Regulation (EU) 2024/1689 — the first comprehensive AI regulation in the world. It establishes a risk-based classification system for AI and mandates that high-risk AI systems meet strict requirements for risk management, data governance, transparency, human oversight, and cybersecurity.
Organizations deploying AI systems in the EU or serving EU users. This includes any company with EU customers whose products use AI for decision-making, content generation, or autonomous operations.
| Framework criterion | Brigs control(s) |
|---|---|
| Article 9 — Risk Management System | AGENT_CASCADING_FAILURESAGENT_CONTEXT_POISONING |
| Article 10 — Data & Data Governance | AGENT_DATA_EGRESSNO_PUBLIC_STORAGE |
| Article 11 — Technical Documentation | AGENT_AUDIT_LOGGING |
| Article 12 — Record-Keeping | AGENT_AUDIT_LOGGING |
| Article 14 — Human Oversight | AGENT_ACTION_GATINGAGENT_PR_GATE |
| Article 15 — Accuracy & Cybersecurity | DEPENDENCY_CVE_HYGIENEDEP_SUPPLY_CHAIN |
The EU AI Act entered into force in August 2024. Prohibited AI practices are enforced from February 2025. High-risk AI systems must comply by August 2026. Organizations should start preparing now to meet the deadline.
Brigs maps its agent governance controls to key EU AI Act articles — including risk management (Art. 9), data governance (Art. 10), documentation (Art. 11), record-keeping (Art. 12), human oversight (Art. 14), and cybersecurity (Art. 15). It generates evidence you can present to auditors.
Brigs maps controls for data egress, audit logging, human oversight (action gating and PR gates), dependency hygiene, and supply chain security to the relevant EU AI Act articles. This provides a concrete, auditable controls layer for high-risk AI compliance.
Connect your repositories and get automated EU AI Act control evaluation in minutes.
Get Started Free