdom