Understand your AI Act obligations.
Prove compliance.
Keep it aligned as AI evolves.

A practical compliance platform for companies deploying AI in the EU and the consultants who support them. Built around real deployments, not abstract models.

Join 300+ professionals already exploring AI Act compliance with Aigolex

The real AI Act problem

Companies don't know if they are AI providers, deployers, or both.

Obligations depend on how AI is used, not on the model itself.

Documentation becomes outdated as soon as systems or vendors change.

Audits, enterprise customers, and boards expect immediate answers.

AI Act compliance is not a one-time exercise.
It's an operational problem.

Compliance attaches to deployments, not to AI models

That's why the platform mirrors the structure of the AI Act itself

Company

the legal entity ultimately responsible for compliance

Workspaces

distinct operational perimeters where AI is developed, tested, or used

AI assets

the underlying AI systems or models, independent from any single feature

Deployments

how those AI assets are actually used in practice, by whom, and for what purpose

Under the AI Act, obligations, risk classification, and roles attach to deployments not to AI models in isolation. This ensures compliance decisions reflect real-world AI use, not theoretical system descriptions.

Scope

Define where AI exists, how it's used, and who is responsible.

•Maps AI usage across companies and workspaces
•Identifies AI assets and their concrete deployments
•Determines your role under the AI Act (provider, deployer, or both)

Misclassifying your role means misapplying every obligation that follows.

Obligations

Know exactly what the AI Act requires, per deployment.

•Assigns regulatory requirements at the deployment level
•Based on role, risk classification, and usage context
•Generates clear, trackable checklists
•Separates applicable obligations from irrelevant ones

The AI Act is obligation-driven. Guessing is not a strategy.

Evidence

Always-ready documentation to prove compliance.

•Centralizes compliance documentation per workspace and deployment
•Includes system descriptions and risk assessments
•Tracks human oversight measures and monitoring controls

Static documents fail the moment reality changes.

Continuity

Stay compliant as AI systems, vendors, and uses change.

•Monitors changes to AI assets, deployments, and operational perimeters
•Flags when obligations or risk levels must be updated
•Alerts when documentation needs to be refreshed

Most compliance failures happen after the first assessment.

AI Act compliance readiness assessment

Identify your AI Act obligations, classify risk exposure, and uncover compliance gaps — with a guided interactive assessment.

Built for teams that can't ignore regulation

EU-based or EU-operating

Active AI deployments

Exposure to audits

Legal & compliance leaders

Risk & trust teams

Engineering leaders accountable for AI systems

Built by people who've done this before

Experience in legaltech and regulated environments

Built with legal and technical teams

Not Big-4 complexity

Prepare now. Don't scramble later.

AI Act

The risk-based approach of the AI Act

Aigolex Team13 March 2026

Introduction

One of the most innovative aspects of the European regulation on artificial intelligence concerns its regulatory approach.

Instead of applying a single set of rules to all AI systems, the European Union has chosen a model based on the level of risk associated with each application.

This approach was introduced in the Artificial Intelligence Act to ensure that the obligations provided by the regulation are proportionate to the potential impact of artificial intelligence systems.

The four risk categories

The regulation distinguishes four main risk levels.

The first level concerns systems considered to be at unacceptable risk, which are prohibited because they are incompatible with fundamental rights.

The second level includes high-risk systems, which can be used but must comply with very strict requirements.

There is also a category of limited-risk systems, for which lighter obligations are provided, often related to transparency.

Finally, we find minimal-risk systems, which represent the majority of AI applications currently in use and which are not subject to specific obligations.

Why this model is important

The risk-based approach makes it possible to avoid excessive regulation for applications with limited impacts.

At the same time, it allows for the introduction of stricter controls for systems that can influence important decisions in people's lives.

This balance between innovation and protection represents one of the fundamental principles of the European regulation.

Conclusion

Understanding which risk category an AI system falls into is one of the most important steps in assessing the compliance obligations provided by the regulation.

For many organizations, this classification phase represents the first concrete step in the process of adapting to the AI Act.

Understand your AI Act obligations.Prove compliance.Keep it aligned as AI evolves.